From d2ed4815da82bdb809d3df4be4ae81bd103f747d Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 17 Jul 2020 16:11:30 +0200 Subject: [PATCH 01/55] Split persistence and key id validation With key usage based on key identifiers and not key handles (openless APIs), volatile keys will also have a key identifier. Thus, isolate key identifier validation from key persistence validation to clarify that key identifiers are not specific to persistent keys. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 15 +++++++- library/psa_crypto_slot_management.c | 56 +++++++++++----------------- library/psa_crypto_slot_management.h | 23 ++++++++---- 3 files changed, 49 insertions(+), 45 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ab4e47ab0d75..36dcd3fca2b3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1776,17 +1776,28 @@ static psa_status_t psa_validate_key_attributes( psa_se_drv_table_entry_t **p_drv ) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; + psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes ); status = psa_validate_key_location( psa_get_key_lifetime( attributes ), p_drv ); if( status != PSA_SUCCESS ) return( status ); - status = psa_validate_key_persistence( psa_get_key_lifetime( attributes ), - psa_get_key_id( attributes ) ); + status = psa_validate_key_persistence( lifetime ); if( status != PSA_SUCCESS ) return( status ); + /* Validate the key identifier only in the case of a persistent key. */ + if ( ! PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) + { + status = psa_validate_key_id( + psa_get_key_id( attributes ), + psa_key_lifetime_is_external( lifetime ) ); + + if( status != PSA_SUCCESS ) + return( status ); + } + status = psa_validate_key_policy( &attributes->core.policy ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 5140772e0446..4f651d9851b0 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -51,6 +51,22 @@ typedef struct static psa_global_data_t global_data; +psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ) +{ + psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); + + if( ( PSA_KEY_ID_USER_MIN <= key_id ) && + ( key_id <= PSA_KEY_ID_USER_MAX ) ) + return( PSA_SUCCESS ); + + if( vendor_ok && + ( PSA_KEY_ID_VENDOR_MIN <= key_id ) && + ( key_id <= PSA_KEY_ID_VENDOR_MAX ) ) + return( PSA_SUCCESS ); + + return( PSA_ERROR_INVALID_ARGUMENT ); +} + /* Access a key slot at the given handle. The handle of a key slot is * the index of the slot in the global slot array, plus one so that handles * start at 1 and not 0. */ @@ -150,31 +166,6 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *slot ) psa_free_persistent_key_data( key_data, key_data_length ); return( status ); } - -/** Check whether a key identifier is acceptable. - * - * For backward compatibility, key identifiers that were valid in a - * past released version must remain valid, unless a migration path - * is provided. - * - * \param key The key identifier to check. - * \param vendor_ok Nonzero to allow key ids in the vendor range. - * 0 to allow only key ids in the application range. - * - * \return 1 if \p key is acceptable, otherwise 0. - */ -static int psa_is_key_id_valid( mbedtls_svc_key_id_t key, int vendor_ok ) -{ - psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); - if( PSA_KEY_ID_USER_MIN <= key_id && key_id <= PSA_KEY_ID_USER_MAX ) - return( 1 ); - else if( vendor_ok && - PSA_KEY_ID_VENDOR_MIN <= key_id && - key_id <= PSA_KEY_ID_VENDOR_MAX ) - return( 1 ); - else - return( 0 ); -} #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, @@ -202,8 +193,7 @@ psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, return( PSA_SUCCESS ); } -psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime, - mbedtls_svc_key_id_t key ) +psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ) { if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) { @@ -214,13 +204,8 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime, { /* Persistent keys require storage support */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( psa_is_key_id_valid( key, - psa_key_lifetime_is_external( lifetime ) ) ) - return( PSA_SUCCESS ); - else - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_SUCCESS ); #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ - (void) key; return( PSA_ERROR_NOT_SUPPORTED ); #endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ } @@ -234,8 +219,9 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) *handle = 0; - if( ! psa_is_key_id_valid( key, 1 ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_validate_key_id( key, 1 ); + if( status != PSA_SUCCESS ) + return( status ); status = psa_get_empty_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index c6fecbb7aeef..6c2e549605d1 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -108,18 +108,25 @@ static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime ) psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, psa_se_drv_table_entry_t **p_drv ); -/** Validate that a key's persistence attributes are valid. - * - * This function checks whether a key's declared persistence level and key ID - * attributes are valid and known to the PSA Core in its actual configuration. +/** Validate the persistence of a key. * * \param[in] lifetime The key lifetime attribute. - * \param[in] key The key identifier. * * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INVALID_ARGUMENT The key is persistent but persistent + * keys are not supported. + */ +psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ); + +/** Validate a key identifier. + * + * \param[in] key The key identifier. + * \param[in] vendor_ok Non-zero to indicate that key identifiers in the + * vendor range are allowed, \c 0 otherwise. + * + * \retval #PSA_SUCCESS The identifier is valid. + * \retval #PSA_ERROR_INVALID_ARGUMENT The key identifier is not valid. */ -psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime, - mbedtls_svc_key_id_t key ); +psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ); #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ From 2a99315cc570ef37785fb2c77a10fc050bdb4af9 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 17 Jul 2020 14:13:26 +0200 Subject: [PATCH 02/55] Add volatile key identifiers Volatile key identifiers are introduced in PSA Crypto API v1.0.0. They are returned by the APIs when importing or generating or deriving a volatile key. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 3 ++- library/psa_crypto_slot_management.c | 10 ++++++++-- library/psa_crypto_slot_management.h | 26 +++++++++++++++++++++++--- 3 files changed, 33 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 36dcd3fca2b3..c813ca38223b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1851,6 +1851,7 @@ static psa_status_t psa_start_key_creation( psa_se_drv_table_entry_t **p_drv ) { psa_status_t status; + psa_key_id_t volatile_key_id; psa_key_slot_t *slot; (void) method; @@ -1860,7 +1861,7 @@ static psa_status_t psa_start_key_creation( if( status != PSA_SUCCESS ) return( status ); - status = psa_get_empty_key_slot( handle, p_slot ); + status = psa_get_empty_key_slot( handle, &volatile_key_id, p_slot ); if( status != PSA_SUCCESS ) return( status ); slot = *p_slot; diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 4f651d9851b0..43282b448e1a 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -114,7 +114,8 @@ void psa_wipe_all_key_slots( void ) } psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle, - psa_key_slot_t **p_slot ) + psa_key_id_t *volatile_key_id, + psa_key_slot_t **p_slot ) { if( ! global_data.key_slots_initialized ) return( PSA_ERROR_BAD_STATE ); @@ -123,7 +124,11 @@ psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle, { *p_slot = &global_data.key_slots[*handle - 1]; if( ! psa_is_key_slot_occupied( *p_slot ) ) + { + *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + ( *handle ) - 1; + return( PSA_SUCCESS ); + } } *p_slot = NULL; return( PSA_ERROR_INSUFFICIENT_MEMORY ); @@ -215,6 +220,7 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_status_t status; + psa_key_id_t volatile_key_id; psa_key_slot_t *slot; *handle = 0; @@ -223,7 +229,7 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) if( status != PSA_SUCCESS ) return( status ); - status = psa_get_empty_key_slot( handle, &slot ); + status = psa_get_empty_key_slot( handle, &volatile_key_id, &slot ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 6c2e549605d1..d649f53a7ce2 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -28,6 +28,23 @@ * The value is a compile-time constant for now, for simplicity. */ #define PSA_KEY_SLOT_COUNT 32 +/** Range of volatile key identifiers. + * + * The last PSA_KEY_SLOT_COUNT identifiers of the implementation range + * of key identifiers are reserved for volatile key identifiers. + * A volatile key identifier is equal to PSA_KEY_ID_VOLATILE_MIN plus the + * index of the key slot containing the volatile key definition. + */ + +/** The minimum value for a volatile key identifier. + */ +#define PSA_KEY_ID_VOLATILE_MIN ( PSA_KEY_ID_VENDOR_MAX - \ + PSA_KEY_SLOT_COUNT + 1 ) + +/** The maximum value for a volatile key identifier. + */ +#define PSA_KEY_ID_VOLATILE_MAX PSA_KEY_ID_VENDOR_MAX + /** Access a key slot at the given handle. * * \param handle Key handle to query. @@ -62,15 +79,18 @@ void psa_wipe_all_key_slots( void ); * This function returns a key slot that is available for use and is in its * ground state (all-bits-zero). * - * \param[out] handle On success, a slot number that can be used as a - * handle to the slot. - * \param[out] p_slot On success, a pointer to the slot. + * \param[out] handle On success, a slot number that can be used + * as a handle to the slot. + * \param[out] volatile_key_id On success, volatile key identifier + * associated to the returned slot. + * \param[out] p_slot On success, a pointer to the slot. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle, + psa_key_id_t *volatile_key_id, psa_key_slot_t **p_slot ); /** Test whether a lifetime designates a key in an external cryptoprocessor. From 98a54ddbd69c3ad8c99889700737f380169e534b Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 24 Jul 2020 16:33:11 +0200 Subject: [PATCH 03/55] psa: slot mgmt: Don't use handles to loop through slot array Signed-off-by: Ronald Cron --- library/psa_crypto_slot_management.c | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 43282b448e1a..060606e43e0e 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -104,10 +104,11 @@ psa_status_t psa_initialize_key_slots( void ) void psa_wipe_all_key_slots( void ) { - psa_key_handle_t key; - for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) + size_t slot_idx; + + for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ ) { - psa_key_slot_t *slot = &global_data.key_slots[key - 1]; + psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; (void) psa_wipe_key_slot( slot ); } global_data.key_slots_initialized = 0; @@ -117,15 +118,19 @@ psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle, psa_key_id_t *volatile_key_id, psa_key_slot_t **p_slot ) { + size_t slot_idx; + if( ! global_data.key_slots_initialized ) return( PSA_ERROR_BAD_STATE ); - for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) ) + for( slot_idx = PSA_KEY_SLOT_COUNT; slot_idx > 0; slot_idx-- ) { - *p_slot = &global_data.key_slots[*handle - 1]; + *p_slot = &global_data.key_slots[ slot_idx - 1 ]; if( ! psa_is_key_slot_occupied( *p_slot ) ) { - *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + ( *handle ) - 1; + *handle = (psa_key_handle_t)slot_idx; + *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + + ( (psa_key_id_t)slot_idx ) - 1; return( PSA_SUCCESS ); } @@ -268,11 +273,13 @@ psa_status_t psa_close_key( psa_key_handle_t handle ) void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) { - psa_key_handle_t key; + size_t slot_idx; + memset( stats, 0, sizeof( *stats ) ); - for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) + + for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ ) { - const psa_key_slot_t *slot = &global_data.key_slots[key - 1]; + const psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; if( ! psa_is_key_slot_occupied( slot ) ) { ++stats->empty_slots; From 91e951542494d2a389ba2fad6df102ee90ec7c0d Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 30 Jul 2020 17:48:03 +0200 Subject: [PATCH 04/55] Introduce PSA_KEY_HANDLE_INIT macro Signed-off-by: Ronald Cron --- include/mbedtls/ssl_internal.h | 2 +- include/psa/crypto_platform.h | 1 + library/pk_wrap.c | 2 +- library/psa_crypto.c | 10 +- library/psa_crypto_slot_management.c | 4 +- library/ssl_cli.c | 2 +- library/ssl_tls.c | 6 +- programs/psa/crypto_examples.c | 6 +- programs/psa/key_ladder_demo.c | 16 +-- programs/ssl/ssl_client2.c | 4 +- programs/ssl/ssl_server2.c | 2 +- tests/suites/test_suite_pk.function | 2 +- tests/suites/test_suite_psa_crypto.function | 135 +++++++++--------- ..._suite_psa_crypto_driver_wrappers.function | 17 ++- ...t_suite_psa_crypto_persistent_key.function | 8 +- ...st_suite_psa_crypto_se_driver_hal.function | 32 ++--- ...te_psa_crypto_se_driver_hal_mocks.function | 12 +- ..._suite_psa_crypto_slot_management.function | 23 +-- tests/suites/test_suite_x509write.function | 2 +- 19 files changed, 145 insertions(+), 141 deletions(-) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 1dc9648b0471..30be67665ff9 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -1070,7 +1070,7 @@ static inline psa_key_handle_t mbedtls_ssl_get_opaque_psk( if( ssl->conf->psk_opaque != 0 ) return( ssl->conf->psk_opaque ); - return( 0 ); + return( PSA_KEY_HANDLE_INIT ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index c64f61d58c76..6ada32477290 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -51,6 +51,7 @@ /* Integral type representing a key handle. */ typedef uint16_t psa_key_handle_t; +#define PSA_KEY_HANDLE_INIT ( (psa_key_handle_t)0 ) #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 903c53b9df89..a40734b278d6 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -543,7 +543,7 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, mbedtls_ecdsa_context *ctx = ctx_arg; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t key_handle = 0; + psa_key_handle_t key_handle = PSA_KEY_HANDLE_INIT; psa_status_t status; mbedtls_pk_context key; int key_len; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c813ca38223b..85d9df404be4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2185,7 +2185,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) { psa_fail_key_creation( slot, driver ); - *handle = 0; + *handle = PSA_KEY_HANDLE_INIT; } return( status ); } @@ -2197,7 +2197,7 @@ psa_status_t mbedtls_psa_register_se_key( psa_status_t status; psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; /* Leaving attributes unspecified is not currently supported. * It could make sense to query the key type and size from the @@ -2290,7 +2290,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, if( status != PSA_SUCCESS ) { psa_fail_key_creation( target_slot, driver ); - *target_handle = 0; + *target_handle = PSA_KEY_HANDLE_INIT; } return( status ); } @@ -5390,7 +5390,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut if( status != PSA_SUCCESS ) { psa_fail_key_creation( slot, driver ); - *handle = 0; + *handle = PSA_KEY_HANDLE_INIT; } return( status ); } @@ -6232,7 +6232,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) { psa_fail_key_creation( slot, driver ); - *handle = 0; + *handle = PSA_KEY_HANDLE_INIT; } return( status ); } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 060606e43e0e..dacd7f69f300 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -245,13 +245,13 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) if( status != PSA_SUCCESS ) { psa_wipe_key_slot( slot ); - *handle = 0; + *handle = PSA_KEY_HANDLE_INIT; } return( status ); #else /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ (void) key; - *handle = 0; + *handle = PSA_KEY_HANDLE_INIT; return( PSA_ERROR_NOT_SUPPORTED ); #endif /* !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ } diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 76be8ab07b18..9494c65da9e9 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3802,7 +3802,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) status = psa_destroy_key( handshake->ecdh_psa_privkey ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - handshake->ecdh_psa_privkey = 0; + handshake->ecdh_psa_privkey = PSA_KEY_HANDLE_INIT; } else #endif /* MBEDTLS_USE_PSA_CRYPTO && diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 7cb5b8ccf748..6144851b6edf 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -507,7 +507,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, { psa_status_t status; psa_algorithm_t alg; - psa_key_handle_t master_slot = 0; + psa_key_handle_t master_slot = PSA_KEY_HANDLE_INIT; psa_key_derivation_operation_t derivation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -4348,7 +4348,7 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) { /* The maintenance of the PSK key slot is the * user's responsibility. */ - conf->psk_opaque = 0; + conf->psk_opaque = PSA_KEY_HANDLE_INIT; } /* This and the following branch should never * be taken simultaenously as we maintain the @@ -4434,7 +4434,7 @@ static void ssl_remove_psk( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_USE_PSA_CRYPTO) if( ssl->handshake->psk_opaque != 0 ) { - ssl->handshake->psk_opaque = 0; + ssl->handshake->psk_opaque = PSA_KEY_HANDLE_INIT; } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 15aabf946257..86ceecce1eec 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -165,7 +165,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t key_handle = 0; + psa_key_handle_t key_handle = PSA_KEY_HANDLE_INIT; size_t output_len = 0; uint8_t iv[block_size]; uint8_t input[block_size]; @@ -215,7 +215,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t key_handle = 0; + psa_key_handle_t key_handle = PSA_KEY_HANDLE_INIT; size_t output_len = 0; uint8_t iv[block_size], input[input_size], encrypt[input_size + block_size], decrypt[input_size + block_size]; @@ -262,7 +262,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t key_handle = 0; + psa_key_handle_t key_handle = PSA_KEY_HANDLE_INIT; size_t output_len = 0; uint8_t iv[block_size], input[input_size], encrypt[input_size], decrypt[input_size]; diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index a3628f031ee7..456d8d64525e 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -197,7 +197,7 @@ static psa_status_t save_key( psa_key_handle_t key_handle, static psa_status_t generate( const char *key_file_name ) { psa_status_t status = PSA_SUCCESS; - psa_key_handle_t key_handle = 0; + psa_key_handle_t key_handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_set_key_usage_flags( &attributes, @@ -232,7 +232,7 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, FILE *key_file = NULL; unsigned char extra_byte; - *master_key_handle = 0; + *master_key_handle = PSA_KEY_HANDLE_INIT; SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL ); SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ), @@ -262,7 +262,7 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, * *master_key_handle is 0. psa_destroy_key(0) is guaranteed to do * nothing and return PSA_ERROR_INVALID_HANDLE. */ (void) psa_destroy_key( *master_key_handle ); - *master_key_handle = 0; + *master_key_handle = PSA_KEY_HANDLE_INIT; } return( status ); } @@ -304,7 +304,7 @@ static psa_status_t derive_key_ladder( const char *ladder[], /* When the parent key is not the master key, destroy it, * since it is no longer needed. */ PSA_CHECK( psa_close_key( *key_handle ) ); - *key_handle = 0; + *key_handle = PSA_KEY_HANDLE_INIT; /* Derive the next intermediate key from the parent key. */ PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, key_handle ) ); @@ -316,7 +316,7 @@ static psa_status_t derive_key_ladder( const char *ladder[], if( status != PSA_SUCCESS ) { psa_close_key( *key_handle ); - *key_handle = 0; + *key_handle = PSA_KEY_HANDLE_INIT; } return( status ); } @@ -330,7 +330,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - *wrapping_key_handle = 0; + *wrapping_key_handle = PSA_KEY_HANDLE_INIT; /* Set up a key derivation operation from the key derived from * the master key. */ @@ -527,8 +527,8 @@ static psa_status_t run( enum program_mode mode, const char *output_file_name ) { psa_status_t status = PSA_SUCCESS; - psa_key_handle_t derivation_key_handle = 0; - psa_key_handle_t wrapping_key_handle = 0; + psa_key_handle_t derivation_key_handle = PSA_KEY_HANDLE_INIT; + psa_key_handle_t wrapping_key_handle = PSA_KEY_HANDLE_INIT; /* Initialize the PSA crypto library. */ PSA_CHECK( psa_crypto_init( ) ); diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 54cdd7d32a65..16bd619523df 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1207,7 +1207,7 @@ int main( int argc, char *argv[] ) const char *pers = "ssl_client2"; #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t slot = 0; + psa_key_handle_t slot = PSA_KEY_HANDLE_INIT; psa_algorithm_t alg = 0; psa_key_attributes_t key_attributes; psa_status_t status; @@ -1232,7 +1232,7 @@ int main( int argc, char *argv[] ) mbedtls_x509_crt clicert; mbedtls_pk_context pkey; #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t key_slot = 0; /* invalid key slot */ + psa_key_handle_t key_slot = PSA_KEY_HANDLE_INIT; /* invalid key slot */ #endif #endif char *p, *q; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index ec3d6ade5823..c11b0819d38b 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1795,7 +1795,7 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_algorithm_t alg = 0; - psa_key_handle_t psk_slot = 0; + psa_key_handle_t psk_slot = PSA_KEY_HANDLE_INIT; #endif /* MBEDTLS_USE_PSA_CRYPTO */ unsigned char psk[MBEDTLS_PSK_MAX_LEN]; size_t psk_len = 0; diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index c6041b249fab..22bf0e707465 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -151,7 +151,7 @@ void pk_psa_utils( ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, 0 ) == + TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, PSA_KEY_HANDLE_INIT ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); mbedtls_pk_free( &pk ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index fc563cb15d8c..3c4d7c82571d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -298,7 +298,7 @@ int exercise_mac_setup( psa_key_type_t key_type, psa_mac_operation_t *operation, psa_status_t *status ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); @@ -333,7 +333,7 @@ int exercise_cipher_setup( psa_key_type_t key_type, psa_cipher_operation_t *operation, psa_status_t *status ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); @@ -1452,7 +1452,7 @@ void import_with_policy( int type_arg, { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t type = type_arg; psa_key_usage_t usage = usage_arg; psa_algorithm_t alg = alg_arg; @@ -1496,7 +1496,7 @@ void import_with_data( data_t *data, int type_arg, { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t type = type_arg; size_t attr_bits = attr_bits_arg; psa_status_t expected_status = expected_status_arg; @@ -1536,7 +1536,7 @@ void import_large_key( int type_arg, int byte_size_arg, size_t byte_size = byte_size_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_status_t status; uint8_t *buffer = NULL; size_t buffer_size = byte_size + 1; @@ -1580,7 +1580,7 @@ exit: /* BEGIN_CASE */ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; size_t bits = bits_arg; psa_status_t expected_status = expected_status_arg; psa_status_t status; @@ -1624,7 +1624,7 @@ void import_export( data_t *data, int expected_export_status_arg, int canonical_input ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_export_status = expected_export_status_arg; @@ -1717,7 +1717,7 @@ void import_export_public_key( data_t *data, int expected_export_status_arg, data_t *expected_public_key ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_export_status = expected_export_status_arg; @@ -1768,7 +1768,7 @@ void import_and_exercise_key( data_t *data, int bits_arg, int alg_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t type = type_arg; size_t bits = bits_arg; psa_algorithm_t alg = alg_arg; @@ -1810,7 +1810,7 @@ void effective_key_attributes( int type_arg, int expected_type_arg, int usage_arg, int expected_usage_arg, int alg_arg, int expected_alg_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = type_arg; psa_key_type_t expected_key_type = expected_type_arg; size_t bits = bits_arg; @@ -1896,7 +1896,7 @@ void mac_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; psa_status_t status; @@ -1941,7 +1941,7 @@ void cipher_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_status_t status; @@ -1986,7 +1986,7 @@ void aead_key_policy( int policy_usage, int tag_length_arg, int exercise_alg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; unsigned char nonce[16] = {0}; @@ -2045,7 +2045,7 @@ void asymmetric_encryption_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; size_t key_bits; @@ -2108,7 +2108,7 @@ void asymmetric_signature_key_policy( int policy_usage, int exercise_alg, int payload_length_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; @@ -2161,7 +2161,7 @@ void derive_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; @@ -2211,7 +2211,7 @@ void agreement_key_policy( int policy_usage, int exercise_alg, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -2243,7 +2243,7 @@ exit: void key_policy_alg2( int key_type_arg, data_t *key_data, int usage_arg, int alg_arg, int alg2_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -2284,7 +2284,7 @@ void raw_agreement_key_policy( int policy_usage, int exercise_alg, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -2326,8 +2326,8 @@ void copy_success( int source_usage_arg, psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; psa_algorithm_t expected_alg2 = expected_alg2_arg; - psa_key_handle_t source_handle = 0; - psa_key_handle_t target_handle = 0; + psa_key_handle_t source_handle = PSA_KEY_HANDLE_INIT; + psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT; uint8_t *export_buffer = NULL; PSA_ASSERT( psa_crypto_init( ) ); @@ -2404,8 +2404,8 @@ void copy_fail( int source_usage_arg, { psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t source_handle = 0; - psa_key_handle_t target_handle = 0; + psa_key_handle_t source_handle = PSA_KEY_HANDLE_INIT; + psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -2909,7 +2909,7 @@ exit: /* BEGIN_CASE */ void mac_bad_order( ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = PSA_KEY_TYPE_HMAC; psa_algorithm_t alg = PSA_ALG_HMAC(PSA_ALG_SHA_256); const uint8_t key[] = { @@ -3036,7 +3036,7 @@ void mac_sign( int key_type_arg, data_t *input, data_t *expected_mac ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; @@ -3110,7 +3110,7 @@ void mac_verify( int key_type_arg, data_t *input, data_t *expected_mac ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; @@ -3264,7 +3264,7 @@ exit: /* BEGIN_CASE */ void cipher_bad_order( ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = PSA_KEY_TYPE_AES; psa_algorithm_t alg = PSA_ALG_CBC_PKCS7; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -3420,7 +3420,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, data_t *input, data_t *expected_output, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -3487,7 +3487,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, int output1_length_arg, int output2_length_arg, data_t *expected_output ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; @@ -3560,8 +3560,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, int output1_length_arg, int output2_length_arg, data_t *expected_output ) { - psa_key_handle_t handle = 0; - + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; @@ -3633,7 +3632,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, data_t *input, data_t *expected_output, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -3697,7 +3696,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, data_t *key, data_t *input ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char iv[16] = {0}; @@ -3790,7 +3789,7 @@ void cipher_verify_output_multipart( int alg_arg, data_t *input, int first_part_size_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; @@ -3903,7 +3902,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, data_t *input_data, int expected_result_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output_data = NULL; @@ -3979,7 +3978,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, data_t *input_data, data_t *expected_result ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output_data = NULL; @@ -4030,7 +4029,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, data_t *expected_data, int expected_result_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output_data = NULL; @@ -4103,7 +4102,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, data_t *output_data ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t key_bits; @@ -4164,7 +4163,7 @@ void sign_fail( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, int signature_size_arg, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t signature_size = signature_size_arg; @@ -4218,7 +4217,7 @@ exit: void sign_verify( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t key_bits; @@ -4285,7 +4284,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, int alg_arg, data_t *hash_data, data_t *signature_data ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -4326,7 +4325,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, data_t *signature_data, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_status_t actual_status; @@ -4370,7 +4369,7 @@ void asymmetric_encrypt( int key_type_arg, int expected_output_length_arg, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t expected_output_length = expected_output_length_arg; @@ -4437,7 +4436,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *input_data, data_t *label ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t key_bits; @@ -4503,7 +4502,7 @@ void asymmetric_decrypt( int key_type_arg, data_t *label, data_t *expected_data ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output = NULL; @@ -4566,7 +4565,7 @@ void asymmetric_decrypt_fail( int key_type_arg, int output_size_arg, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output = NULL; @@ -4705,12 +4704,14 @@ void derive_input( int alg_arg, expected_status_arg2, expected_status_arg3}; data_t *inputs[] = {input1, input2, input3}; - psa_key_handle_t handles[] = {0, 0, 0}; + psa_key_handle_t handles[] = { PSA_KEY_HANDLE_INIT, + PSA_KEY_HANDLE_INIT, + PSA_KEY_HANDLE_INIT}; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; size_t i; psa_key_type_t output_key_type = output_key_type_arg; - psa_key_handle_t output_handle = 0; + psa_key_handle_t output_handle = PSA_KEY_HANDLE_INIT; psa_status_t expected_output_status = expected_output_status_arg; psa_status_t actual_output_status; @@ -4784,7 +4785,7 @@ exit: void test_derive_invalid_key_derivation_state( int alg_arg ) { psa_algorithm_t alg = alg_arg; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; size_t key_type = PSA_KEY_TYPE_DERIVE; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char input1[] = "Input 1"; @@ -4872,7 +4873,9 @@ void derive_output( int alg_arg, psa_algorithm_t alg = alg_arg; psa_key_derivation_step_t steps[] = {step1_arg, step2_arg, step3_arg}; data_t *inputs[] = {input1, input2, input3}; - psa_key_handle_t handles[] = {0, 0, 0}; + psa_key_handle_t handles[] = { PSA_KEY_HANDLE_INIT, + PSA_KEY_HANDLE_INIT, + PSA_KEY_HANDLE_INIT}; size_t requested_capacity = requested_capacity_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t *expected_outputs[2] = @@ -4982,7 +4985,7 @@ void derive_full( int alg_arg, data_t *input2, int requested_capacity_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -5048,8 +5051,8 @@ void derive_key_exercise( int alg_arg, int derived_usage_arg, int derived_alg_arg ) { - psa_key_handle_t base_handle = 0; - psa_key_handle_t derived_handle = 0; + psa_key_handle_t base_handle = PSA_KEY_HANDLE_INIT; + psa_key_handle_t derived_handle = PSA_KEY_HANDLE_INIT; psa_algorithm_t alg = alg_arg; psa_key_type_t derived_type = derived_type_arg; size_t derived_bits = derived_bits_arg; @@ -5107,8 +5110,8 @@ void derive_key_export( int alg_arg, int bytes1_arg, int bytes2_arg ) { - psa_key_handle_t base_handle = 0; - psa_key_handle_t derived_handle = 0; + psa_key_handle_t base_handle = PSA_KEY_HANDLE_INIT; + psa_key_handle_t derived_handle = PSA_KEY_HANDLE_INIT; psa_algorithm_t alg = alg_arg; size_t bytes1 = bytes1_arg; size_t bytes2 = bytes2_arg; @@ -5186,8 +5189,8 @@ void derive_key( int alg_arg, int type_arg, int bits_arg, int expected_status_arg ) { - psa_key_handle_t base_handle = 0; - psa_key_handle_t derived_handle = 0; + psa_key_handle_t base_handle = PSA_KEY_HANDLE_INIT; + psa_key_handle_t derived_handle = PSA_KEY_HANDLE_INIT; psa_algorithm_t alg = alg_arg; psa_key_type_t type = type_arg; size_t bits = bits_arg; @@ -5231,7 +5234,7 @@ void key_agreement_setup( int alg_arg, data_t *our_key_data, data_t *peer_key_data, int expected_status_arg ) { - psa_key_handle_t our_key = 0; + psa_key_handle_t our_key = PSA_KEY_HANDLE_INIT; psa_algorithm_t alg = alg_arg; psa_algorithm_t our_key_alg = our_key_alg_arg; psa_key_type_t our_key_type = our_key_type_arg; @@ -5280,7 +5283,7 @@ void raw_key_agreement( int alg_arg, data_t *peer_key_data, data_t *expected_output ) { - psa_key_handle_t our_key = 0; + psa_key_handle_t our_key = PSA_KEY_HANDLE_INIT; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -5317,7 +5320,7 @@ void key_agreement_capacity( int alg_arg, data_t *peer_key_data, int expected_capacity_arg ) { - psa_key_handle_t our_key = 0; + psa_key_handle_t our_key = PSA_KEY_HANDLE_INIT; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -5377,7 +5380,7 @@ void key_agreement_output( int alg_arg, data_t *peer_key_data, data_t *expected_output1, data_t *expected_output2 ) { - psa_key_handle_t our_key = 0; + psa_key_handle_t our_key = PSA_KEY_HANDLE_INIT; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -5491,7 +5494,7 @@ void generate_key( int type_arg, int alg_arg, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t type = type_arg; psa_key_usage_t usage = usage_arg; size_t bits = bits_arg; @@ -5533,7 +5536,7 @@ void generate_key_rsa( int bits_arg, data_t *e_arg, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR; size_t bits = bits_arg; psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; @@ -5639,8 +5642,8 @@ void persistent_key_load_key_from_storage( data_t *data, { mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 1 ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = 0; - psa_key_handle_t base_key = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + psa_key_handle_t base_key = PSA_KEY_HANDLE_INIT; psa_key_type_t type = type_arg; size_t bits = bits_arg; psa_key_usage_t usage_flags = usage_flags_arg; @@ -5704,7 +5707,7 @@ void persistent_key_load_key_from_storage( data_t *data, &handle ) ); PSA_ASSERT( psa_key_derivation_abort( &operation ) ); PSA_ASSERT( psa_destroy_key( base_key ) ); - base_key = 0; + base_key = PSA_KEY_HANDLE_INIT; } break; } diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index a0140d2cbba0..53df781e04bb 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -19,7 +19,7 @@ void ecdsa_sign( int force_status_arg, { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); uint8_t signature[64]; @@ -73,7 +73,7 @@ void ecdsa_verify( int force_status_arg, { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); psa_status_t actual_status; @@ -124,7 +124,7 @@ void generate_key( int force_status_arg, { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 ); const uint8_t *expected_output = NULL; @@ -226,7 +226,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, int force_status_arg, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -319,7 +319,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, int output1_length_arg, int output2_length_arg, data_t *expected_output ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; @@ -404,8 +404,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, int output1_length_arg, int output2_length_arg, data_t *expected_output ) { - psa_key_handle_t handle = 0; - + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; @@ -492,7 +491,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, int force_status_arg, int expected_status_arg ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -581,7 +580,7 @@ void cipher_entry_points( int alg_arg, int key_type_arg, data_t *key, data_t *iv, data_t *input ) { - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 7ee17f9d929f..a50eac41b634 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -117,7 +117,7 @@ exit: void save_large_persistent_key( int data_length_arg, int expected_status ) { mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; uint8_t *data = NULL; size_t data_length = data_length_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -149,7 +149,7 @@ void persistent_key_destroy( int owner_id_arg, int key_id_arg, int restart, { mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( owner_id_arg, key_id_arg ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_type_t first_type = (psa_key_type_t) first_type_arg; psa_key_type_t second_type = (psa_key_type_t) second_type_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -204,7 +204,7 @@ void persistent_key_import( int owner_id_arg, int key_id_arg, int type_arg, mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( owner_id_arg, key_id_arg ); psa_key_type_t type = (psa_key_type_t) type_arg; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init() ); @@ -254,7 +254,7 @@ void import_export_persistent_key( data_t *data, int type_arg, { mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 ); psa_key_type_t type = (psa_key_type_t) type_arg; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; unsigned char *exported = NULL; size_t export_size = data->len; size_t exported_length; diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 8584e5ed681e..68a803e30003 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -450,7 +450,7 @@ static psa_status_t ram_sign( psa_drv_se_context_t *context, { ram_slot_t *slot; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; (void) context; @@ -483,7 +483,7 @@ static psa_status_t ram_verify( psa_drv_se_context_t *context, { ram_slot_t *slot; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; (void) context; @@ -664,7 +664,7 @@ static int smoke_test_key( psa_key_handle_t handle ) PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t buffer[80]; /* large enough for a public key for ECDH */ size_t length; - psa_key_handle_t handle2 = 0; + psa_key_handle_t handle2 = PSA_KEY_HANDLE_INIT; SMOKE_ASSERT( psa_get_key_attributes( handle, &attributes ) ); @@ -880,7 +880,7 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; uint8_t exported[sizeof( key_material )]; @@ -983,7 +983,7 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) exported, exported_length ); PSA_ASSERT( psa_destroy_key( handle ) ); - handle = 0; + handle = PSA_KEY_HANDLE_INIT; if( ! check_persistent_data( location, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) @@ -1014,7 +1014,7 @@ void key_creation_in_chosen_slot( int slot_arg, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; @@ -1072,7 +1072,7 @@ void key_creation_in_chosen_slot( int slot_arg, PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); PSA_ASSERT( psa_destroy_key( handle ) ); - handle = 0; + handle = PSA_KEY_HANDLE_INIT; if( ! check_persistent_data( location, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) @@ -1098,7 +1098,7 @@ void import_key_smoke( int type_arg, int alg_arg, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; TEST_USES_KEY_ID( id ); @@ -1148,7 +1148,7 @@ void import_key_smoke( int type_arg, int alg_arg, /* We're done. */ PSA_ASSERT( psa_destroy_key( handle ) ); - handle = 0; + handle = PSA_KEY_HANDLE_INIT; if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; @@ -1172,7 +1172,7 @@ void generate_key_not_supported( int type_arg, int bits_arg ) psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; TEST_USES_KEY_ID( id ); @@ -1213,7 +1213,7 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; TEST_USES_KEY_ID( id ); @@ -1262,7 +1262,7 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) /* We're done. */ PSA_ASSERT( psa_destroy_key( handle ) ); - handle = 0; + handle = PSA_KEY_HANDLE_INIT; if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; @@ -1295,8 +1295,8 @@ void sign_verify( int flow, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t drv_handle = 0; /* key managed by the driver */ - psa_key_handle_t sw_handle = 0; /* transparent key */ + psa_key_handle_t drv_handle = PSA_KEY_HANDLE_INIT; /* key managed by the driver */ + psa_key_handle_t sw_handle = PSA_KEY_HANDLE_INIT; /* transparent key */ psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t drv_attributes; uint8_t signature[PSA_SIGNATURE_MAX_SIZE]; @@ -1462,7 +1462,7 @@ void register_key_smoke_test( int lifetime_arg, mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); size_t bit_size = 48; psa_key_slot_number_t wanted_slot = 0x123456789; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_status_t status; TEST_USES_KEY_ID( id ); @@ -1518,7 +1518,7 @@ void register_key_smoke_test( int lifetime_arg, goto exit; /* This time, destroy the key. */ PSA_ASSERT( psa_destroy_key( handle ) ); - handle = 0; + handle = PSA_KEY_HANDLE_INIT; TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 7d4a59125d53..0e2e203c87c1 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -333,7 +333,7 @@ void mock_import( int mock_alloc_return_value, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; @@ -402,7 +402,7 @@ void mock_export( int mock_export_return_value, int expected_result ) psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; uint8_t exported[sizeof( key_material )]; @@ -456,7 +456,7 @@ void mock_generate( int mock_alloc_return_value, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mock_allocate_data.return_value = mock_alloc_return_value; @@ -523,7 +523,7 @@ void mock_export_public( int mock_export_public_return_value, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; uint8_t exported[sizeof( key_material )]; @@ -573,7 +573,7 @@ void mock_sign( int mock_sign_return_value, int expected_result ) psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); @@ -634,7 +634,7 @@ void mock_verify( int mock_verify_return_value, int expected_result ) psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index fa3dd6e3aeeb..bee583562db8 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -141,7 +141,7 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, psa_key_usage_t usage_flags = usage_arg; psa_key_type_t type = type_arg; close_method_t close_method = close_method_arg; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -185,7 +185,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, psa_key_usage_t usage_flags = usage_arg; psa_key_type_t type = type_arg; close_method_t close_method = close_method_arg; - psa_key_handle_t handle = 0; + psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t read_attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *reexported = NULL; @@ -194,7 +194,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) mbedtls_svc_key_id_t wrong_owner_id = mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg ); - psa_key_handle_t invalid_handle = 0; + psa_key_handle_t invalid_handle = PSA_KEY_HANDLE_INIT; #endif TEST_USES_KEY_ID( id ); @@ -319,7 +319,8 @@ void create_existent( int lifetime_arg, int owner_id_arg, int id_arg, { psa_key_lifetime_t lifetime = lifetime_arg; mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); - psa_key_handle_t handle1 = 0, handle2 = 0; + psa_key_handle_t handle1 = PSA_KEY_HANDLE_INIT; + psa_key_handle_t handle2 = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA; const uint8_t material1[5] = "a key"; @@ -447,7 +448,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, mbedtls_svc_key_id_make( source_owner_id_arg, source_id_arg ); psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; - psa_key_handle_t source_handle = 0; + psa_key_handle_t source_handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t source_type = type_arg; psa_key_lifetime_t target_lifetime = target_lifetime_arg; @@ -455,7 +456,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, mbedtls_svc_key_id_make( target_owner_id_arg, target_id_arg ); psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; - psa_key_handle_t target_handle = 0; + psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; @@ -573,14 +574,14 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, mbedtls_svc_key_id_make( 1, source_id_arg ); psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; - psa_key_handle_t source_handle = 0; + psa_key_handle_t source_handle = PSA_KEY_HANDLE_INIT; psa_key_type_t source_type = source_type_arg; psa_key_lifetime_t target_lifetime = target_lifetime_arg; mbedtls_svc_key_id_t target_id = mbedtls_svc_key_id_make( 1, target_id_arg ); psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; - psa_key_handle_t target_handle = 0; + psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT; psa_key_type_t target_type = target_type_arg; psa_key_handle_t new_handle = 0xdead; uint8_t *export_buffer = NULL; @@ -674,8 +675,8 @@ exit: void invalid_handle( int handle_construction, int close_status_arg, int usage_status_arg ) { - psa_key_handle_t valid_handle = 0; - psa_key_handle_t invalid_handle = 0; + psa_key_handle_t valid_handle = PSA_KEY_HANDLE_INIT; + psa_key_handle_t invalid_handle = PSA_KEY_HANDLE_INIT; psa_status_t close_status = close_status_arg; psa_status_t usage_status = usage_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -696,7 +697,7 @@ void invalid_handle( int handle_construction, switch( handle_construction ) { case INVALID_HANDLE_0: - invalid_handle = 0; + invalid_handle = PSA_KEY_HANDLE_INIT; break; case INVALID_HANDLE_UNOPENED: /* We can't easily construct a handle that's never been opened diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 31d60009dfab..1dd264264961 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -161,7 +161,7 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, int cert_type ) { mbedtls_pk_context key; - psa_key_handle_t slot = 0; + psa_key_handle_t slot = PSA_KEY_HANDLE_INIT; psa_algorithm_t md_alg_psa; mbedtls_x509write_csr req; unsigned char buf[4096]; From c26f8d467aa4800eac2a633ed1d2bbf7f53f5b34 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 1 Sep 2020 10:51:51 +0200 Subject: [PATCH 05/55] Introduce psa_key_handle_is_null inline function Signed-off-by: Ronald Cron --- include/mbedtls/ssl_internal.h | 4 ++-- include/psa/crypto_platform.h | 11 +++++++++++ library/psa_crypto.c | 2 +- library/psa_crypto_slot_management.c | 5 +++-- library/ssl_cli.c | 2 +- library/ssl_srv.c | 6 +++--- library/ssl_tls.c | 17 +++++++++-------- programs/ssl/ssl_server2.c | 4 ++-- tests/suites/test_suite_pk.function | 2 +- tests/suites/test_suite_psa_crypto.function | 2 +- .../suites/test_suite_psa_crypto_init.function | 2 +- ...st_suite_psa_crypto_persistent_key.function | 2 +- ...est_suite_psa_crypto_se_driver_hal.function | 2 +- ...t_suite_psa_crypto_slot_management.function | 18 +++++++++--------- 14 files changed, 46 insertions(+), 33 deletions(-) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 30be67665ff9..015b53c2b822 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -1064,10 +1064,10 @@ static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl, static inline psa_key_handle_t mbedtls_ssl_get_opaque_psk( const mbedtls_ssl_context *ssl ) { - if( ssl->handshake->psk_opaque != 0 ) + if( ! psa_key_handle_is_null( ssl->handshake->psk_opaque ) ) return( ssl->handshake->psk_opaque ); - if( ssl->conf->psk_opaque != 0 ) + if( ! psa_key_handle_is_null( ssl->conf->psk_opaque ) ) return( ssl->conf->psk_opaque ); return( PSA_KEY_HANDLE_INIT ); diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 6ada32477290..a27136d5aabd 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -53,6 +53,17 @@ typedef uint16_t psa_key_handle_t; #define PSA_KEY_HANDLE_INIT ( (psa_key_handle_t)0 ) +/** Check whether a handle is null. + * + * \param handle Key handle. + * + * \return Non-zero if the key handle is null, zero otherwise. + */ +static inline int psa_key_handle_is_null( psa_key_handle_t handle ) +{ + return( handle == 0 ); +} + #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) /* Building for the PSA Crypto service on a PSA platform, a key owner is a PSA diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 85d9df404be4..5d9b34e77e1c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1300,7 +1300,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) psa_se_drv_table_entry_t *driver; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( handle == 0 ) + if( psa_key_handle_is_null( handle ) ) return( PSA_SUCCESS ); status = psa_get_key_slot( handle, &slot ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index dacd7f69f300..6303473d9d9d 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -81,7 +81,8 @@ psa_status_t psa_get_key_slot( psa_key_handle_t handle, /* 0 is not a valid handle under any circumstance. This * implementation provides slots number 1 to N where N is the * number of available slots. */ - if( handle == 0 || handle > ARRAY_LENGTH( global_data.key_slots ) ) + if( psa_key_handle_is_null( handle ) || + ( handle > ARRAY_LENGTH( global_data.key_slots ) ) ) return( PSA_ERROR_INVALID_HANDLE ); slot = &global_data.key_slots[handle - 1]; @@ -261,7 +262,7 @@ psa_status_t psa_close_key( psa_key_handle_t handle ) psa_status_t status; psa_key_slot_t *slot; - if( handle == 0 ) + if( psa_key_handle_is_null( handle ) ) return( PSA_SUCCESS ); status = psa_get_key_slot( handle, &slot ); diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 9494c65da9e9..391e93c6e90e 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -63,7 +63,7 @@ static int ssl_conf_has_static_psk( mbedtls_ssl_config const *conf ) return( 1 ); #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( conf->psk_opaque != 0 ) + if( ! psa_key_handle_is_null( conf->psk_opaque ) ) return( 1 ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 070a5915f76b..03dc2d4bba30 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -157,7 +157,7 @@ static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf ) return( 1 ); #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( conf->psk_opaque != 0 ) + if( ! psa_key_handle_is_null( conf->psk_opaque ) ) return( 1 ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -172,13 +172,13 @@ static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) /* If we've used a callback to select the PSK, * the static configuration is irrelevant. */ - if( ssl->handshake->psk_opaque != 0 ) + if( ! psa_key_handle_is_null( ssl->handshake->psk_opaque ) ) return( 1 ); return( 0 ); } - if( ssl->conf->psk_opaque != 0 ) + if( ! psa_key_handle_is_null( ssl->conf->psk_opaque ) ) return( 1 ); return( 0 ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 6144851b6edf..d74e40c3475c 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -466,7 +466,7 @@ static psa_status_t setup_psa_key_derivation( psa_key_derivation_operation_t* de if( status != PSA_SUCCESS ) return( status ); - if( slot == 0 ) + if( psa_key_handle_is_null( slot ) ) { status = psa_key_derivation_input_bytes( derivation, PSA_KEY_DERIVATION_INPUT_SECRET, @@ -563,7 +563,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } - if( master_slot != 0 ) + if( ! psa_key_handle_is_null( master_slot ) ) status = psa_destroy_key( master_slot ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); @@ -707,13 +707,13 @@ static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) { /* If we've used a callback to select the PSK, * the static configuration is irrelevant. */ - if( ssl->handshake->psk_opaque != 0 ) + if( ! psa_key_handle_is_null( ssl->handshake->psk_opaque ) ) return( 1 ); return( 0 ); } - if( ssl->conf->psk_opaque != 0 ) + if( ! psa_key_handle_is_null( ssl->conf->psk_opaque ) ) return( 1 ); return( 0 ); @@ -4344,7 +4344,7 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) { /* Remove reference to existing PSK, if any. */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( conf->psk_opaque != 0 ) + if( ! psa_key_handle_is_null( conf->psk_opaque ) ) { /* The maintenance of the PSK key slot is the * user's responsibility. */ @@ -4432,7 +4432,7 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, static void ssl_remove_psk( mbedtls_ssl_context *ssl ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ssl->handshake->psk_opaque != 0 ) + if( ! psa_key_handle_is_null( ssl->handshake->psk_opaque ) ) { ssl->handshake->psk_opaque = PSA_KEY_HANDLE_INIT; } @@ -4478,7 +4478,7 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, ssl_conf_remove_psk( conf ); /* Check and set opaque PSK */ - if( psk_slot == 0 ) + if( psa_key_handle_is_null( psk_slot ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); conf->psk_opaque = psk_slot; @@ -4494,7 +4494,8 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, psa_key_handle_t psk_slot ) { - if( psk_slot == 0 || ssl->handshake == NULL ) + if( ( psa_key_handle_is_null( psk_slot ) ) || + ( ssl->handshake == NULL ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); ssl_remove_psk( ssl ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index c11b0819d38b..fce2e22c637e 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1303,7 +1303,7 @@ int psk_free( psk_entry *head ) psa_status_t status; psa_key_handle_t const slot = head->slot; - if( slot != 0 ) + if( ! psa_key_handle_is_null( slot ) ) { status = psa_destroy_key( slot ); if( status != PSA_SUCCESS ) @@ -1376,7 +1376,7 @@ int psk_callback( void *p_info, mbedtls_ssl_context *ssl, memcmp( name, cur->name, name_len ) == 0 ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( cur->slot != 0 ) + if( ! psa_key_handle_is_null( cur->slot ) ) return( mbedtls_ssl_set_hs_psk_opaque( ssl, cur->slot ) ); else #endif diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 22bf0e707465..5fee0d7e34a0 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -158,7 +158,7 @@ void pk_psa_utils( ) mbedtls_pk_init( &pk ); key = pk_psa_genkey(); - if( key == 0 ) + if( psa_key_handle_is_null( key ) ) goto exit; TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3c4d7c82571d..fbd7195ccdaf 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -5761,7 +5761,7 @@ exit: mbedtls_free( second_export ); psa_key_derivation_abort( &operation ); psa_destroy_key( base_key ); - if( handle == 0 ) + if( psa_key_handle_is_null( handle ) ) { /* In case there was a test failure after creating the persistent key * but while it was not open, try to re-open the persistent key diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index fd4ff21fc5c0..c9fdcd1803da 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -197,7 +197,7 @@ void validate_module_init_key_based( int count ) psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); status = psa_import_key( &attributes, data, sizeof( data ), &handle ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( handle, 0 ); + TEST_ASSERT( psa_key_handle_is_null( handle ) ); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index a50eac41b634..34b88a70b5b1 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -177,7 +177,7 @@ void persistent_key_destroy( int owner_id_arg, int key_id_arg, int restart, /* Check key slot storage is removed */ TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); TEST_EQUAL( psa_open_key( key_id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); - TEST_EQUAL( handle, 0 ); + TEST_ASSERT( psa_key_handle_is_null( handle ) ); /* Shutdown and restart */ PSA_DONE(); diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 68a803e30003..a1d542d74902 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -674,7 +674,7 @@ static int smoke_test_key( psa_key_handle_t handle ) buffer, sizeof( buffer ), &length ) ); SMOKE_ASSERT( psa_copy_key( handle, &attributes, &handle2 ) ); - if( handle2 != 0 ) + if( ! psa_key_handle_is_null( handle2 ) ) PSA_ASSERT( psa_close_key( handle2 ) ); SMOKE_ASSERT( psa_mac_sign_setup( &mac_operation, handle, PSA_ALG_CMAC ) ); diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index bee583562db8..39491a0b0482 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -152,7 +152,7 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, psa_set_key_type( &attributes, type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - TEST_ASSERT( handle != 0 ); + TEST_ASSERT( ! psa_key_handle_is_null( handle ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); @@ -210,7 +210,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, psa_set_key_enrollment_algorithm( &attributes, alg2 ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - TEST_ASSERT( handle != 0 ); + TEST_ASSERT( ! psa_key_handle_is_null( handle ) ); #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ), @@ -342,7 +342,7 @@ void create_existent( int lifetime_arg, int owner_id_arg, int id_arg, psa_set_key_algorithm( &attributes, 0 ); PSA_ASSERT( psa_import_key( &attributes, material1, sizeof( material1 ), &handle1 ) ); - TEST_ASSERT( handle1 != 0 ); + TEST_ASSERT( ! psa_key_handle_is_null( handle1 ) ); if( reopen_policy == CLOSE_BEFORE ) PSA_ASSERT( psa_close_key( handle1 ) ); @@ -351,7 +351,7 @@ void create_existent( int lifetime_arg, int owner_id_arg, int id_arg, TEST_EQUAL( psa_import_key( &attributes, material2, sizeof( material2 ), &handle2 ), PSA_ERROR_ALREADY_EXISTS ); - TEST_EQUAL( handle2, 0 ); + TEST_ASSERT( psa_key_handle_is_null( handle2 ) ); if( reopen_policy == CLOSE_AFTER ) PSA_ASSERT( psa_close_key( handle1 ) ); @@ -394,7 +394,7 @@ void open_fail( int id_arg, PSA_ASSERT( psa_crypto_init( ) ); TEST_EQUAL( psa_open_key( id, &handle ), expected_status ); - TEST_EQUAL( handle, 0 ); + TEST_ASSERT( psa_key_handle_is_null( handle ) ); exit: PSA_DONE( ); @@ -422,7 +422,7 @@ void create_fail( int lifetime_arg, int id_arg, TEST_EQUAL( psa_import_key( &attributes, material, sizeof( material ), &handle ), expected_status ); - TEST_EQUAL( handle, 0 ); + TEST_ASSERT( psa_key_handle_is_null( handle ) ); exit: PSA_DONE( ); @@ -631,7 +631,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, TEST_EQUAL( psa_copy_key( source_handle, &attributes, &new_handle ), PSA_ERROR_ALREADY_EXISTS ); - TEST_EQUAL( new_handle , 0 ); + TEST_ASSERT( psa_key_handle_is_null( new_handle ) ); /* Test that the target slot is unaffected. */ PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes2 ) ); @@ -691,7 +691,7 @@ void invalid_handle( int handle_construction, PSA_ASSERT( psa_import_key( &attributes, material, sizeof( material ), &valid_handle ) ); - TEST_ASSERT( valid_handle != 0 ); + TEST_ASSERT( ! psa_key_handle_is_null( valid_handle ) ); /* Construct an invalid handle as specified in the test case data. */ switch( handle_construction ) @@ -766,7 +766,7 @@ void many_transient_handles( int max_handles_arg ) if( status == PSA_ERROR_INSUFFICIENT_MEMORY ) break; PSA_ASSERT( status ); - TEST_ASSERT( handles[i] != 0 ); + TEST_ASSERT( ! psa_key_handle_is_null( handles[i] ) ); for( j = 0; j < i; j++ ) TEST_ASSERT( handles[i] != handles[j] ); } From 47a85614eda27fb0f8bb929bfe458f9b47e100ba Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 1 Sep 2020 09:02:08 +0200 Subject: [PATCH 06/55] Introduce psa_key_handle_equal inline function Signed-off-by: Ronald Cron --- include/psa/crypto_platform.h | 13 +++++++++++++ .../test_suite_psa_crypto_slot_management.function | 4 ++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index a27136d5aabd..9cc27f67984a 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -64,6 +64,19 @@ static inline int psa_key_handle_is_null( psa_key_handle_t handle ) return( handle == 0 ); } +/** Compare two handles. + * + * \param handle1 First handle. + * \param handle2 Second handle. + * + * \return Non-zero if the two handles are equal, zero otherwise. + */ +static inline int psa_key_handle_equal( psa_key_handle_t handle1, + psa_key_handle_t handle2 ) +{ + return( handle1 == handle2 ); +} + #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) /* Building for the PSA Crypto service on a PSA platform, a key owner is a PSA diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 39491a0b0482..a99f7de5eda0 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -659,7 +659,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, } PSA_ASSERT( psa_destroy_key( source_handle ) ); - if( target_handle != source_handle ) + if( ! psa_key_handle_equal( target_handle, source_handle ) ) PSA_ASSERT( psa_destroy_key( target_handle ) ); exit: @@ -768,7 +768,7 @@ void many_transient_handles( int max_handles_arg ) PSA_ASSERT( status ); TEST_ASSERT( ! psa_key_handle_is_null( handles[i] ) ); for( j = 0; j < i; j++ ) - TEST_ASSERT( handles[i] != handles[j] ); + TEST_ASSERT( ! psa_key_handle_equal( handles[i], handles[j] ) ); } max_handles = i; From c4d1b514ab814726fd168ad388531d653192801e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 31 Jul 2020 11:26:37 +0200 Subject: [PATCH 07/55] Define handles as key identifiers Define psa_key_handle_t to be equal to mbedtls_svc_key_id_t. Make the handle of a persistent key be equal to its key identifier. For volatile keys, make the key handle equal to the volatile key identifier of the created volatile key. The unit tests are modified just to make them compile not to make them run successfully. They are fixed in the subsequent commits. Signed-off-by: Ronald Cron --- include/psa/crypto_platform.h | 28 ----- include/psa/crypto_types.h | 6 + include/psa/crypto_values.h | 48 ++++++++ library/psa_crypto.c | 18 ++- library/psa_crypto_slot_management.c | 116 +++++++++++------- library/psa_crypto_slot_management.h | 43 ++++--- programs/ssl/ssl_client2.c | 6 +- programs/ssl/ssl_server2.c | 6 +- .../test_suite_psa_crypto_init.function | 2 +- ..._suite_psa_crypto_slot_management.function | 37 ++++-- 10 files changed, 208 insertions(+), 102 deletions(-) diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 9cc27f67984a..4a6328a152ee 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -49,34 +49,6 @@ #define inline __inline #endif -/* Integral type representing a key handle. */ -typedef uint16_t psa_key_handle_t; -#define PSA_KEY_HANDLE_INIT ( (psa_key_handle_t)0 ) - -/** Check whether a handle is null. - * - * \param handle Key handle. - * - * \return Non-zero if the key handle is null, zero otherwise. - */ -static inline int psa_key_handle_is_null( psa_key_handle_t handle ) -{ - return( handle == 0 ); -} - -/** Compare two handles. - * - * \param handle1 First handle. - * \param handle2 Second handle. - * - * \return Non-zero if the two handles are equal, zero otherwise. - */ -static inline int psa_key_handle_equal( psa_key_handle_t handle1, - psa_key_handle_t handle2 ) -{ - return( handle1 == handle2 ); -} - #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) /* Building for the PSA Crypto service on a PSA platform, a key owner is a PSA diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 923b02b53bda..b5e68d4bdeab 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -247,6 +247,12 @@ typedef struct #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ +/* + * To support temporary both openless APIs and psa_open_key(), define + * psa_key_handle_t to be equal to mbedtls_svc_key_id_t. + */ +typedef mbedtls_svc_key_id_t psa_key_handle_t; + /**@}*/ /** \defgroup policy Key policies diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 3eb64d8ccea4..5061ab4c9388 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1700,6 +1700,17 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, return( id1 == id2 ); } +/** Check whether a key identifier is null. + * + * \param key Key identifier. + * + * \return Non-zero if the key identifier is null, zero otherwise. + */ +static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) +{ + return( key == 0 ); +} + #else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ #define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } ) @@ -1732,8 +1743,45 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, mbedtls_key_owner_id_equal( id1.owner, id2.owner ) ); } +/** Check whether a key identifier is null. + * + * \param key Key identifier. + * + * \return Non-zero if the key identifier is null, zero otherwise. + */ +static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) +{ + return( ( key.key_id == 0 ) && ( key.owner == 0 ) ); +} + #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ +#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT + +/** Compare two handles. + * + * \param handle1 First handle. + * \param handle2 Second handle. + * + * \return Non-zero if the two handles are equal, zero otherwise. + */ +static inline int psa_key_handle_equal( psa_key_handle_t handle1, + psa_key_handle_t handle2 ) +{ + return( mbedtls_svc_key_id_equal( handle1, handle2 ) ); +} + +/** Check wether an handle is null. + * + * \param handle Handle + * + * \return Non-zero if the handle is null, zero otherwise. + */ +static inline int psa_key_handle_is_null( psa_key_handle_t handle ) +{ + return( mbedtls_svc_key_id_is_null( handle ) ); +} + /**@}*/ /** \defgroup policy Key policies diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5d9b34e77e1c..f8a8c0ab7b27 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1861,7 +1861,7 @@ static psa_status_t psa_start_key_creation( if( status != PSA_SUCCESS ) return( status ); - status = psa_get_empty_key_slot( handle, &volatile_key_id, p_slot ); + status = psa_get_empty_key_slot( &volatile_key_id, p_slot ); if( status != PSA_SUCCESS ) return( status ); slot = *p_slot; @@ -1870,9 +1870,19 @@ static psa_status_t psa_start_key_creation( * creation mechanism to verify that this information is correct. * It's automatically correct for mechanisms that use the bit-size as * an input (generate, device) but not for those where the bit-size - * is optional (import, copy). */ + * is optional (import, copy). In case of a volatile key, assign it the + * volatile key identifier associated to the slot returned to contain its + * definition. */ slot->attr = attributes->core; + if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) + { +#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + slot->attr.id = volatile_key_id; +#else + slot->attr.id.key_id = volatile_key_id; +#endif + } /* Erase external-only flags from the internal copy. To access * external-only flags, query `attributes`. Thanks to the check @@ -1928,7 +1938,9 @@ static psa_status_t psa_start_key_creation( } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - return( status ); + *handle = slot->attr.id; + + return( PSA_SUCCESS ); } /** Finalize the creation of a key once its key material has been set. diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 6303473d9d9d..8ef851bddf4f 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -64,35 +64,40 @@ psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ) ( key_id <= PSA_KEY_ID_VENDOR_MAX ) ) return( PSA_SUCCESS ); - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_INVALID_HANDLE ); } -/* Access a key slot at the given handle. The handle of a key slot is - * the index of the slot in the global slot array, plus one so that handles - * start at 1 and not 0. */ -psa_status_t psa_get_key_slot( psa_key_handle_t handle, - psa_key_slot_t **p_slot ) +static psa_key_slot_t* psa_get_slot_from_volatile_key_id( + mbedtls_svc_key_id_t key ) { - psa_key_slot_t *slot = NULL; + psa_key_slot_t *slot; + psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); - if( ! global_data.key_slots_initialized ) - return( PSA_ERROR_BAD_STATE ); + if( ( key_id < PSA_KEY_ID_VOLATILE_MIN ) || + ( key_id > PSA_KEY_ID_VOLATILE_MAX ) ) + return( NULL ); - /* 0 is not a valid handle under any circumstance. This - * implementation provides slots number 1 to N where N is the - * number of available slots. */ - if( psa_key_handle_is_null( handle ) || - ( handle > ARRAY_LENGTH( global_data.key_slots ) ) ) - return( PSA_ERROR_INVALID_HANDLE ); - slot = &global_data.key_slots[handle - 1]; + slot = &global_data.key_slots[ key_id - PSA_KEY_ID_VOLATILE_MIN ]; - /* If the slot isn't occupied, the handle is invalid. */ - if( ! psa_is_key_slot_occupied( slot ) ) - return( PSA_ERROR_INVALID_HANDLE ); + return( mbedtls_svc_key_id_equal( key, slot->attr.id ) ? slot : NULL ); +} - *p_slot = slot; - return( PSA_SUCCESS ); +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) +static psa_key_slot_t* psa_get_slot_from_key_id( + mbedtls_svc_key_id_t key ) +{ + psa_key_slot_t *slot = &global_data.key_slots[ PSA_KEY_SLOT_COUNT ]; + + while( slot > &global_data.key_slots[ 0 ] ) + { + slot--; + if( mbedtls_svc_key_id_equal( key, slot->attr.id ) ) + return( slot ); + } + + return( NULL ); } +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ psa_status_t psa_initialize_key_slots( void ) { @@ -115,8 +120,7 @@ void psa_wipe_all_key_slots( void ) global_data.key_slots_initialized = 0; } -psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle, - psa_key_id_t *volatile_key_id, +psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, psa_key_slot_t **p_slot ) { size_t slot_idx; @@ -129,7 +133,6 @@ psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle, *p_slot = &global_data.key_slots[ slot_idx - 1 ]; if( ! psa_is_key_slot_occupied( *p_slot ) ) { - *handle = (psa_key_handle_t)slot_idx; *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + ( (psa_key_id_t)slot_idx ) - 1; @@ -177,8 +180,50 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *slot ) psa_free_persistent_key_data( key_data, key_data_length ); return( status ); } +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ + +psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, + psa_key_slot_t **p_slot ) +{ + psa_status_t status = PSA_ERROR_GENERIC_ERROR; + + *p_slot = NULL; + if( ! global_data.key_slots_initialized ) + return( PSA_ERROR_BAD_STATE ); + + status = psa_validate_key_id( key, 1 ); + if( status != PSA_SUCCESS ) + return( status ); + + *p_slot = psa_get_slot_from_volatile_key_id( key ); + if( *p_slot != NULL ) + return( PSA_SUCCESS ); + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + psa_key_id_t volatile_key_id; + + *p_slot = psa_get_slot_from_key_id( key ); + if( *p_slot != NULL ) + return( PSA_SUCCESS ); + + status = psa_get_empty_key_slot( &volatile_key_id, p_slot ); + if( status != PSA_SUCCESS ) + return( status ); + + (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT; + (*p_slot)->attr.id = key; + + status = psa_load_persistent_key_into_slot( *p_slot ); + if( status != PSA_SUCCESS ) + psa_wipe_key_slot( *p_slot ); + + return( status ); +#else + return( PSA_ERROR_DOES_NOT_EXIST ); #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ +} + psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, psa_se_drv_table_entry_t **p_drv ) { @@ -226,29 +271,18 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_status_t status; - psa_key_id_t volatile_key_id; psa_key_slot_t *slot; - *handle = 0; - - status = psa_validate_key_id( key, 1 ); - if( status != PSA_SUCCESS ) - return( status ); - - status = psa_get_empty_key_slot( handle, &volatile_key_id, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - slot->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT; - slot->attr.id = key; - - status = psa_load_persistent_key_into_slot( slot ); + status = psa_get_key_slot( key, &slot ); if( status != PSA_SUCCESS ) { - psa_wipe_key_slot( slot ); *handle = PSA_KEY_HANDLE_INIT; + return( status ); } - return( status ); + + *handle = key; + + return( PSA_SUCCESS ); #else /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ (void) key; diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index d649f53a7ce2..98a1ce7535eb 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -22,6 +22,7 @@ #define PSA_CRYPTO_SLOT_MANAGEMENT_H #include "psa/crypto.h" +#include "psa_crypto_core.h" #include "psa_crypto_se.h" /* Number of key slots (plus one because 0 is not used). @@ -45,21 +46,38 @@ */ #define PSA_KEY_ID_VOLATILE_MAX PSA_KEY_ID_VENDOR_MAX -/** Access a key slot at the given handle. +/** Retrieve the description of a key given its identifier. * - * \param handle Key handle to query. + * The descriptions of volatile keys and loaded persistent keys are + * stored in key slots. This function returns a pointer to the key slot + * containing the description of a key given its identifier. + * + * In case of a persistent key, the function loads the description of the key + * into a key slot if not already done. + * + * \param key Key identifier to query. * \param[out] p_slot On success, `*p_slot` contains a pointer to the - * key slot in memory designated by \p handle. + * key slot containing the description of the key + * identified by \p key. * - * \retval PSA_SUCCESS - * Success: \p handle is a handle to `*p_slot`. Note that `*p_slot` - * may be empty or occupied. - * \retval PSA_ERROR_INVALID_HANDLE - * \p handle is out of range or is not in use. - * \retval PSA_ERROR_BAD_STATE + * \retval #PSA_SUCCESS + * The pointer to the key slot containing the description of the key + * identified by \p key was returned. + * \retval #PSA_ERROR_BAD_STATE * The library has not been initialized. + * \retval #PSA_ERROR_INVALID_HANDLE + * \p key is not a valid key identifier. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \p key is a persistent key identifier. The implementation does not + * have sufficient resources to load the persistent key. This can be + * due to a lack of empty key slot, or available memory. + * \retval #PSA_ERROR_DOES_NOT_EXIST + * There is no key with key identifier \p key. + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_DATA_CORRUPT */ -psa_status_t psa_get_key_slot( psa_key_handle_t handle, +psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot ); /** Initialize the key slot structures. @@ -79,8 +97,6 @@ void psa_wipe_all_key_slots( void ); * This function returns a key slot that is available for use and is in its * ground state (all-bits-zero). * - * \param[out] handle On success, a slot number that can be used - * as a handle to the slot. * \param[out] volatile_key_id On success, volatile key identifier * associated to the returned slot. * \param[out] p_slot On success, a pointer to the slot. @@ -89,8 +105,7 @@ void psa_wipe_all_key_slots( void ); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE */ -psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle, - psa_key_id_t *volatile_key_id, +psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, psa_key_slot_t **p_slot ); /** Test whether a lifetime designates a key in an external cryptoprocessor. diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 16bd619523df..246d71a8d843 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -3577,8 +3577,10 @@ int main( int argc, char *argv[] ) if( ( status != PSA_SUCCESS ) && ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) { - mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (unsigned) slot, (int) status ); + mbedtls_printf( "Failed to destroy key slot %u-%u - error was %d", + MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( slot ), + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot ), + (int) status ); if( ret == 0 ) ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index fce2e22c637e..eb4ab0d8ff3b 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -4518,8 +4518,10 @@ int main( int argc, char *argv[] ) if( ( status != PSA_SUCCESS ) && ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) { - mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (unsigned) psk_slot, (int) status ); + mbedtls_printf( "Failed to destroy key slot %u-%u - error was %d", + MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psk_slot ), + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psk_slot ), + (int) status ); } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED && diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index c9fdcd1803da..d587886dcb2b 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -185,7 +185,7 @@ void validate_module_init_key_based( int count ) psa_status_t status; uint8_t data[10] = { 0 }; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = 0xdead; + psa_key_handle_t handle = mbedtls_svc_key_id_make( 0xdead, 0xdead ); int i; for( i = 0; i < count; i++ ) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index a99f7de5eda0..c688474aa5f0 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -2,6 +2,7 @@ #include #include "test/psa_crypto_helpers.h" +#include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" typedef enum @@ -389,7 +390,7 @@ void open_fail( int id_arg, { mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg ); psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = 0xdead; + psa_key_handle_t handle = mbedtls_svc_key_id_make( 0xdead, 0xdead ); PSA_ASSERT( psa_crypto_init( ) ); @@ -409,7 +410,7 @@ void create_fail( int lifetime_arg, int id_arg, mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = 0xdead; + psa_key_handle_t handle = mbedtls_svc_key_id_make( 0xdead, 0xdead ); uint8_t material[1] = {'k'}; TEST_USES_KEY_ID( id ); @@ -583,7 +584,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, psa_algorithm_t target_alg = target_alg_arg; psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT; psa_key_type_t target_type = target_type_arg; - psa_key_handle_t new_handle = 0xdead; + psa_key_handle_t new_handle = mbedtls_svc_key_id_make( 0xdead, 0xdead ); uint8_t *export_buffer = NULL; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes1 = PSA_KEY_ATTRIBUTES_INIT; @@ -677,6 +678,7 @@ void invalid_handle( int handle_construction, { psa_key_handle_t valid_handle = PSA_KEY_HANDLE_INIT; psa_key_handle_t invalid_handle = PSA_KEY_HANDLE_INIT; + psa_key_id_t key_id; psa_status_t close_status = close_status_arg; psa_status_t usage_status = usage_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -700,14 +702,26 @@ void invalid_handle( int handle_construction, invalid_handle = PSA_KEY_HANDLE_INIT; break; case INVALID_HANDLE_UNOPENED: - /* We can't easily construct a handle that's never been opened - * without knowing how the implementation constructs handle - * values. The current test code assumes that valid handles - * are in a range between 1 and some maximum. */ - if( valid_handle == 1 ) - invalid_handle = 2; + + /* + * MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) is a volatile + * key identifier as the imported key is a volatile key. Volatile + * key identifiers are in the range from PSA_KEY_ID_VOLATILE_MIN + * to PSA_KEY_ID_VOLATILE_MAX included. Thus pick a key identifier + * in the range from PSA_KEY_ID_VOLATILE_MIN to + * PSA_KEY_ID_VOLATILE_MAX different from + * MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) to build an + * unopened and thus invalid identifier. + */ + + if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) == + PSA_KEY_ID_VOLATILE_MIN ) + key_id = PSA_KEY_ID_VOLATILE_MIN + 1; else - invalid_handle = valid_handle - 1; + key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) - 1; + + invalid_handle = + mbedtls_svc_key_id_make( 0, key_id ); break; case INVALID_HANDLE_CLOSED: PSA_ASSERT( psa_import_key( &attributes, @@ -716,7 +730,8 @@ void invalid_handle( int handle_construction, PSA_ASSERT( psa_destroy_key( invalid_handle ) ); break; case INVALID_HANDLE_HUGE: - invalid_handle = (psa_key_handle_t) ( -1 ); + invalid_handle = + mbedtls_svc_key_id_make( 0, PSA_KEY_ID_VENDOR_MAX + 1 ); break; default: TEST_ASSERT( ! "unknown handle construction" ); From 2d52eb2f78efe29c1532c682c3f0a56d92915458 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 17 Sep 2020 13:58:00 +0200 Subject: [PATCH 08/55] tests: Fix invalid key identifier error code PSA Crypto API spec defines the error code for an invalid key identifier as PSA_ERROR_INVALID_HANDLE. Signed-off-by: Ronald Cron --- .../test_suite_psa_crypto_se_driver_hal.data | 2 +- .../test_suite_psa_crypto_slot_management.data | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index e5eee58d9a5e..645e27d3c5a5 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -148,7 +148,7 @@ Key registration: not supported register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:1:-1:PSA_ERROR_NOT_SUPPORTED Key registration: key id out of range -register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_ARGUMENT +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_HANDLE Key registration: key id in vendor range register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX:1:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index e16089d65748..10521e1d51e7 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -72,15 +72,15 @@ create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x3617:1:KEEP_OPEN Open failure: invalid identifier (0) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -open_fail:0:PSA_ERROR_INVALID_ARGUMENT +open_fail:0:PSA_ERROR_INVALID_HANDLE Open failure: invalid identifier (random seed UID) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -open_fail:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT +open_fail:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_HANDLE Open failure: invalid identifier (reserved range) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -open_fail:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_ARGUMENT +open_fail:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_HANDLE Open failure: invalid identifier (implementation range) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C @@ -95,19 +95,19 @@ create_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT Create failure: invalid key id (0) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT +create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_HANDLE Create failure: invalid key id (random seed UID) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT +create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_HANDLE Create failure: invalid key id (reserved range) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_ARGUMENT +create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_HANDLE Create failure: invalid key id (implementation range) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_INVALID_ARGUMENT +create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_INVALID_HANDLE Open not supported depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C From 432e19c7b276c785e350fe4bb45848783393f2d0 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 17 Sep 2020 14:12:30 +0200 Subject: [PATCH 09/55] tests: Fix error codes when using "invalid" handles As handles are now key identifiers, a handle may be valid now even if it does not refer to any key known to the library. Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto.function | 6 +++--- tests/suites/test_suite_psa_crypto_slot_management.data | 4 ++-- .../suites/test_suite_psa_crypto_slot_management.function | 8 ++++---- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index fbd7195ccdaf..f79d9b3d9ee5 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1188,7 +1188,7 @@ static int test_operations_on_invalid_handle( psa_key_handle_t handle ) psa_set_key_algorithm( &attributes, PSA_ALG_CTR ); psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); TEST_EQUAL( psa_get_key_attributes( handle, &attributes ), - PSA_ERROR_INVALID_HANDLE ); + PSA_ERROR_DOES_NOT_EXIST ); TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 ); TEST_EQUAL( @@ -1201,10 +1201,10 @@ static int test_operations_on_invalid_handle( psa_key_handle_t handle ) TEST_EQUAL( psa_export_key( handle, buffer, sizeof( buffer ), &length ), - PSA_ERROR_INVALID_HANDLE ); + PSA_ERROR_DOES_NOT_EXIST ); TEST_EQUAL( psa_export_public_key( handle, buffer, sizeof( buffer ), &length ), - PSA_ERROR_INVALID_HANDLE ); + PSA_ERROR_DOES_NOT_EXIST ); ok = 1; diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 10521e1d51e7..2b3087ff940f 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -156,10 +156,10 @@ invalid handle: 0 invalid_handle:INVALID_HANDLE_0:PSA_SUCCESS:PSA_ERROR_INVALID_HANDLE invalid handle: never opened -invalid_handle:INVALID_HANDLE_UNOPENED:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE +invalid_handle:INVALID_HANDLE_UNOPENED:PSA_ERROR_DOES_NOT_EXIST:PSA_ERROR_DOES_NOT_EXIST invalid handle: already closed -invalid_handle:INVALID_HANDLE_CLOSED:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE +invalid_handle:INVALID_HANDLE_CLOSED:PSA_ERROR_DOES_NOT_EXIST:PSA_ERROR_DOES_NOT_EXIST invalid handle: huge invalid_handle:INVALID_HANDLE_HUGE:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index c688474aa5f0..fe3e5f9872cb 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -165,8 +165,8 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, /* Test that the handle is now invalid. */ TEST_EQUAL( psa_get_key_attributes( handle, &attributes ), - PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); + PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_DOES_NOT_EXIST ); exit: PSA_DONE( ); @@ -253,9 +253,9 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, /* Test that the handle is now invalid. */ TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ), - PSA_ERROR_INVALID_HANDLE ); + PSA_ERROR_DOES_NOT_EXIST ); psa_reset_key_attributes( &read_attributes ); - TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_DOES_NOT_EXIST ); /* Try to reopen the key. If we destroyed it, check that it doesn't * exist. Otherwise check that it still exists and has the expected From 4184107d2e53d05d7a7b54e948da8cf63e7734fd Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 17 Sep 2020 15:28:26 +0200 Subject: [PATCH 10/55] tests: Fix checks of volatile key identifier Volatile keys have now a volatile non-null key identifier. Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto.function | 9 ++++++++- .../suites/test_suite_psa_crypto_se_driver_hal.function | 1 + 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f79d9b3d9ee5..23d827ec4bd7 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -19,6 +19,7 @@ #define HAVE_RAM_AVAILABLE_128K #include "psa/crypto.h" +#include "psa_crypto_slot_management.h" /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; @@ -245,7 +246,13 @@ int check_key_attributes_sanity( psa_key_handle_t key ) /* Persistence */ if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) - TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) == 0 ); + { + TEST_ASSERT( + ( PSA_KEY_ID_VOLATILE_MIN <= + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) && + ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <= + PSA_KEY_ID_VOLATILE_MAX ) ); + } else { TEST_ASSERT( diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index a1d542d74902..f22e6b7ec6a3 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -972,6 +972,7 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( sizeof( key_material ) ) ); psa_set_key_slot_number( &attributes, min_slot ); + psa_set_key_id( &attributes, handle ); if( ! check_key_attributes( handle, &attributes ) ) goto exit; From e4f6d5c5fe5b2ac9fa93c067d4553754f6a8a02b Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 9 Nov 2020 17:47:52 +0100 Subject: [PATCH 11/55] tests: Fix persistent slot lifecycle tests Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto_slot_management.function | 6 ------ 1 file changed, 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index fe3e5f9872cb..12cf3eac9901 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -251,12 +251,6 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, if( ! invalidate_psa( close_method ) ) goto exit; - /* Test that the handle is now invalid. */ - TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ), - PSA_ERROR_DOES_NOT_EXIST ); - psa_reset_key_attributes( &read_attributes ); - TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_DOES_NOT_EXIST ); - /* Try to reopen the key. If we destroyed it, check that it doesn't * exist. Otherwise check that it still exists and has the expected * content. */ From cf56a0a320469a28d8b825f7f028fa5ea01c2ac3 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 4 Aug 2020 09:51:30 +0200 Subject: [PATCH 12/55] psa: Move from key handle to key identifier Move all the PSA crypto APIs using key handles to use key identifiers but psa_key_open() and psa_key_close(). This is done without modifying any test as key handles and key identifiers are now the same. Update the library modules using PSA crypto APIs to get rid of key handles. Programs and unit tests are updated to not use key handles in subsequent commits, not in this one. Signed-off-by: Ronald Cron --- README.md | 2 +- docs/architecture/testing/invasive-testing.md | 4 +- docs/getting_started.md | 64 ++-- docs/proposed/psa-driver-developer-guide.md | 4 - docs/proposed/psa-driver-interface.md | 4 +- include/mbedtls/cipher_internal.h | 2 +- include/mbedtls/pk.h | 11 +- include/mbedtls/ssl.h | 15 +- include/mbedtls/ssl_internal.h | 12 +- include/psa/crypto.h | 318 +++++++----------- include/psa/crypto_compat.h | 135 ++++++++ include/psa/crypto_types.h | 8 +- include/psa/crypto_values.h | 40 +-- library/pk.c | 15 +- library/pk_wrap.c | 16 +- library/pkwrite.c | 10 +- library/psa_crypto.c | 139 ++++---- library/ssl_cli.c | 4 +- library/ssl_srv.c | 6 +- library/ssl_tls.c | 51 ++- 20 files changed, 445 insertions(+), 415 deletions(-) diff --git a/README.md b/README.md index 2058d24d615d..ac2a6ab44888 100644 --- a/README.md +++ b/README.md @@ -208,7 +208,7 @@ The design goals of the PSA cryptography API include: * The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired. * The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example, in order to take advantage of hardware accelerators. -* All access to the keys happens through handles, which allows support for external cryptoprocessors that is transparent to applications. +* All access to the keys happens through key identifiers, which allows support for external cryptoprocessors that is transparent to applications. * The interface to algorithms is generic, favoring algorithm agility. * The interface is designed to be easy to use and hard to accidentally misuse. diff --git a/docs/architecture/testing/invasive-testing.md b/docs/architecture/testing/invasive-testing.md index 744f194013a4..de611a567bc6 100644 --- a/docs/architecture/testing/invasive-testing.md +++ b/docs/architecture/testing/invasive-testing.md @@ -100,7 +100,7 @@ Resources include: * Memory. * Files in storage (PSA API only — in the Mbed TLS API, black-box unit tests are sufficient). -* Key handles (PSA API only). +* Key slots (PSA API only). * Key slots in a secure element (PSA SE HAL). * Communication handles (PSA crypto service only). @@ -116,7 +116,7 @@ When code should clean up resources, how do we know that they have truly been cl * Zeroization of confidential data after use. * Freeing memory. -* Closing key handles. +* Freeing key slots. * Freeing key slots in a secure element. * Deleting files in storage (PSA API only). diff --git a/docs/getting_started.md b/docs/getting_started.md index e274f49d7829..15d5a318215f 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -64,7 +64,7 @@ To use the Mbed Crypto APIs, call `psa_crypto_init()` before calling any other A ### Importing a key To use a key for cryptography operations in Mbed Crypto, you need to first -import it. Importing the key creates a handle that refers to the key for use +import it. The import operation returns the identifier of the key for use with other function calls. **Prerequisites to importing keys:** @@ -76,7 +76,7 @@ void import_a_key(const uint8_t *key, size_t key_len) { psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle; + psa_key_id_t key; printf("Import an AES key...\t"); fflush(stdout); @@ -95,7 +95,7 @@ void import_a_key(const uint8_t *key, size_t key_len) psa_set_key_bits(&attributes, 128); /* Import the key */ - status = psa_import_key(&attributes, key, key_len, &handle); + status = psa_import_key(&attributes, key, key_len, &key); if (status != PSA_SUCCESS) { printf("Failed to import key\n"); return; @@ -106,7 +106,7 @@ void import_a_key(const uint8_t *key, size_t key_len) psa_reset_key_attributes(&attributes); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(key); mbedtls_psa_crypto_free(); } @@ -135,7 +135,7 @@ void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) 0xa9, 0xe8, 0xcc, 0xac, 0xd0, 0xf6, 0x54, 0x5c}; uint8_t signature[PSA_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; - psa_key_handle_t handle; + psa_key_id_t key; printf("Sign a message...\t"); fflush(stdout); @@ -154,14 +154,14 @@ void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) psa_set_key_bits(&attributes, 1024); /* Import the key */ - status = psa_import_key(&attributes, key, key_len, &handle); + status = psa_import_key(&attributes, key, key_len, &key); if (status != PSA_SUCCESS) { printf("Failed to import key\n"); return; } /* Sign message using the key */ - status = psa_sign_hash(handle, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, + status = psa_sign_hash(key, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, hash, sizeof(hash), signature, sizeof(signature), &signature_length); @@ -176,7 +176,7 @@ void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) psa_reset_key_attributes(&attributes); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(key); mbedtls_psa_crypto_free(); } @@ -188,7 +188,7 @@ Mbed Crypto supports encrypting and decrypting messages using various symmetric **Prerequisites to working with the symmetric cipher API:** * Initialize the library with a successful call to `psa_crypto_init()`. -* Have a handle to a symmetric key. This key's usage flags must include `PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption. +* Have a symmetric key. This key's usage flags must include `PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption. **To encrypt a message with a symmetric cipher:** 1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. @@ -213,7 +213,7 @@ void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) size_t iv_len; uint8_t output[block_size]; size_t output_len; - psa_key_handle_t handle; + psa_key_id_t key; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; printf("Encrypt with cipher...\t"); @@ -232,7 +232,7 @@ void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) psa_set_key_algorithm(&attributes, alg); psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, key_len, &handle); + status = psa_import_key(&attributes, key, key_len, &key); if (status != PSA_SUCCESS) { printf("Failed to import a key\n"); return; @@ -240,7 +240,7 @@ void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) psa_reset_key_attributes(&attributes); /* Encrypt the plaintext */ - status = psa_cipher_encrypt_setup(&operation, handle, alg); + status = psa_cipher_encrypt_setup(&operation, key, alg); if (status != PSA_SUCCESS) { printf("Failed to begin cipher operation\n"); return; @@ -268,7 +268,7 @@ void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) psa_cipher_abort(&operation); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(key); mbedtls_psa_crypto_free(); } @@ -298,7 +298,7 @@ void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) uint8_t iv[block_size] = ENCRYPTED_WITH_IV; uint8_t output[block_size]; size_t output_len; - psa_key_handle_t handle; + psa_key_id_t key; printf("Decrypt with cipher...\t"); fflush(stdout); @@ -316,7 +316,7 @@ void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) psa_set_key_algorithm(&attributes, alg); psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, key_len, &handle); + status = psa_import_key(&attributes, key, key_len, &key); if (status != PSA_SUCCESS) { printf("Failed to import a key\n"); return; @@ -324,7 +324,7 @@ void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) psa_reset_key_attributes(&attributes); /* Decrypt the ciphertext */ - status = psa_cipher_decrypt_setup(&operation, handle, alg); + status = psa_cipher_decrypt_setup(&operation, key, alg); if (status != PSA_SUCCESS) { printf("Failed to begin cipher operation\n"); return; @@ -352,7 +352,7 @@ void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) psa_cipher_abort(&operation); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(key); mbedtls_psa_crypto_free(); } @@ -592,8 +592,8 @@ derived from the key, salt and info provided: PSA_KEY_DERIVATION_OPERATION_INIT; size_t derived_bits = 128; size_t capacity = PSA_BITS_TO_BYTES(derived_bits); - psa_key_handle_t base_key; - psa_key_handle_t derived_key; + psa_key_id_t base_key; + psa_key_id_t derived_key; printf("Derive a key (HKDF)...\t"); fflush(stdout); @@ -702,7 +702,7 @@ This example shows how to authenticate and encrypt a message: size_t output_length = 0; size_t tag_length = 16; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle; + psa_key_id_t key; printf("Authenticate encrypt...\t"); fflush(stdout); @@ -726,11 +726,11 @@ This example shows how to authenticate and encrypt a message: psa_set_key_algorithm(&attributes, PSA_ALG_CCM); psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, sizeof(key), &handle); + status = psa_import_key(&attributes, key, sizeof(key), &key); psa_reset_key_attributes(&attributes); /* Authenticate and encrypt */ - status = psa_aead_encrypt(handle, PSA_ALG_CCM, + status = psa_aead_encrypt(key, PSA_ALG_CCM, nonce, sizeof(nonce), additional_data, sizeof(additional_data), input_data, sizeof(input_data), @@ -747,7 +747,7 @@ This example shows how to authenticate and encrypt a message: free(output_data); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(key); mbedtls_psa_crypto_free(); ``` @@ -756,7 +756,7 @@ This example shows how to authenticate and decrypt a message: ```C psa_status_t status; - static const uint8_t key[] = { + static const uint8_t key_data[] = { 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF }; static const uint8_t nonce[] = { @@ -773,7 +773,7 @@ This example shows how to authenticate and decrypt a message: size_t output_size = 0; size_t output_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle; + psa_key_id_t key; printf("Authenticate decrypt...\t"); fflush(stdout); @@ -797,7 +797,7 @@ This example shows how to authenticate and decrypt a message: psa_set_key_algorithm(&attributes, PSA_ALG_CCM); psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, sizeof(key), &handle); + status = psa_import_key(&attributes, key_data, sizeof(key_data), &key); if (status != PSA_SUCCESS) { printf("Failed to import a key\n"); return; @@ -805,7 +805,7 @@ This example shows how to authenticate and decrypt a message: psa_reset_key_attributes(&attributes); /* Authenticate and decrypt */ - status = psa_aead_decrypt(handle, PSA_ALG_CCM, + status = psa_aead_decrypt(key, PSA_ALG_CCM, nonce, sizeof(nonce), additional_data, sizeof(additional_data), input_data, sizeof(input_data), @@ -822,7 +822,7 @@ This example shows how to authenticate and decrypt a message: free(output_data); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(key); mbedtls_psa_crypto_free(); ``` @@ -848,7 +848,7 @@ Mbed Crypto provides a simple way to generate a key or key pair. size_t exported_length = 0; static uint8_t exported[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)]; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle; + psa_key_id_t key; printf("Generate a key pair...\t"); fflush(stdout); @@ -867,14 +867,14 @@ Mbed Crypto provides a simple way to generate a key or key pair. psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); psa_set_key_bits(&attributes, key_bits); - status = psa_generate_key(&attributes, &handle); + status = psa_generate_key(&attributes, &key); if (status != PSA_SUCCESS) { printf("Failed to generate key\n"); return; } psa_reset_key_attributes(&attributes); - status = psa_export_public_key(handle, exported, sizeof(exported), + status = psa_export_public_key(key, exported, sizeof(exported), &exported_length); if (status != PSA_SUCCESS) { printf("Failed to export public key %ld\n", status); @@ -884,7 +884,7 @@ Mbed Crypto provides a simple way to generate a key or key pair. printf("Exported a public key\n"); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(key); mbedtls_psa_crypto_free(); ``` diff --git a/docs/proposed/psa-driver-developer-guide.md b/docs/proposed/psa-driver-developer-guide.md index c221bb247da4..70cb9d397d62 100644 --- a/docs/proposed/psa-driver-developer-guide.md +++ b/docs/proposed/psa-driver-developer-guide.md @@ -36,10 +36,6 @@ A driver therefore consists of: Mbed TLS calls driver entry points [as specified in the PSA Cryptography Driver Interface specification](psa-driver-interface.html#driver-entry-points) except as otherwise indicated in this section. -### Key handles - -Mbed TLS currently implements the interface for opening and closing persistent keys from version 1.0 beta 3 of the PSA Crypto specification. As a consequence, functions that operate on an existing key take an argument of type `psa_key_handle_t` instead of `psa_key_id_t`. Functions that create a new key take an argument of type `psa_key_handle_t *` instead of `psa_key_id_t *`. - ## Building and testing your driver diff --git a/docs/proposed/psa-driver-interface.md b/docs/proposed/psa-driver-interface.md index 56e2b29e9579..5ec313451661 100644 --- a/docs/proposed/psa-driver-interface.md +++ b/docs/proposed/psa-driver-interface.md @@ -580,8 +580,8 @@ psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_size(&attributes, 128); psa_set_key_algorithm(&attributes, PSA_ALG_GCM); psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); -psa_key_handle_t handle = 0; -psa_generate_key(&attributes, &handle); +psa_key_id_t key; +psa_generate_key(&attributes, &key); ``` ## Using opaque drivers from an application diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h index d28310847a10..2484c01c7a49 100644 --- a/include/mbedtls/cipher_internal.h +++ b/include/mbedtls/cipher_internal.h @@ -134,7 +134,7 @@ typedef enum typedef struct { psa_algorithm_t alg; - psa_key_handle_t slot; + psa_key_id_t slot; mbedtls_cipher_psa_key_ownership slot_state; } mbedtls_cipher_context_psa; #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 22fab13bdac8..7d0f977d5d28 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -331,12 +331,13 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); * * \return \c 0 on success. * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input - * (context already used, invalid key handle). + * (context already used, invalid key identifier). * \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an * ECC key pair. * \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. */ -int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key ); +int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, + const psa_key_id_t key ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) @@ -858,9 +859,9 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); * * \param pk Input: the EC key to import to a PSA key. * Output: a PK context wrapping that PSA key. - * \param handle Output: a PSA key handle. + * \param key Output: a PSA key identifier. * It's the caller's responsibility to call - * psa_destroy_key() on that handle after calling + * psa_destroy_key() on that key identifier after calling * mbedtls_pk_free() on the PK context. * \param hash_alg The hash algorithm to allow for use with that key. * @@ -868,7 +869,7 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); * \return An Mbed TLS error code otherwise. */ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, - psa_key_handle_t *handle, + psa_key_id_t *key, psa_algorithm_t hash_alg ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 1b4e163f614a..e4af30a2bb63 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1063,11 +1063,12 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t psk_opaque; /*!< PSA key slot holding opaque PSK. - * This field should only be set via - * mbedtls_ssl_conf_psk_opaque(). - * If either no PSK or a raw PSK have - * been configured, this has value \c 0. */ + psa_key_id_t psk_opaque; /*!< PSA key slot holding opaque PSK. This field + * should only be set via + * mbedtls_ssl_conf_psk_opaque(). + * If either no PSK or a raw PSK have been + * configured, this has value \c 0. + */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ unsigned char *psk; /*!< The raw pre-shared key. This field should @@ -2814,7 +2815,7 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, - psa_key_handle_t psk, + psa_key_id_t psk, const unsigned char *psk_identity, size_t psk_identity_len ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -2860,7 +2861,7 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, - psa_key_handle_t psk ); + psa_key_id_t psk ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /** diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 015b53c2b822..9f8d71787d5c 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -443,7 +443,7 @@ struct mbedtls_ssl_handshake_params #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_key_type_t ecdh_psa_type; uint16_t ecdh_bits; - psa_key_handle_t ecdh_psa_privkey; + psa_key_id_t ecdh_psa_privkey; unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; size_t ecdh_psa_peerkey_len; #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -462,7 +462,7 @@ struct mbedtls_ssl_handshake_params #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t psk_opaque; /*!< Opaque PSK from the callback */ + psa_key_id_t psk_opaque; /*!< Opaque PSK from the callback */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ unsigned char *psk; /*!< PSK from the callback */ size_t psk_len; /*!< Length of PSK from callback */ @@ -1061,16 +1061,16 @@ static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl, * 2. static PSK configured by \c mbedtls_ssl_conf_psk_opaque() * Return an opaque PSK */ -static inline psa_key_handle_t mbedtls_ssl_get_opaque_psk( +static inline psa_key_id_t mbedtls_ssl_get_opaque_psk( const mbedtls_ssl_context *ssl ) { - if( ! psa_key_handle_is_null( ssl->handshake->psk_opaque ) ) + if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) return( ssl->handshake->psk_opaque ); - if( ! psa_key_handle_is_null( ssl->conf->psk_opaque ) ) + if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) ) return( ssl->conf->psk_opaque ); - return( PSA_KEY_HANDLE_INIT ); + return( MBEDTLS_SVC_KEY_ID_INIT ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5ba16b987ff3..2620af5ba320 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -348,7 +348,7 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); * Once you have called this function on an attribute structure, * you must call psa_reset_key_attributes() to free these resources. * - * \param[in] handle Handle to the key to query. + * \param[in] key Identifier of the key to query. * \param[in,out] attributes On success, the attributes of the key. * On failure, equivalent to a * freshly-initialized structure. @@ -364,7 +364,7 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_get_key_attributes(psa_key_handle_t handle, +psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, psa_key_attributes_t *attributes); /** Reset a key attribute structure to a freshly initialized state. @@ -387,94 +387,6 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * @{ */ -/** Open a handle to an existing persistent key. - * - * Open a handle to a persistent key. A key is persistent if it was created - * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key - * always has a nonzero key identifier, set with psa_set_key_id() when - * creating the key. Implementations may provide additional pre-provisioned - * keys that can be opened with psa_open_key(). Such keys have an application - * key identifier in the vendor range, as documented in the description of - * #psa_key_id_t. - * - * The application must eventually close the handle with psa_close_key() or - * psa_destroy_key() to release associated resources. If the application dies - * without calling one of these functions, the implementation should perform - * the equivalent of a call to psa_close_key(). - * - * Some implementations permit an application to open the same key multiple - * times. If this is successful, each call to psa_open_key() will return a - * different key handle. - * - * \note Applications that rely on opening a key multiple times will not be - * portable to implementations that only permit a single key handle to be - * opened. See also :ref:\`key-handles\`. - * - * \param key The persistent identifier of the key. - * \param[out] handle On success, a handle to the key. - * - * \retval #PSA_SUCCESS - * Success. The application can now use the value of `*handle` - * to access the key. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * The implementation does not have sufficient resources to open the - * key. This can be due to reaching an implementation limit on the - * number of open keys, the number of open key handles, or available - * memory. - * \retval #PSA_ERROR_DOES_NOT_EXIST - * There is no persistent key with key identifier \p id. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p id is not a valid persistent key identifier. - * \retval #PSA_ERROR_NOT_PERMITTED - * The specified key exists, but the application does not have the - * permission to access it. Note that this specification does not - * define any way to create such a key, but it may be possible - * through implementation-specific means. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_open_key( mbedtls_svc_key_id_t key, - psa_key_handle_t *handle ); - -/** Close a key handle. - * - * If the handle designates a volatile key, this will destroy the key material - * and free all associated resources, just like psa_destroy_key(). - * - * If this is the last open handle to a persistent key, then closing the handle - * will free all resources associated with the key in volatile memory. The key - * data in persistent storage is not affected and can be opened again later - * with a call to psa_open_key(). - * - * Closing the key handle makes the handle invalid, and the key handle - * must not be used again by the application. - * - * \note If the key handle was used to set up an active - * :ref:\`multipart operation \`, then closing the - * key handle can cause the multipart operation to fail. Applications should - * maintain the key handle until after the multipart operation has finished. - * - * \param handle The key handle to close. - * If this is \c 0, do nothing and return \c PSA_SUCCESS. - * - * \retval #PSA_SUCCESS - * \p handle was a valid handle or \c 0. It is now closed. - * \retval #PSA_ERROR_INVALID_HANDLE - * \p handle is not a valid handle nor \c 0. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_close_key(psa_key_handle_t handle); - /** Make a copy of a key. * * Copy key material from one location to another. @@ -512,7 +424,10 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * The effect of this function on implementation-defined attributes is * implementation-defined. * - * \param source_handle The key to copy. It must be a valid key handle. + * \param source_key The key to copy. It must allow the usage + * PSA_KEY_USAGE_COPY. If a private or secret key is + * being copied outside of a secure element it must + * also allow PSA_KEY_USAGE_EXPORT. * \param[in] attributes The attributes for the new key. * They are used as follows: * - The key type and size may be 0. If either is @@ -526,12 +441,12 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * the source key and \p attributes so that * both sets of restrictions apply, as * described in the documentation of this function. - * \param[out] target_handle On success, a handle to the newly created key. - * \c 0 on failure. + * \param[out] target_key On success, an identifier for the newly created + * key. \c 0 on failure. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE - * \p source_handle is invalid. + * \p source_key is invalid. * \retval #PSA_ERROR_ALREADY_EXISTS * This is an attempt to create a persistent key, and there is * already a persistent key with the given identifier. @@ -559,9 +474,9 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_copy_key(psa_key_handle_t source_handle, +psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key, const psa_key_attributes_t *attributes, - psa_key_handle_t *target_handle); + mbedtls_svc_key_id_t *target_key); /** @@ -572,28 +487,22 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle, * make a best effort to ensure that that the key material cannot be recovered. * * This function also erases any metadata such as policies and frees - * resources associated with the key. To free all resources associated with - * the key, all handles to the key must be closed or destroyed. - * - * Destroying the key makes the handle invalid, and the key handle - * must not be used again by the application. Using other open handles to the - * destroyed key in a cryptographic operation will result in an error. + * resources associated with the key. * * If a key is currently in use in a multipart operation, then destroying the * key will cause the multipart operation to fail. * - * \param handle Handle to the key to erase. - * If this is \c 0, do nothing and return \c PSA_SUCCESS. + * \param key Identifier of the key to erase. If this is \c 0, do nothing and + * return PSA_SUCCESS. * * \retval #PSA_SUCCESS - * \p handle was a valid handle and the key material that it - * referred to has been erased. - * Alternatively, \p handle is \c 0. + * \p key was a valid identifier and the key material that it + * referred to has been erased. Alternatively, \p key is \c 0. * \retval #PSA_ERROR_NOT_PERMITTED * The key cannot be erased because it is * read-only, either due to a policy or due to physical restrictions. * \retval #PSA_ERROR_INVALID_HANDLE - * \p handle is not a valid handle nor \c 0. + * \p key is not a valid identifier nor \c 0. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * There was an failure in communication with the cryptoprocessor. * The key material may still be present in the cryptoprocessor. @@ -611,7 +520,7 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_destroy_key(psa_key_handle_t handle); +psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key); /**@}*/ @@ -646,7 +555,7 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * \p data buffer. * If the key size in \p attributes is nonzero, * it must be equal to the size from \p data. - * \param[out] handle On success, a handle to the newly created key. + * \param[out] key On success, an identifier to the newly created key. * \c 0 on failure. * \param[in] data Buffer containing the key data. The content of this * buffer is interpreted according to the type declared @@ -691,7 +600,7 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); psa_status_t psa_import_key(const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, - psa_key_handle_t *handle); + mbedtls_svc_key_id_t *key); @@ -752,7 +661,9 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, * * The policy on the key must have the usage flag #PSA_KEY_USAGE_EXPORT set. * - * \param handle Handle to the key to export. + * \param key Identifier of the key to export. It must allow the + * usage PSA_KEY_USAGE_EXPORT, unless it is a public + * key. * \param[out] data Buffer where the key data is to be written. * \param data_size Size of the \p data buffer in bytes. * \param[out] data_length On success, the number of bytes @@ -779,7 +690,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_export_key(psa_key_handle_t handle, +psa_status_t psa_export_key(mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length); @@ -822,7 +733,7 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * Exporting a public key object or the public part of a key pair is * always permitted, regardless of the key's usage flags. * - * \param handle Handle to the key to export. + * \param key Identifier of the key to export. * \param[out] data Buffer where the key data is to be written. * \param data_size Size of the \p data buffer in bytes. * \param[out] data_length On success, the number of bytes @@ -849,7 +760,7 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_export_public_key(psa_key_handle_t handle, +psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length); @@ -1226,7 +1137,8 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * about the MAC value which could allow an attacker to guess * a valid MAC and thereby bypass security controls. * - * \param handle Handle to the key to use for the operation. + * \param key Identifier of the key to use for the operation. It + * must allow the usage PSA_KEY_USAGE_SIGN_MESSAGE. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(\p alg) is true). * \param[in] input Buffer containing the input message. @@ -1241,7 +1153,7 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. * \retval #PSA_ERROR_BUFFER_TOO_SMALL @@ -1257,7 +1169,7 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_mac_compute(psa_key_handle_t handle, +psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -1267,7 +1179,8 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle, /** Calculate the MAC of a message and compare it with a reference value. * - * \param handle Handle to the key to use for the operation. + * \param key Identifier of the key to use for the operation. It + * must allow the usage PSA_KEY_USAGE_VERIFY_MESSAGE. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(\p alg) is true). * \param[in] input Buffer containing the input message. @@ -1283,7 +1196,7 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle, * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1297,7 +1210,7 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_mac_verify(psa_key_handle_t handle, +psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -1382,9 +1295,9 @@ static psa_mac_operation_t psa_mac_operation_init(void); * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for * #psa_mac_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. + * \param key Identifier of the key to use for the operation. It + * must remain valid until the operation terminates. + * It must allow the usage PSA_KEY_USAGE_SIGN_MESSAGE. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(\p alg) is true). * @@ -1393,7 +1306,7 @@ static psa_mac_operation_t psa_mac_operation_init(void); * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1410,7 +1323,7 @@ static psa_mac_operation_t psa_mac_operation_init(void); * results in this error code. */ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg); /** Set up a multipart MAC verification operation. @@ -1444,9 +1357,10 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for * #psa_mac_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. + * \param key Identifier of the key to use for the operation. It + * must remain valid until the operation terminates. + * It must allow the usage + * PSA_KEY_USAGE_VERIFY_MESSAGE. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(\p alg) is true). * @@ -1472,7 +1386,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * results in this error code. */ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg); /** Add a message fragment to a multipart MAC operation. @@ -1639,9 +1553,8 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * vector). Use the multipart operation interface with a * #psa_cipher_operation_t object to provide other forms of IV. * - * \param handle Handle to the key to use for the operation. - * It must remain valid until the operation - * terminates. + * \param key Identifier of the key to use for the operation. + * It must allow the usage PSA_KEY_USAGE_ENCRYPT. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). @@ -1659,7 +1572,7 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. * \retval #PSA_ERROR_BUFFER_TOO_SMALL @@ -1673,7 +1586,7 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, +psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -1685,9 +1598,10 @@ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, * * This function decrypts a message encrypted with a symmetric cipher. * - * \param handle Handle to the key to use for the operation. + * \param key Identifier of the key to use for the operation. * It must remain valid until the operation - * terminates. + * terminates. It must allow the usage + * PSA_KEY_USAGE_DECRYPT. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). @@ -1705,7 +1619,7 @@ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. * \retval #PSA_ERROR_BUFFER_TOO_SMALL @@ -1719,7 +1633,7 @@ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, +psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -1805,9 +1719,10 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for * #psa_cipher_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. + * \param key Identifier of the key to use for the operation. * It must remain valid until the operation - * terminates. + * terminates. It must allow the usage + * PSA_KEY_USAGE_ENCRYPT. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). @@ -1817,7 +1732,7 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1833,7 +1748,7 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * results in this error code. */ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg); /** Set the key for a multipart symmetric decryption operation. @@ -1868,9 +1783,10 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for * #psa_cipher_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. + * \param key Identifier of the key to use for the operation. * It must remain valid until the operation - * terminates. + * terminates. It must allow the usage + * PSA_KEY_USAGE_DECRYPT. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). @@ -1880,7 +1796,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1896,7 +1812,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * results in this error code. */ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg); /** Generate an IV for a symmetric encryption operation. @@ -2110,7 +2026,9 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); /** Process an authenticated encryption operation. * - * \param handle Handle to the key to use for the operation. + * \param key Identifier of the key to use for the + * operation. It must allow the usage + * PSA_KEY_USAGE_ENCRYPT. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -2141,7 +2059,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2156,7 +2074,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_aead_encrypt(psa_key_handle_t handle, +psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, @@ -2170,7 +2088,9 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t handle, /** Process an authenticated decryption operation. * - * \param handle Handle to the key to use for the operation. + * \param key Identifier of the key to use for the + * operation. It must allow the usage + * PSA_KEY_USAGE_DECRYPT. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -2201,7 +2121,7 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t handle, * The ciphertext is not authentic. * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2216,7 +2136,7 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t handle, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_aead_decrypt(psa_key_handle_t handle, +psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, @@ -2312,9 +2232,10 @@ static psa_aead_operation_t psa_aead_operation_init(void); * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for * #psa_aead_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. + * \param key Identifier of the key to use for the operation. * It must remain valid until the operation - * terminates. + * terminates. It must allow the usage + * PSA_KEY_USAGE_ENCRYPT. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -2326,7 +2247,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2340,7 +2261,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * results in this error code. */ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg); /** Set the key for a multipart authenticated decryption operation. @@ -2378,9 +2299,10 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for * #psa_aead_operation_t and not yet in use. - * \param handle Handle to the key to use for the operation. + * \param key Identifier of the key to use for the operation. * It must remain valid until the operation - * terminates. + * terminates. It must allow the usage + * PSA_KEY_USAGE_DECRYPT. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -2392,7 +2314,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p handle is not compatible with \p alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2406,7 +2328,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * results in this error code. */ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg); /** Generate a random nonce for an authenticated encryption operation. @@ -2864,10 +2786,11 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) * to determine the hash algorithm to use. * - * \param handle Handle to the key to use for the operation. - * It must be an asymmetric key pair. + * \param key Identifier of the key to use for the operation. + * It must be an asymmetric key pair. The key must + * allow the usage PSA_KEY_USAGE_SIGN_HASH. * \param alg A signature algorithm that is compatible with - * the type of \p handle. + * the type of \p key. * \param[in] hash The hash or message to sign. * \param hash_length Size of the \p hash buffer in bytes. * \param[out] signature Buffer where the signature is to be written. @@ -2883,7 +2806,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * determine a sufficient buffer size by calling * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p handle. + * respectively of \p key. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2897,7 +2820,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_sign_hash(psa_key_handle_t handle, +psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -2914,10 +2837,11 @@ psa_status_t psa_sign_hash(psa_key_handle_t handle, * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) * to determine the hash algorithm to use. * - * \param handle Handle to the key to use for the operation. - * It must be a public key or an asymmetric key pair. + * \param key Identifier of the key to use for the operation. It + * must be a public key or an asymmetric key pair. The + * key must allow the usage PSA_KEY_USAGE_VERIFY_HASH. * \param alg A signature algorithm that is compatible with - * the type of \p handle. + * the type of \p key. * \param[in] hash The hash or message whose signature is to be * verified. * \param hash_length Size of the \p hash buffer in bytes. @@ -2943,7 +2867,7 @@ psa_status_t psa_sign_hash(psa_key_handle_t handle, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_verify_hash(psa_key_handle_t handle, +psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -2953,11 +2877,12 @@ psa_status_t psa_verify_hash(psa_key_handle_t handle, /** * \brief Encrypt a short message with a public key. * - * \param handle Handle to the key to use for the operation. - * It must be a public key or an asymmetric - * key pair. + * \param key Identifer of the key to use for the operation. + * It must be a public key or an asymmetric key + * pair. It must allow the usage + * PSA_KEY_USAGE_ENCRYPT. * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \p handle. + * compatible with the type of \p key. * \param[in] input The message to encrypt. * \param input_length Size of the \p input buffer in bytes. * \param[in] salt A salt or label, if supported by the @@ -2986,7 +2911,7 @@ psa_status_t psa_verify_hash(psa_key_handle_t handle, * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p handle. + * respectively of \p key. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -3000,7 +2925,7 @@ psa_status_t psa_verify_hash(psa_key_handle_t handle, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, +psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -3013,10 +2938,11 @@ psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, /** * \brief Decrypt a short message with a private key. * - * \param handle Handle to the key to use for the operation. - * It must be an asymmetric key pair. + * \param key Identifier of the key to use for the operation. + * It must be an asymmetric key pair. It must + * allow the usage PSA_KEY_USAGE_DECRYPT. * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \p handle. + * compatible with the type of \p key. * \param[in] input The message to decrypt. * \param input_length Size of the \p input buffer in bytes. * \param[in] salt A salt or label, if supported by the @@ -3045,7 +2971,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p handle. + * respectively of \p key. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -3060,7 +2986,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, +psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -3318,9 +3244,9 @@ psa_status_t psa_key_derivation_input_bytes( * psa_key_derivation_setup() and must not * have produced any output yet. * \param step Which step the input data is for. - * \param handle Handle to the key. It must have an - * appropriate type for \p step and must - * allow the usage #PSA_KEY_USAGE_DERIVE. + * \param key Identifier of the key. It must have an + * appropriate type for step and must allow the + * usage PSA_KEY_USAGE_DERIVE. * * \retval #PSA_SUCCESS * Success. @@ -3346,7 +3272,7 @@ psa_status_t psa_key_derivation_input_bytes( psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, - psa_key_handle_t handle); + mbedtls_svc_key_id_t key); /** Perform a key agreement and use the shared secret as input to a key * derivation. @@ -3371,7 +3297,8 @@ psa_status_t psa_key_derivation_input_key( * The operation must be ready for an * input of the type given by \p step. * \param step Which step the input data is for. - * \param private_key Handle to the private key to use. + * \param private_key Identifier of the private key to use. It must + * allow the usage PSA_KEY_USAGE_DERIVE. * \param[in] peer_key Public key of the peer. The peer key must be in the * same format that psa_import_key() accepts for the * public key type corresponding to the type of @@ -3415,7 +3342,7 @@ psa_status_t psa_key_derivation_input_key( psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, - psa_key_handle_t private_key, + mbedtls_svc_key_id_t private_key, const uint8_t *peer_key, size_t peer_key_length); @@ -3559,8 +3486,8 @@ psa_status_t psa_key_derivation_output_bytes( * * \param[in] attributes The attributes for the new key. * \param[in,out] operation The key derivation operation object to read from. - * \param[out] handle On success, a handle to the newly created key. - * \c 0 on failure. + * \param[out] key On success, an identifier for the newly created + * key. \c 0 on failure. * * \retval #PSA_SUCCESS * Success. @@ -3599,7 +3526,7 @@ psa_status_t psa_key_derivation_output_bytes( psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attributes, psa_key_derivation_operation_t *operation, - psa_key_handle_t *handle); + mbedtls_svc_key_id_t *key); /** Abort a key derivation operation. * @@ -3640,7 +3567,8 @@ psa_status_t psa_key_derivation_abort( * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_RAW_KEY_AGREEMENT(\p alg) * is true). - * \param private_key Handle to the private key to use. + * \param private_key Identifier of the private key to use. It must + * allow the usage PSA_KEY_USAGE_DERIVE. * \param[in] peer_key Public key of the peer. It must be * in the same format that psa_import_key() * accepts. The standard formats for public @@ -3678,7 +3606,7 @@ psa_status_t psa_key_derivation_abort( * results in this error code. */ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, - psa_key_handle_t private_key, + mbedtls_svc_key_id_t private_key, const uint8_t *peer_key, size_t peer_key_length, uint8_t *output, @@ -3734,8 +3662,8 @@ psa_status_t psa_generate_random(uint8_t *output, * attributes. * * \param[in] attributes The attributes for the new key. - * \param[out] handle On success, a handle to the newly created key. - * \c 0 on failure. + * \param[out] key On success, an identifier for the newly created + * key. \c 0 on failure. * * \retval #PSA_SUCCESS * Success. @@ -3759,7 +3687,7 @@ psa_status_t psa_generate_random(uint8_t *output, * results in this error code. */ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, - psa_key_handle_t *handle); + mbedtls_svc_key_id_t *key); /**@}*/ diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 4b607b6ff65f..fea2923114c7 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -34,6 +34,40 @@ extern "C" { #endif +/* + * To support temporary both openless APIs and psa_open_key(), define + * psa_key_handle_t to be equal to mbedtls_svc_key_id_t. Do not mark the + * type and its utility macros and functions deprecated yet. This will be done + * in a subsequent phase. + */ +typedef mbedtls_svc_key_id_t psa_key_handle_t; + +#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT + +/** Compare two handles. + * + * \param handle1 First handle. + * \param handle2 Second handle. + * + * \return Non-zero if the two handles are equal, zero otherwise. + */ +static inline int psa_key_handle_equal( psa_key_handle_t handle1, + psa_key_handle_t handle2 ) +{ + return( mbedtls_svc_key_id_equal( handle1, handle2 ) ); +} + +/** Check wether an handle is null. + * + * \param handle Handle + * + * \return Non-zero if the handle is null, zero otherwise. + */ +static inline int psa_key_handle_is_null( psa_key_handle_t handle ) +{ + return( mbedtls_svc_key_id_is_null( handle ) ); +} + #if !defined(MBEDTLS_DEPRECATED_REMOVED) /* @@ -223,6 +257,107 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key #define PSA_DH_GROUP_CUSTOM \ MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_CUSTOM ) +/** Open a handle to an existing persistent key. + * + * Open a handle to a persistent key. A key is persistent if it was created + * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key + * always has a nonzero key identifier, set with psa_set_key_id() when + * creating the key. Implementations may provide additional pre-provisioned + * keys that can be opened with psa_open_key(). Such keys have an application + * key identifier in the vendor range, as documented in the description of + * #psa_key_id_t. + * + * The application must eventually close the handle with psa_close_key() or + * psa_destroy_key() to release associated resources. If the application dies + * without calling one of these functions, the implementation should perform + * the equivalent of a call to psa_close_key(). + * + * Some implementations permit an application to open the same key multiple + * times. If this is successful, each call to psa_open_key() will return a + * different key handle. + * + * \note This API is not part of the PSA Cryptography API Release 1.0.0 + * specification. It was defined in the 1.0 Beta 3 version of the + * specification but was removed in the 1.0.0 released version. This API is + * kept for the time being to not break applications relying on it. It is not + * deprecated yet but will be in the near future. + * + * \note Applications that rely on opening a key multiple times will not be + * portable to implementations that only permit a single key handle to be + * opened. See also :ref:\`key-handles\`. + * + * + * \param key The persistent identifier of the key. + * \param[out] handle On success, a handle to the key. + * + * \retval #PSA_SUCCESS + * Success. The application can now use the value of `*handle` + * to access the key. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * The implementation does not have sufficient resources to open the + * key. This can be due to reaching an implementation limit on the + * number of open keys, the number of open key handles, or available + * memory. + * \retval #PSA_ERROR_DOES_NOT_EXIST + * There is no persistent key with key identifier \p id. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p id is not a valid persistent key identifier. + * \retval #PSA_ERROR_NOT_PERMITTED + * The specified key exists, but the application does not have the + * permission to access it. Note that this specification does not + * define any way to create such a key, but it may be possible + * through implementation-specific means. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_open_key( mbedtls_svc_key_id_t key, + psa_key_handle_t *handle ); + +/** Close a key handle. + * + * If the handle designates a volatile key, this will destroy the key material + * and free all associated resources, just like psa_destroy_key(). + * + * If this is the last open handle to a persistent key, then closing the handle + * will free all resources associated with the key in volatile memory. The key + * data in persistent storage is not affected and can be opened again later + * with a call to psa_open_key(). + * + * Closing the key handle makes the handle invalid, and the key handle + * must not be used again by the application. + * + * \note This API is not part of the PSA Cryptography API Release 1.0.0 + * specification. It was defined in the 1.0 Beta 3 version of the + * specification but was removed in the 1.0.0 released version. This API is + * kept for the time being to not break applications relying on it. It is not + * deprecated yet but will be in the near future. + * + * \note If the key handle was used to set up an active + * :ref:\`multipart operation \`, then closing the + * key handle can cause the multipart operation to fail. Applications should + * maintain the key handle until after the multipart operation has finished. + * + * \param handle The key handle to close. + * If this is \c 0, do nothing and return \c PSA_SUCCESS. + * + * \retval #PSA_SUCCESS + * \p handle was a valid handle or \c 0. It is now closed. + * \retval #PSA_ERROR_INVALID_HANDLE + * \p handle is not a valid handle nor \c 0. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_close_key(psa_key_handle_t handle); + #ifdef __cplusplus } #endif diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index b5e68d4bdeab..0a2ae54285f8 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -247,12 +247,6 @@ typedef struct #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ -/* - * To support temporary both openless APIs and psa_open_key(), define - * psa_key_handle_t to be equal to mbedtls_svc_key_id_t. - */ -typedef mbedtls_svc_key_id_t psa_key_handle_t; - /**@}*/ /** \defgroup policy Key policies @@ -358,7 +352,7 @@ typedef uint32_t psa_key_usage_t; * -# Call a key creation function: psa_import_key(), psa_generate_key(), * psa_key_derivation_output_key() or psa_copy_key(). This function reads * the attribute structure, creates a key with these attributes, and - * outputs a handle to the newly created key. + * outputs a key identifier to the newly created key. * -# The attribute structure is now no longer necessary. * You may call psa_reset_key_attributes(), although this is optional * with the workflow presented here because the attributes currently diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 5061ab4c9388..9828768a0d14 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -108,7 +108,7 @@ * as applicable. * * Implementations shall not return this error code to indicate that a - * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE + * key identifier is invalid, but shall return #PSA_ERROR_INVALID_HANDLE * instead. */ #define PSA_ERROR_BAD_STATE ((psa_status_t)-137) @@ -118,7 +118,7 @@ * combination of parameters are recognized as invalid. * * Implementations shall not return this error code to indicate that a - * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE + * key identifier is invalid, but shall return #PSA_ERROR_INVALID_HANDLE * instead. */ #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) @@ -266,7 +266,7 @@ * to read from a resource. */ #define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) -/** The key handle is not valid. See also :ref:\`key-handles\`. +/** The key identifier is not valid. See also :ref:\`key-handles\`. */ #define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) @@ -769,9 +769,9 @@ * an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each * call to sign or verify a message may use a different hash. * ``` - * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...); - * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...); - * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...); + * psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...); + * psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...); + * psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...); * ``` * * This value may not be used to build other algorithms that are @@ -1561,7 +1561,7 @@ /** The default lifetime for volatile keys. * - * A volatile key only exists as long as the handle to it is not closed. + * A volatile key only exists as long as the identifier to it is not destroyed. * The key material is guaranteed to be erased on a power reset. * * A key with this lifetime is typically stored in the RAM area of the @@ -1756,32 +1756,6 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ -#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT - -/** Compare two handles. - * - * \param handle1 First handle. - * \param handle2 Second handle. - * - * \return Non-zero if the two handles are equal, zero otherwise. - */ -static inline int psa_key_handle_equal( psa_key_handle_t handle1, - psa_key_handle_t handle2 ) -{ - return( mbedtls_svc_key_id_equal( handle1, handle2 ) ); -} - -/** Check wether an handle is null. - * - * \param handle Handle - * - * \return Non-zero if the handle is null, zero otherwise. - */ -static inline int psa_key_handle_is_null( psa_key_handle_t handle ) -{ - return( mbedtls_svc_key_id_is_null( handle ) ); -} - /**@}*/ /** \defgroup policy Key policies diff --git a/library/pk.c b/library/pk.c index 9a3bcb0dc611..ecf002d452c8 100644 --- a/library/pk.c +++ b/library/pk.c @@ -150,11 +150,12 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ) /* * Initialise a PSA-wrapping context */ -int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key ) +int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, + const psa_key_id_t key ) { const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t *pk_ctx; + psa_key_id_t *pk_ctx; psa_key_type_t type; if( ctx == NULL || ctx->pk_info != NULL ) @@ -174,7 +175,7 @@ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key ctx->pk_info = info; - pk_ctx = (psa_key_handle_t *) ctx->pk_ctx; + pk_ctx = (psa_key_id_t *) ctx->pk_ctx; *pk_ctx = key; return( 0 ); @@ -587,12 +588,12 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ) * Currently only works for EC private keys. */ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, - psa_key_handle_t *handle, + psa_key_id_t *key, psa_algorithm_t hash_alg ) { #if !defined(MBEDTLS_ECP_C) ((void) pk); - ((void) handle); + ((void) key); ((void) hash_alg); return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); #else @@ -624,14 +625,14 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(hash_alg) ); /* import private key into PSA */ - if( PSA_SUCCESS != psa_import_key( &attributes, d, d_len, handle ) ) + if( PSA_SUCCESS != psa_import_key( &attributes, d, d_len, key ) ) return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); /* make PK context wrap the key slot */ mbedtls_pk_free( pk ); mbedtls_pk_init( pk ); - return( mbedtls_pk_setup_opaque( pk, *handle ) ); + return( mbedtls_pk_setup_opaque( pk, *key ) ); #endif /* MBEDTLS_ECP_C */ } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index a40734b278d6..107e912acee6 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -543,7 +543,7 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, mbedtls_ecdsa_context *ctx = ctx_arg; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t key_handle = PSA_KEY_HANDLE_INIT; + psa_key_id_t key_id = 0; psa_status_t status; mbedtls_pk_context key; int key_len; @@ -576,7 +576,7 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, status = psa_import_key( &attributes, buf + sizeof( buf ) - key_len, key_len, - &key_handle ); + &key_id ); if( status != PSA_SUCCESS ) { ret = mbedtls_psa_err_translate_pk( status ); @@ -598,7 +598,7 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, goto cleanup; } - if( psa_verify_hash( key_handle, psa_sig_md, + if( psa_verify_hash( key_id, psa_sig_md, hash, hash_len, buf, 2 * signature_part_size ) != PSA_SUCCESS ) @@ -615,7 +615,7 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, ret = 0; cleanup: - psa_destroy_key( key_handle ); + psa_destroy_key( key_id ); return( ret ); } #else /* MBEDTLS_USE_PSA_CRYPTO */ @@ -870,7 +870,7 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = { static void *pk_opaque_alloc_wrap( void ) { - void *ctx = mbedtls_calloc( 1, sizeof( psa_key_handle_t ) ); + void *ctx = mbedtls_calloc( 1, sizeof( psa_key_id_t ) ); /* no _init() function to call, an calloc() already zeroized */ @@ -879,13 +879,13 @@ static void *pk_opaque_alloc_wrap( void ) static void pk_opaque_free_wrap( void *ctx ) { - mbedtls_platform_zeroize( ctx, sizeof( psa_key_handle_t ) ); + mbedtls_platform_zeroize( ctx, sizeof( psa_key_id_t ) ); mbedtls_free( ctx ); } static size_t pk_opaque_get_bitlen( const void *ctx ) { - const psa_key_handle_t *key = (const psa_key_handle_t *) ctx; + const psa_key_id_t *key = (const psa_key_id_t *) ctx; size_t bits; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1008,7 +1008,7 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, ((void) p_rng); return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); #else /* !MBEDTLS_ECDSA_C */ - const psa_key_handle_t *key = (const psa_key_handle_t *) ctx; + const psa_key_id_t *key = (const psa_key_id_t *) ctx; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) ); size_t buf_len; diff --git a/library/pkwrite.c b/library/pkwrite.c index b317ccf223a6..0da3698189e6 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -198,13 +198,13 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE ) { size_t buffer_size; - psa_key_handle_t* key_slot = (psa_key_handle_t*) key->pk_ctx; + psa_key_id_t* key_id = (psa_key_id_t*) key->pk_ctx; if ( *p < start ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); buffer_size = (size_t)( *p - start ); - if ( psa_export_public_key( *key_slot, start, buffer_size, &len ) + if ( psa_export_public_key( *key_id, start, buffer_size, &len ) != PSA_SUCCESS ) { return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); @@ -265,12 +265,12 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; - psa_key_handle_t handle; + psa_key_id_t key_id; psa_ecc_family_t curve; size_t bits; - handle = *((psa_key_handle_t*) key->pk_ctx ); - if( PSA_SUCCESS != psa_get_key_attributes( handle, &attributes ) ) + key_id = *((psa_key_id_t*) key->pk_ctx ); + if( PSA_SUCCESS != psa_get_key_attributes( key_id, &attributes ) ) return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); key_type = psa_get_key_type( &attributes ); bits = psa_get_key_bits( &attributes ); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f8a8c0ab7b27..a437aeec9b91 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1190,7 +1190,7 @@ static psa_status_t psa_restrict_key_policy( /** Retrieve a slot which must contain a key. The key must have allow all the * usage flags set in \p usage. If \p alg is nonzero, the key must allow * operations with this algorithm. */ -static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, +static psa_status_t psa_get_key_from_slot( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot, psa_key_usage_t usage, psa_algorithm_t alg ) @@ -1200,7 +1200,7 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, *p_slot = NULL; - status = psa_get_key_slot( handle, &slot ); + status = psa_get_key_slot( key, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -1230,12 +1230,12 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, * until secure element support is fully implemented. */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -static psa_status_t psa_get_transparent_key( psa_key_handle_t handle, +static psa_status_t psa_get_transparent_key( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot, psa_key_usage_t usage, psa_algorithm_t alg ) { - psa_status_t status = psa_get_key_from_slot( handle, p_slot, usage, alg ); + psa_status_t status = psa_get_key_from_slot( key, p_slot, usage, alg ); if( status != PSA_SUCCESS ) return( status ); if( psa_key_slot_is_external( *p_slot ) ) @@ -1247,8 +1247,8 @@ static psa_status_t psa_get_transparent_key( psa_key_handle_t handle, } #else /* MBEDTLS_PSA_CRYPTO_SE_C */ /* With no secure element support, all keys are transparent. */ -#define psa_get_transparent_key( handle, p_slot, usage, alg ) \ - psa_get_key_from_slot( handle, p_slot, usage, alg ) +#define psa_get_transparent_key( key, p_slot, usage, alg ) \ + psa_get_key_from_slot( key, p_slot, usage, alg ) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ /** Wipe key data from a slot. Preserve metadata such as the policy. */ @@ -1291,7 +1291,7 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) return( status ); } -psa_status_t psa_destroy_key( psa_key_handle_t handle ) +psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) { psa_key_slot_t *slot; psa_status_t status; /* status of the last operation */ @@ -1300,10 +1300,10 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) psa_se_drv_table_entry_t *driver; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( psa_key_handle_is_null( handle ) ) + if( mbedtls_svc_key_id_is_null( key ) ) return( PSA_SUCCESS ); - status = psa_get_key_slot( handle, &slot ); + status = psa_get_key_slot( key, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -1470,7 +1470,7 @@ static psa_status_t psa_get_rsa_public_exponent( /** Retrieve all the publicly-accessible attributes of a key. */ -psa_status_t psa_get_key_attributes( psa_key_handle_t handle, +psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, psa_key_attributes_t *attributes ) { psa_key_slot_t *slot; @@ -1478,7 +1478,7 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, psa_reset_key_attributes( attributes ); - status = psa_get_key_from_slot( handle, &slot, 0, 0 ); + status = psa_get_key_from_slot( key, &slot, 0, 0 ); if( status != PSA_SUCCESS ) return( status ); @@ -1683,7 +1683,7 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, } } -psa_status_t psa_export_key( psa_key_handle_t handle, +psa_status_t psa_export_key( mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length ) @@ -1700,14 +1700,14 @@ psa_status_t psa_export_key( psa_key_handle_t handle, /* Export requires the EXPORT flag. There is an exception for public keys, * which don't require any flag, but psa_get_key_from_slot takes * care of this. */ - status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_EXPORT, 0 ); + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_EXPORT, 0 ); if( status != PSA_SUCCESS ) return( status ); return( psa_internal_export_key( slot, data, data_size, data_length, 0 ) ); } -psa_status_t psa_export_public_key( psa_key_handle_t handle, +psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size, size_t *data_length ) @@ -1722,7 +1722,7 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle, *data_length = 0; /* Exporting a public key doesn't require a usage flag. */ - status = psa_get_key_from_slot( handle, &slot, 0, 0 ); + status = psa_get_key_from_slot( key, &slot, 0, 0 ); if( status != PSA_SUCCESS ) return( status ); return( psa_internal_export_key( slot, data, data_size, @@ -1825,7 +1825,8 @@ static psa_status_t psa_validate_key_attributes( * * This function is intended to be used as follows: * -# Call psa_start_key_creation() to allocate a key slot, prepare - * it with the specified attributes, and assign it a handle. + * it with the specified attributes, and in case of a volatile key assign it + * a volatile key identifier. * -# Populate the slot with the key material. * -# Call psa_finish_key_creation() to finalize the creation of the slot. * In case of failure at any step, stop the sequence and call @@ -1833,7 +1834,7 @@ static psa_status_t psa_validate_key_attributes( * * \param method An identification of the calling function. * \param[in] attributes Key attributes for the new key. - * \param[out] handle On success, a handle for the allocated slot. + * \param[out] key On success, identifier of the key. * \param[out] p_slot On success, a pointer to the prepared slot. * \param[out] p_drv On any return, the driver for the key, if any. * NULL for a transparent key. @@ -1846,7 +1847,7 @@ static psa_status_t psa_validate_key_attributes( static psa_status_t psa_start_key_creation( psa_key_creation_method_t method, const psa_key_attributes_t *attributes, - psa_key_handle_t *handle, + mbedtls_svc_key_id_t *key, psa_key_slot_t **p_slot, psa_se_drv_table_entry_t **p_drv ) { @@ -1938,7 +1939,7 @@ static psa_status_t psa_start_key_creation( } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - *handle = slot->attr.id; + *key = slot->attr.id; return( PSA_SUCCESS ); } @@ -1956,7 +1957,7 @@ static psa_status_t psa_start_key_creation( * or NULL for a transparent key. * * \retval #PSA_SUCCESS - * The key was successfully created. The handle is now valid. + * The key was successfully created. * \return If this function fails, the key slot is an invalid state. * You must call psa_fail_key_creation() to wipe and free the slot. */ @@ -2138,7 +2139,7 @@ static psa_status_t psa_validate_optional_attributes( psa_status_t psa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, - psa_key_handle_t *handle ) + mbedtls_svc_key_id_t *key ) { psa_status_t status; psa_key_slot_t *slot = NULL; @@ -2151,7 +2152,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes, - handle, &slot, &driver ); + key, &slot, &driver ); if( status != PSA_SUCCESS ) goto exit; @@ -2197,7 +2198,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) { psa_fail_key_creation( slot, driver ); - *handle = PSA_KEY_HANDLE_INIT; + *key = MBEDTLS_SVC_KEY_ID_INIT; } return( status ); } @@ -2209,7 +2210,7 @@ psa_status_t mbedtls_psa_register_se_key( psa_status_t status; psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; /* Leaving attributes unspecified is not currently supported. * It could make sense to query the key type and size from the @@ -2221,7 +2222,7 @@ psa_status_t mbedtls_psa_register_se_key( return( PSA_ERROR_NOT_SUPPORTED ); status = psa_start_key_creation( PSA_KEY_CREATION_REGISTER, attributes, - &handle, &slot, &driver ); + &key, &slot, &driver ); if( status != PSA_SUCCESS ) goto exit; @@ -2233,7 +2234,7 @@ psa_status_t mbedtls_psa_register_se_key( psa_fail_key_creation( slot, driver ); } /* Registration doesn't keep the key in RAM. */ - psa_close_key( handle ); + psa_close_key( key ); return( status ); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ @@ -2253,9 +2254,9 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, return( PSA_SUCCESS ); } -psa_status_t psa_copy_key( psa_key_handle_t source_handle, +psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, const psa_key_attributes_t *specified_attributes, - psa_key_handle_t *target_handle ) + mbedtls_svc_key_id_t *target_key ) { psa_status_t status; psa_key_slot_t *source_slot = NULL; @@ -2263,7 +2264,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, psa_key_attributes_t actual_attributes = *specified_attributes; psa_se_drv_table_entry_t *driver = NULL; - status = psa_get_transparent_key( source_handle, &source_slot, + status = psa_get_transparent_key( source_key, &source_slot, PSA_KEY_USAGE_COPY, 0 ); if( status != PSA_SUCCESS ) goto exit; @@ -2280,7 +2281,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, status = psa_start_key_creation( PSA_KEY_CREATION_COPY, &actual_attributes, - target_handle, &target_slot, &driver ); + target_key, &target_slot, &driver ); if( status != PSA_SUCCESS ) goto exit; @@ -2302,7 +2303,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, if( status != PSA_SUCCESS ) { psa_fail_key_creation( target_slot, driver ); - *target_handle = PSA_KEY_HANDLE_INIT; + *target_key = MBEDTLS_SVC_KEY_ID_INIT; } return( status ); } @@ -3086,7 +3087,7 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, #endif /* MBEDTLS_MD_C */ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg, int is_sign ) { @@ -3110,7 +3111,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, if( is_sign ) operation->is_sign = 1; - status = psa_get_transparent_key( handle, &slot, usage, alg ); + status = psa_get_transparent_key( key, &slot, usage, alg ); if( status != PSA_SUCCESS ) goto exit; key_bits = psa_get_key_slot_bits( slot ); @@ -3203,17 +3204,17 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, } psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg ) { - return( psa_mac_setup( operation, handle, alg, 1 ) ); + return( psa_mac_setup( operation, key, alg, 1 ) ); } psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg ) { - return( psa_mac_setup( operation, handle, alg, 0 ) ); + return( psa_mac_setup( operation, key, alg, 0 ) ); } psa_status_t psa_mac_update( psa_mac_operation_t *operation, @@ -3688,7 +3689,7 @@ static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp, } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA */ -psa_status_t psa_sign_hash( psa_key_handle_t handle, +psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -3707,7 +3708,7 @@ psa_status_t psa_sign_hash( psa_key_handle_t handle, if( signature_size == 0 ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_SIGN_HASH, alg ); + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_SIGN_HASH, alg ); if( status != PSA_SUCCESS ) goto exit; if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) @@ -3806,7 +3807,7 @@ psa_status_t psa_sign_hash( psa_key_handle_t handle, return( status ); } -psa_status_t psa_verify_hash( psa_key_handle_t handle, +psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -3816,7 +3817,8 @@ psa_status_t psa_verify_hash( psa_key_handle_t handle, psa_key_slot_t *slot; psa_status_t status; - status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_VERIFY_HASH, alg ); + status = psa_get_key_from_slot( key, &slot, + PSA_KEY_USAGE_VERIFY_HASH, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -3897,7 +3899,7 @@ static void psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg, } #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) */ -psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle, +psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -3921,7 +3923,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle, if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); + status = psa_get_transparent_key( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) || @@ -3993,7 +3995,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle, } } -psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle, +psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -4017,7 +4019,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle, if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_DECRYPT, alg ); + status = psa_get_transparent_key( key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) @@ -4095,7 +4097,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle, /****************************************************************/ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg, mbedtls_operation_t cipher_operation ) { @@ -4117,7 +4119,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, return( PSA_ERROR_INVALID_ARGUMENT ); /* Fetch key material from key storage. */ - status = psa_get_key_from_slot( handle, &slot, usage, alg ); + status = psa_get_key_from_slot( key, &slot, usage, alg ); if( status != PSA_SUCCESS ) goto exit; @@ -4248,17 +4250,17 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, } psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg ) { - return( psa_cipher_setup( operation, handle, alg, MBEDTLS_ENCRYPT ) ); + return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) ); } psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg ) { - return( psa_cipher_setup( operation, handle, alg, MBEDTLS_DECRYPT ) ); + return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) ); } psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, @@ -4643,7 +4645,7 @@ static void psa_aead_abort_internal( aead_operation_t *operation ) } static psa_status_t psa_aead_setup( aead_operation_t *operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -4651,7 +4653,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, size_t key_bits; mbedtls_cipher_id_t cipher_id; - status = psa_get_transparent_key( handle, &operation->slot, usage, alg ); + status = psa_get_transparent_key( key, &operation->slot, usage, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -4737,7 +4739,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, return( status ); } -psa_status_t psa_aead_encrypt( psa_key_handle_t handle, +psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, @@ -4755,7 +4757,7 @@ psa_status_t psa_aead_encrypt( psa_key_handle_t handle, *ciphertext_length = 0; - status = psa_aead_setup( &operation, handle, PSA_KEY_USAGE_ENCRYPT, alg ); + status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -4851,7 +4853,7 @@ static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length, return( PSA_SUCCESS ); } -psa_status_t psa_aead_decrypt( psa_key_handle_t handle, +psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, @@ -4869,7 +4871,7 @@ psa_status_t psa_aead_decrypt( psa_key_handle_t handle, *plaintext_length = 0; - status = psa_aead_setup( &operation, handle, PSA_KEY_USAGE_DECRYPT, alg ); + status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_DECRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -5368,7 +5370,7 @@ static psa_status_t psa_generate_derived_key_internal( psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attributes, psa_key_derivation_operation_t *operation, - psa_key_handle_t *handle ) + mbedtls_svc_key_id_t *key ) { psa_status_t status; psa_key_slot_t *slot = NULL; @@ -5383,7 +5385,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut return( PSA_ERROR_NOT_PERMITTED ); status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE, - attributes, handle, &slot, &driver ); + attributes, key, &slot, &driver ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) { @@ -5402,7 +5404,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut if( status != PSA_SUCCESS ) { psa_fail_key_creation( slot, driver ); - *handle = PSA_KEY_HANDLE_INIT; + *key = MBEDTLS_SVC_KEY_ID_INIT; } return( status ); } @@ -5765,14 +5767,13 @@ psa_status_t psa_key_derivation_input_bytes( psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, - psa_key_handle_t handle ) + mbedtls_svc_key_id_t key ) { psa_key_slot_t *slot; psa_status_t status; - status = psa_get_transparent_key( handle, &slot, - PSA_KEY_USAGE_DERIVE, - operation->alg ); + status = psa_get_transparent_key( key, &slot, + PSA_KEY_USAGE_DERIVE, operation->alg ); if( status != PSA_SUCCESS ) { psa_key_derivation_abort( operation ); @@ -5931,7 +5932,7 @@ static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t * psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, - psa_key_handle_t private_key, + mbedtls_svc_key_id_t private_key, const uint8_t *peer_key, size_t peer_key_length ) { @@ -5959,7 +5960,7 @@ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *o } psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, - psa_key_handle_t private_key, + mbedtls_svc_key_id_t private_key, const uint8_t *peer_key, size_t peer_key_length, uint8_t *output, @@ -6212,7 +6213,7 @@ static psa_status_t psa_generate_key_internal( } psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, - psa_key_handle_t *handle ) + mbedtls_svc_key_id_t *key ) { psa_status_t status; psa_key_slot_t *slot = NULL; @@ -6224,7 +6225,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE, - attributes, handle, &slot, &driver ); + attributes, key, &slot, &driver ); if( status != PSA_SUCCESS ) goto exit; @@ -6244,7 +6245,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) { psa_fail_key_creation( slot, driver ); - *handle = PSA_KEY_HANDLE_INIT; + *key = MBEDTLS_SVC_KEY_ID_INIT; } return( status ); } diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 391e93c6e90e..a8331d9bb341 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -63,7 +63,7 @@ static int ssl_conf_has_static_psk( mbedtls_ssl_config const *conf ) return( 1 ); #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! psa_key_handle_is_null( conf->psk_opaque ) ) + if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) ) return( 1 ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -3802,7 +3802,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) status = psa_destroy_key( handshake->ecdh_psa_privkey ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - handshake->ecdh_psa_privkey = PSA_KEY_HANDLE_INIT; + handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; } else #endif /* MBEDTLS_USE_PSA_CRYPTO && diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 03dc2d4bba30..2bb3487db2a8 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -157,7 +157,7 @@ static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf ) return( 1 ); #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! psa_key_handle_is_null( conf->psk_opaque ) ) + if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) ) return( 1 ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -172,13 +172,13 @@ static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) /* If we've used a callback to select the PSK, * the static configuration is irrelevant. */ - if( ! psa_key_handle_is_null( ssl->handshake->psk_opaque ) ) + if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) return( 1 ); return( 0 ); } - if( ! psa_key_handle_is_null( ssl->conf->psk_opaque ) ) + if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) ) return( 1 ); return( 0 ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d74e40c3475c..041578e68f70 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -446,7 +446,7 @@ static int tls1_prf( const unsigned char *secret, size_t slen, #if defined(MBEDTLS_USE_PSA_CRYPTO) static psa_status_t setup_psa_key_derivation( psa_key_derivation_operation_t* derivation, - psa_key_handle_t slot, + psa_key_id_t key, psa_algorithm_t alg, const unsigned char* seed, size_t seed_length, const unsigned char* label, size_t label_length, @@ -466,7 +466,7 @@ static psa_status_t setup_psa_key_derivation( psa_key_derivation_operation_t* de if( status != PSA_SUCCESS ) return( status ); - if( psa_key_handle_is_null( slot ) ) + if( mbedtls_svc_key_id_is_null( key ) ) { status = psa_key_derivation_input_bytes( derivation, PSA_KEY_DERIVATION_INPUT_SECRET, @@ -475,8 +475,7 @@ static psa_status_t setup_psa_key_derivation( psa_key_derivation_operation_t* de else { status = psa_key_derivation_input_key( - derivation, PSA_KEY_DERIVATION_INPUT_SECRET, - slot ); + derivation, PSA_KEY_DERIVATION_INPUT_SECRET, key ); } if( status != PSA_SUCCESS ) return( status ); @@ -507,7 +506,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, { psa_status_t status; psa_algorithm_t alg; - psa_key_handle_t master_slot = PSA_KEY_HANDLE_INIT; + psa_key_id_t master_key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_derivation_operation_t derivation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -521,7 +520,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, * this PRF is also used to derive an IV, in particular in EAP-TLS, * and for this use case it makes sense to have a 0-length "secret". * Since the key API doesn't allow importing a key of length 0, - * keep master_slot=0, which setup_psa_key_derivation() understands + * keep master_key=0, which setup_psa_key_derivation() understands * to mean a 0-length "secret" input. */ if( slen != 0 ) { @@ -530,13 +529,13 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, psa_set_key_algorithm( &key_attributes, alg ); psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE ); - status = psa_import_key( &key_attributes, secret, slen, &master_slot ); + status = psa_import_key( &key_attributes, secret, slen, &master_key ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } status = setup_psa_key_derivation( &derivation, - master_slot, alg, + master_key, alg, random, rlen, (unsigned char const *) label, (size_t) strlen( label ), @@ -544,7 +543,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, if( status != PSA_SUCCESS ) { psa_key_derivation_abort( &derivation ); - psa_destroy_key( master_slot ); + psa_destroy_key( master_key ); return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } @@ -552,19 +551,19 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, if( status != PSA_SUCCESS ) { psa_key_derivation_abort( &derivation ); - psa_destroy_key( master_slot ); + psa_destroy_key( master_key ); return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } status = psa_key_derivation_abort( &derivation ); if( status != PSA_SUCCESS ) { - psa_destroy_key( master_slot ); + psa_destroy_key( master_key ); return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } - if( ! psa_key_handle_is_null( master_slot ) ) - status = psa_destroy_key( master_slot ); + if( ! mbedtls_svc_key_id_is_null( master_key ) ) + status = psa_destroy_key( master_key ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); @@ -707,13 +706,13 @@ static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) { /* If we've used a callback to select the PSK, * the static configuration is irrelevant. */ - if( ! psa_key_handle_is_null( ssl->handshake->psk_opaque ) ) + if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) return( 1 ); return( 0 ); } - if( ! psa_key_handle_is_null( ssl->conf->psk_opaque ) ) + if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) ) return( 1 ); return( 0 ); @@ -1514,7 +1513,7 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake, /* Perform PSK-to-MS expansion in a single step. */ psa_status_t status; psa_algorithm_t alg; - psa_key_handle_t psk; + psa_key_id_t psk; psa_key_derivation_operation_t derivation = PSA_KEY_DERIVATION_OPERATION_INIT; mbedtls_md_type_t hash_alg = handshake->ciphersuite_info->mac; @@ -4344,11 +4343,11 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) { /* Remove reference to existing PSK, if any. */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! psa_key_handle_is_null( conf->psk_opaque ) ) + if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) ) { /* The maintenance of the PSK key slot is the * user's responsibility. */ - conf->psk_opaque = PSA_KEY_HANDLE_INIT; + conf->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT; } /* This and the following branch should never * be taken simultaenously as we maintain the @@ -4432,9 +4431,9 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, static void ssl_remove_psk( mbedtls_ssl_context *ssl ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! psa_key_handle_is_null( ssl->handshake->psk_opaque ) ) + if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) { - ssl->handshake->psk_opaque = PSA_KEY_HANDLE_INIT; + ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT; } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -4469,7 +4468,7 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_USE_PSA_CRYPTO) int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, - psa_key_handle_t psk_slot, + psa_key_id_t psk, const unsigned char *psk_identity, size_t psk_identity_len ) { @@ -4478,9 +4477,9 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, ssl_conf_remove_psk( conf ); /* Check and set opaque PSK */ - if( psa_key_handle_is_null( psk_slot ) ) + if( mbedtls_svc_key_id_is_null( psk ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - conf->psk_opaque = psk_slot; + conf->psk_opaque = psk; /* Check and set PSK Identity */ ret = ssl_conf_set_psk_identity( conf, psk_identity, @@ -4492,14 +4491,14 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, } int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, - psa_key_handle_t psk_slot ) + psa_key_id_t psk ) { - if( ( psa_key_handle_is_null( psk_slot ) ) || + if( ( mbedtls_svc_key_id_is_null( psk ) ) || ( ssl->handshake == NULL ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); ssl_remove_psk( ssl ); - ssl->handshake->psk_opaque = psk_slot; + ssl->handshake->psk_opaque = psk; return( 0 ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ From 277a85f1ef7e46724f1cbd4f9e222bec6bce21ec Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 4 Aug 2020 15:49:48 +0200 Subject: [PATCH 13/55] Add psa_purge_key API Signed-off-by: Ronald Cron --- include/psa/crypto.h | 23 +++++++++++++++++++++++ library/psa_crypto_slot_management.c | 15 +++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2620af5ba320..15ffe2271f41 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -387,6 +387,29 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * @{ */ +/** Remove non-essential copies of key material from memory. + * + * If the key identifier designates a volatile key, this functions does not do + * anything and returns successfully. + * + * If the key identifier designates a persistent key, then this function will + * free all resources associated with the key in volatile memory. The key + * data in persistent storage is not affected and the key can still be used. + * + * \param key Identifier of the key to purge. + * + * \retval #PSA_SUCCESS + * The key material will have been removed from memory if it is not + * currently required. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not a valid key identifier. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_purge_key(mbedtls_svc_key_id_t key); + /** Make a copy of a key. * * Copy key material from one location to another. diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 8ef851bddf4f..6471591b5b00 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -306,6 +306,21 @@ psa_status_t psa_close_key( psa_key_handle_t handle ) return( psa_wipe_key_slot( slot ) ); } +psa_status_t psa_purge_key( mbedtls_svc_key_id_t key ) +{ + psa_status_t status; + psa_key_slot_t *slot; + + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + + if( slot->attr.lifetime == PSA_KEY_LIFETIME_VOLATILE ) + return PSA_SUCCESS; + + return( psa_wipe_key_slot( slot ) ); +} + void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) { size_t slot_idx; From c3623dbc76fac2950379964247f46b04e43dd04f Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 29 Oct 2020 10:51:32 +0100 Subject: [PATCH 14/55] State PSA_CRYPTO_KEY_ID_ENCODES_OWNER and USE_PSA_CRYPTO incompatibility Code under MBEDTLS_USE_PSA_CRYPTO define is PSA client code intended to use key identifiers of type psa_key_id_t. Thus the MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER configuration option is incompatible with MBEDTLS_USE_PSA_CRYPTO. State this in config.h and check_config.h. As a consequence: . remove MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER from the full configuration, as MBEDTLS_USE_PSA_CRYPTO is part of it. . add a new component in all.sh to keep testing the library when MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is set. Signed-off-by: Ronald Cron --- include/mbedtls/check_config.h | 5 +++++ include/mbedtls/config.h | 2 +- scripts/config.py | 1 + tests/scripts/all.sh | 12 ++++++++++++ 4 files changed, 19 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index fd979db84e6a..1ebb7066a695 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -609,6 +609,11 @@ #error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) && \ + defined(MBEDTLS_USE_PSA_CRYPTO) +#error "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined, but it cannot coexist with MBEDTLS_USE_PSA_CRYPTO." +#endif + #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ !defined(MBEDTLS_OID_C) ) #error "MBEDTLS_RSA_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 2ac2cc696a2b..c930a8ff3c15 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1266,7 +1266,7 @@ * which is currently hard-coded to be int32_t. * * Note that this option is meant for internal use only and may be removed - * without notice. + * without notice. It is incompatible with PSA_USE_PSA_CRYPTO. */ //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER diff --git a/scripts/config.py b/scripts/config.py index 6c299818f8e0..ae0614ae0e28 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -185,6 +185,7 @@ def realfull_adapter(_name, active, section): 'MBEDTLS_PKCS11_C', # build dependency (libpkcs11-helper) 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature 'MBEDTLS_PSA_CRYPTO_CONFIG', # toggles old/new style PSA config + 'MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER', # incompatible with USE_PSA_CRYPTO 'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM) 'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions) 'MBEDTLS_REMOVE_3DES_CIPHERSUITES', # removes a feature diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 757a9ecc96ef..3c27617872d4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -780,6 +780,18 @@ component_test_full_cmake_gcc_asan () { if_build_succeeded tests/context-info.sh } +component_test_psa_crypto_key_id_encodes_owner () { + msg "build: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER, cmake, gcc, ASan" + scripts/config.py full + scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO + scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER, cmake, gcc, ASan" + make test +} + component_test_zlib_make() { msg "build: zlib enabled, make" scripts/config.py set MBEDTLS_ZLIB_SUPPORT From adc2ff28b025ac814c0e56cb4012f3a10f1cb282 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 16 Sep 2020 16:49:27 +0200 Subject: [PATCH 15/55] Adapt programs to PSA openless APIs PSA and SSL programs are PSA clients thus should use psa_key_id_t as the type for key identifiers, not mbedtls_svc_key_id_t. As a consequence, PSA, ssl_server2 and ssl_client2 programs cannot compile and must not be compiled if MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is defined. Thus, add MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER compilation guard to those programs. Signed-off-by: Ronald Cron --- programs/psa/crypto_examples.c | 44 +++++++------ programs/psa/key_ladder_demo.c | 114 ++++++++++++++++----------------- programs/ssl/ssl_client2.c | 18 +++--- programs/ssl/ssl_server2.c | 26 ++++---- 4 files changed, 102 insertions(+), 100 deletions(-) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 86ceecce1eec..d165d2e550bf 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -45,13 +45,15 @@ #if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_AES_C) || \ !defined(MBEDTLS_CIPHER_MODE_CBC) || !defined(MBEDTLS_CIPHER_MODE_CTR) || \ - !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) + !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) || \ + defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) int main( void ) { printf( "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or " "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR " "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING " - "not defined.\r\n" ); + "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER" + " defined.\r\n" ); return( 0 ); } #else @@ -92,7 +94,7 @@ static psa_status_t cipher_operation( psa_cipher_operation_t *operation, return( status ); } -static psa_status_t cipher_encrypt( psa_key_handle_t key_handle, +static psa_status_t cipher_encrypt( psa_key_id_t key, psa_algorithm_t alg, uint8_t * iv, size_t iv_size, @@ -108,7 +110,7 @@ static psa_status_t cipher_encrypt( psa_key_handle_t key_handle, size_t iv_len = 0; memset( &operation, 0, sizeof( operation ) ); - status = psa_cipher_encrypt_setup( &operation, key_handle, alg ); + status = psa_cipher_encrypt_setup( &operation, key, alg ); ASSERT_STATUS( status, PSA_SUCCESS ); status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len ); @@ -123,7 +125,7 @@ static psa_status_t cipher_encrypt( psa_key_handle_t key_handle, return( status ); } -static psa_status_t cipher_decrypt( psa_key_handle_t key_handle, +static psa_status_t cipher_decrypt( psa_key_id_t key, psa_algorithm_t alg, const uint8_t * iv, size_t iv_size, @@ -138,7 +140,7 @@ static psa_status_t cipher_decrypt( psa_key_handle_t key_handle, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; memset( &operation, 0, sizeof( operation ) ); - status = psa_cipher_decrypt_setup( &operation, key_handle, alg ); + status = psa_cipher_decrypt_setup( &operation, key, alg ); ASSERT_STATUS( status, PSA_SUCCESS ); status = psa_cipher_set_iv( &operation, iv, iv_size ); @@ -165,7 +167,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t key_handle = PSA_KEY_HANDLE_INIT; + psa_key_id_t key = 0; size_t output_len = 0; uint8_t iv[block_size]; uint8_t input[block_size]; @@ -181,15 +183,15 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle ); + status = psa_generate_key( &attributes, &key ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), + status = cipher_encrypt( key, alg, iv, sizeof( iv ), input, sizeof( input ), part_size, encrypt, sizeof( encrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ), + status = cipher_decrypt( key, alg, iv, sizeof( iv ), encrypt, output_len, part_size, decrypt, sizeof( decrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -198,7 +200,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) ASSERT_STATUS( status, PSA_SUCCESS ); exit: - psa_destroy_key( key_handle ); + psa_destroy_key( key ); return( status ); } @@ -215,7 +217,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t key_handle = PSA_KEY_HANDLE_INIT; + psa_key_id_t key = 0; size_t output_len = 0; uint8_t iv[block_size], input[input_size], encrypt[input_size + block_size], decrypt[input_size + block_size]; @@ -229,15 +231,15 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle ); + status = psa_generate_key( &attributes, &key ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), + status = cipher_encrypt( key, alg, iv, sizeof( iv ), input, sizeof( input ), part_size, encrypt, sizeof( encrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ), + status = cipher_decrypt( key, alg, iv, sizeof( iv ), encrypt, output_len, part_size, decrypt, sizeof( decrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -246,7 +248,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) ASSERT_STATUS( status, PSA_SUCCESS ); exit: - psa_destroy_key( key_handle ); + psa_destroy_key( key ); return( status ); } @@ -262,7 +264,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t key_handle = PSA_KEY_HANDLE_INIT; + psa_key_id_t key = 0; size_t output_len = 0; uint8_t iv[block_size], input[input_size], encrypt[input_size], decrypt[input_size]; @@ -276,15 +278,15 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle ); + status = psa_generate_key( &attributes, &key ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), + status = cipher_encrypt( key, alg, iv, sizeof( iv ), input, sizeof( input ), part_size, encrypt, sizeof( encrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ), + status = cipher_decrypt( key, alg, iv, sizeof( iv ), encrypt, output_len, part_size, decrypt, sizeof( decrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -293,7 +295,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) ASSERT_STATUS( status, PSA_SUCCESS ); exit: - psa_destroy_key( key_handle ); + psa_destroy_key( key ); return( status ); } diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 456d8d64525e..c36b67faff08 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -65,15 +65,17 @@ #include /* If the build options we need are not enabled, compile a placeholder. */ -#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ - !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \ - !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) +#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ + !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \ + !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) || \ + defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) int main( void ) { - printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " - "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " - "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO " - "not defined.\n"); + printf( "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " + "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO " + "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER " + "defined.\n" ); return( 0 ); } #else @@ -167,7 +169,7 @@ enum program_mode /* Save a key to a file. In the real world, you may want to export a derived * key sometimes, to share it with another party. */ -static psa_status_t save_key( psa_key_handle_t key_handle, +static psa_status_t save_key( psa_key_id_t key, const char *output_file_name ) { psa_status_t status = PSA_SUCCESS; @@ -175,7 +177,7 @@ static psa_status_t save_key( psa_key_handle_t key_handle, size_t key_size; FILE *key_file = NULL; - PSA_CHECK( psa_export_key( key_handle, + PSA_CHECK( psa_export_key( key, key_data, sizeof( key_data ), &key_size ) ); SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL ); @@ -197,7 +199,7 @@ static psa_status_t save_key( psa_key_handle_t key_handle, static psa_status_t generate( const char *key_file_name ) { psa_status_t status = PSA_SUCCESS; - psa_key_handle_t key_handle = PSA_KEY_HANDLE_INIT; + psa_key_id_t key = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_set_key_usage_flags( &attributes, @@ -206,12 +208,12 @@ static psa_status_t generate( const char *key_file_name ) psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); - PSA_CHECK( psa_generate_key( &attributes, &key_handle ) ); + PSA_CHECK( psa_generate_key( &attributes, &key ) ); - PSA_CHECK( save_key( key_handle, key_file_name ) ); + PSA_CHECK( save_key( key, key_file_name ) ); exit: - (void) psa_destroy_key( key_handle ); + (void) psa_destroy_key( key ); return( status ); } @@ -223,7 +225,7 @@ static psa_status_t generate( const char *key_file_name ) static psa_status_t import_key_from_file( psa_key_usage_t usage, psa_algorithm_t alg, const char *key_file_name, - psa_key_handle_t *master_key_handle ) + psa_key_id_t *master_key ) { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -232,8 +234,6 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, FILE *key_file = NULL; unsigned char extra_byte; - *master_key_handle = PSA_KEY_HANDLE_INIT; - SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL ); SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ), key_file ) ) != 0 ); @@ -250,8 +250,7 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, psa_set_key_usage_flags( &attributes, usage ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_CHECK( psa_import_key( &attributes, key_data, key_size, - master_key_handle ) ); + PSA_CHECK( psa_import_key( &attributes, key_data, key_size, master_key ) ); exit: if( key_file != NULL ) fclose( key_file ); @@ -259,21 +258,22 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, if( status != PSA_SUCCESS ) { /* If the key creation hasn't happened yet or has failed, - * *master_key_handle is 0. psa_destroy_key(0) is guaranteed to do - * nothing and return PSA_ERROR_INVALID_HANDLE. */ - (void) psa_destroy_key( *master_key_handle ); - *master_key_handle = PSA_KEY_HANDLE_INIT; + * *master_key is null. psa_destroy_key( 0 ) is + * guaranteed to do nothing and return PSA_SUCCESS. */ + (void) psa_destroy_key( *master_key ); + *master_key = 0; } return( status ); } /* Derive the intermediate keys, using the list of labels provided on - * the command line. On input, *key_handle is a handle to the master key. - * This function closes the master key. On successful output, *key_handle - * is a handle to the final derived key. */ + * the command line. On input, *key is the master key identifier. + * This function destroys the master key. On successful output, *key + * is the identifier of the final derived key. + */ static psa_status_t derive_key_ladder( const char *ladder[], size_t ladder_depth, - psa_key_handle_t *key_handle ) + psa_key_id_t *key ) { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -297,17 +297,17 @@ static psa_status_t derive_key_ladder( const char *ladder[], DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH ) ); PSA_CHECK( psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - *key_handle ) ); + *key ) ); PSA_CHECK( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, (uint8_t*) ladder[i], strlen( ladder[i] ) ) ); /* When the parent key is not the master key, destroy it, * since it is no longer needed. */ - PSA_CHECK( psa_close_key( *key_handle ) ); - *key_handle = PSA_KEY_HANDLE_INIT; + PSA_CHECK( psa_destroy_key( *key ) ); + *key = 0; /* Derive the next intermediate key from the parent key. */ PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, - key_handle ) ); + key ) ); PSA_CHECK( psa_key_derivation_abort( &operation ) ); } @@ -315,22 +315,22 @@ static psa_status_t derive_key_ladder( const char *ladder[], psa_key_derivation_abort( &operation ); if( status != PSA_SUCCESS ) { - psa_close_key( *key_handle ); - *key_handle = PSA_KEY_HANDLE_INIT; + psa_destroy_key( *key ); + *key = 0; } return( status ); } /* Derive a wrapping key from the last intermediate key. */ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, - psa_key_handle_t derived_key_handle, - psa_key_handle_t *wrapping_key_handle ) + psa_key_id_t derived_key, + psa_key_id_t *wrapping_key ) { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - *wrapping_key_handle = PSA_KEY_HANDLE_INIT; + *wrapping_key = 0; /* Set up a key derivation operation from the key derived from * the master key. */ @@ -340,7 +340,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH ) ); PSA_CHECK( psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - derived_key_handle ) ); + derived_key ) ); PSA_CHECK( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); @@ -351,7 +351,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, WRAPPING_KEY_BITS ); PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, - wrapping_key_handle ) ); + wrapping_key ) ); exit: psa_key_derivation_abort( &operation ); @@ -360,7 +360,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, static psa_status_t wrap_data( const char *input_file_name, const char *output_file_name, - psa_key_handle_t wrapping_key_handle ) + psa_key_id_t wrapping_key ) { psa_status_t status; FILE *input_file = NULL; @@ -408,7 +408,7 @@ static psa_status_t wrap_data( const char *input_file_name, /* Wrap the data. */ PSA_CHECK( psa_generate_random( header.iv, WRAPPING_IV_SIZE ) ); - PSA_CHECK( psa_aead_encrypt( wrapping_key_handle, WRAPPING_ALG, + PSA_CHECK( psa_aead_encrypt( wrapping_key, WRAPPING_ALG, header.iv, WRAPPING_IV_SIZE, (uint8_t *) &header, sizeof( header ), buffer, input_size, @@ -437,7 +437,7 @@ static psa_status_t wrap_data( const char *input_file_name, static psa_status_t unwrap_data( const char *input_file_name, const char *output_file_name, - psa_key_handle_t wrapping_key_handle ) + psa_key_id_t wrapping_key ) { psa_status_t status; FILE *input_file = NULL; @@ -489,7 +489,7 @@ static psa_status_t unwrap_data( const char *input_file_name, input_file = NULL; /* Unwrap the data. */ - PSA_CHECK( psa_aead_decrypt( wrapping_key_handle, WRAPPING_ALG, + PSA_CHECK( psa_aead_decrypt( wrapping_key, WRAPPING_ALG, header.iv, WRAPPING_IV_SIZE, (uint8_t *) &header, sizeof( header ), buffer, ciphertext_size, @@ -527,8 +527,8 @@ static psa_status_t run( enum program_mode mode, const char *output_file_name ) { psa_status_t status = PSA_SUCCESS; - psa_key_handle_t derivation_key_handle = PSA_KEY_HANDLE_INIT; - psa_key_handle_t wrapping_key_handle = PSA_KEY_HANDLE_INIT; + psa_key_id_t derivation_key = 0; + psa_key_id_t wrapping_key = 0; /* Initialize the PSA crypto library. */ PSA_CHECK( psa_crypto_init( ) ); @@ -541,30 +541,30 @@ static psa_status_t run( enum program_mode mode, PSA_CHECK( import_key_from_file( PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, KDF_ALG, key_file_name, - &derivation_key_handle ) ); + &derivation_key ) ); /* Calculate the derived key for this session. */ PSA_CHECK( derive_key_ladder( ladder, ladder_depth, - &derivation_key_handle ) ); + &derivation_key ) ); switch( mode ) { case MODE_SAVE: - PSA_CHECK( save_key( derivation_key_handle, output_file_name ) ); + PSA_CHECK( save_key( derivation_key, output_file_name ) ); break; case MODE_UNWRAP: PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT, - derivation_key_handle, - &wrapping_key_handle ) ); + derivation_key, + &wrapping_key ) ); PSA_CHECK( unwrap_data( input_file_name, output_file_name, - wrapping_key_handle ) ); + wrapping_key ) ); break; case MODE_WRAP: PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT, - derivation_key_handle, - &wrapping_key_handle ) ); + derivation_key, + &wrapping_key ) ); PSA_CHECK( wrap_data( input_file_name, output_file_name, - wrapping_key_handle ) ); + wrapping_key ) ); break; default: /* Unreachable but some compilers don't realize it. */ @@ -572,11 +572,11 @@ static psa_status_t run( enum program_mode mode, } exit: - /* Close any remaining key. Deinitializing the crypto library would do - * this anyway, but explicitly closing handles makes the code easier - * to reuse. */ - (void) psa_close_key( derivation_key_handle ); - (void) psa_close_key( wrapping_key_handle ); + /* Destroy any remaining key. Deinitializing the crypto library would do + * this anyway since they are volatile keys, but explicitly destroying + * keys makes the code easier. */ + (void) psa_destroy_key( derivation_key ); + (void) psa_destroy_key( wrapping_key ); /* Deinitialize the PSA crypto library. */ mbedtls_psa_crypto_free( ); return( status ); diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 246d71a8d843..f92a73e4b630 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -42,12 +42,14 @@ #if !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ - !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) int main( void ) { - mbedtls_printf("MBEDTLS_ENTROPY_C and/or " + mbedtls_printf( "MBEDTLS_ENTROPY_C and/or " "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n"); + "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined " + " and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" ); mbedtls_exit( 0 ); } #else @@ -1207,7 +1209,7 @@ int main( int argc, char *argv[] ) const char *pers = "ssl_client2"; #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t slot = PSA_KEY_HANDLE_INIT; + psa_key_id_t slot = 0; psa_algorithm_t alg = 0; psa_key_attributes_t key_attributes; psa_status_t status; @@ -1232,7 +1234,7 @@ int main( int argc, char *argv[] ) mbedtls_x509_crt clicert; mbedtls_pk_context pkey; #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t key_slot = PSA_KEY_HANDLE_INIT; /* invalid key slot */ + psa_key_id_t key_slot = 0; /* invalid key slot */ #endif #endif char *p, *q; @@ -3577,10 +3579,8 @@ int main( int argc, char *argv[] ) if( ( status != PSA_SUCCESS ) && ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) { - mbedtls_printf( "Failed to destroy key slot %u-%u - error was %d", - MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( slot ), - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot ), - (int) status ); + mbedtls_printf( "Failed to destroy key slot %u - error was %d", + (int) slot, (int) status ); if( ret == 0 ) ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index eb4ab0d8ff3b..c5ff30354ebf 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -42,12 +42,14 @@ #if !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \ - !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) int main( void ) { - mbedtls_printf("MBEDTLS_ENTROPY_C and/or " + mbedtls_printf( "MBEDTLS_ENTROPY_C and/or " "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n"); + "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined " + " and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" ); mbedtls_exit( 0 ); } #else @@ -1285,7 +1287,7 @@ struct _psk_entry size_t key_len; unsigned char key[MBEDTLS_PSK_MAX_LEN]; #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t slot; + psa_key_id_t slot; #endif /* MBEDTLS_USE_PSA_CRYPTO */ psk_entry *next; }; @@ -1301,9 +1303,9 @@ int psk_free( psk_entry *head ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_status_t status; - psa_key_handle_t const slot = head->slot; + psa_key_id_t const slot = head->slot; - if( ! psa_key_handle_is_null( slot ) ) + if( slot != 0 ) { status = psa_destroy_key( slot ); if( status != PSA_SUCCESS ) @@ -1376,7 +1378,7 @@ int psk_callback( void *p_info, mbedtls_ssl_context *ssl, memcmp( name, cur->name, name_len ) == 0 ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! psa_key_handle_is_null( cur->slot ) ) + if( cur->slot != 0 ) return( mbedtls_ssl_set_hs_psk_opaque( ssl, cur->slot ) ); else #endif @@ -1711,7 +1713,7 @@ int idle( mbedtls_net_context *fd, } #if defined(MBEDTLS_USE_PSA_CRYPTO) -static psa_status_t psa_setup_psk_key_slot( psa_key_handle_t *slot, +static psa_status_t psa_setup_psk_key_slot( psa_key_id_t *slot, psa_algorithm_t alg, unsigned char *psk, size_t psk_len ) @@ -1795,7 +1797,7 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_algorithm_t alg = 0; - psa_key_handle_t psk_slot = PSA_KEY_HANDLE_INIT; + psa_key_id_t psk_slot = 0; #endif /* MBEDTLS_USE_PSA_CRYPTO */ unsigned char psk[MBEDTLS_PSK_MAX_LEN]; size_t psk_len = 0; @@ -4518,10 +4520,8 @@ int main( int argc, char *argv[] ) if( ( status != PSA_SUCCESS ) && ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) { - mbedtls_printf( "Failed to destroy key slot %u-%u - error was %d", - MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psk_slot ), - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psk_slot ), - (int) status ); + mbedtls_printf( "Failed to destroy key slot %u - error was %d", + (int) psk_slot, (int) status ); } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED && From 5425a21fd2da9b784a89d4f5162803fd6918819d Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 4 Aug 2020 14:58:35 +0200 Subject: [PATCH 16/55] tests: Adapt PSA tests to openless APIs psa_key_handle_equal() is removed as not used anymore. Signed-off-by: Ronald Cron --- include/psa/crypto_compat.h | 13 - tests/suites/test_suite_pk.function | 20 +- tests/suites/test_suite_psa_crypto.function | 846 +++++++++--------- ..._suite_psa_crypto_driver_wrappers.function | 107 ++- .../test_suite_psa_crypto_init.function | 6 +- ...t_suite_psa_crypto_persistent_key.function | 52 +- ...st_suite_psa_crypto_se_driver_hal.function | 206 ++--- ...te_psa_crypto_se_driver_hal_mocks.function | 48 +- ...test_suite_psa_crypto_slot_management.data | 4 +- ..._suite_psa_crypto_slot_management.function | 202 +++-- tests/suites/test_suite_x509write.function | 6 +- 11 files changed, 726 insertions(+), 784 deletions(-) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index fea2923114c7..642be1a55ba4 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -44,19 +44,6 @@ typedef mbedtls_svc_key_id_t psa_key_handle_t; #define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT -/** Compare two handles. - * - * \param handle1 First handle. - * \param handle2 Second handle. - * - * \return Non-zero if the two handles are equal, zero otherwise. - */ -static inline int psa_key_handle_equal( psa_key_handle_t handle1, - psa_key_handle_t handle2 ) -{ - return( mbedtls_svc_key_id_equal( handle1, handle2 ) ); -} - /** Check wether an handle is null. * * \param handle Handle diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 5fee0d7e34a0..9803f9051c69 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -100,13 +100,13 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) #if defined(MBEDTLS_USE_PSA_CRYPTO) /* - * Generate a key using PSA and return a handle to that key, + * Generate a key using PSA and return the key identifier of that key, * or 0 if the key generation failed. * The key uses NIST P-256 and is usable for signing with SHA-256. */ -psa_key_handle_t pk_psa_genkey( void ) +mbedtls_svc_key_id_t pk_psa_genkey( void ) { - psa_key_handle_t key; + mbedtls_svc_key_id_t key; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ); @@ -133,7 +133,7 @@ exit: void pk_psa_utils( ) { mbedtls_pk_context pk, pk2; - psa_key_handle_t key; + mbedtls_svc_key_id_t key; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const char * const name = "Opaque"; @@ -151,14 +151,14 @@ void pk_psa_utils( ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, PSA_KEY_HANDLE_INIT ) == + TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, MBEDTLS_SVC_KEY_ID_INIT ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); mbedtls_pk_free( &pk ); mbedtls_pk_init( &pk ); key = pk_psa_genkey(); - if( psa_key_handle_is_null( key ) ) + if( mbedtls_svc_key_id_is_null( key ) ) goto exit; TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 ); @@ -1220,7 +1220,7 @@ void pk_psa_sign( int grpid_arg, unsigned char *pkey_legacy_start, *pkey_psa_start; size_t sig_len, klen_legacy, klen_psa; int ret; - psa_key_handle_t handle; + mbedtls_svc_key_id_t key_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t expected_type = PSA_KEY_TYPE_ECC_KEY_PAIR( psa_curve_arg ); size_t expected_bits = expected_bits_arg; @@ -1252,10 +1252,10 @@ void pk_psa_sign( int grpid_arg, pkey_legacy_start = pkey_legacy + sizeof( pkey_legacy ) - klen_legacy; /* Turn PK context into an opaque one. */ - TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &handle, + TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &key_id, PSA_ALG_SHA_256 ) == 0 ); - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), expected_type ); TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), @@ -1280,7 +1280,7 @@ void pk_psa_sign( int grpid_arg, TEST_ASSERT( memcmp( pkey_psa_start, pkey_legacy_start, klen_psa ) == 0 ); mbedtls_pk_free( &pk ); - TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( handle ) ); + TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key_id ) ); mbedtls_pk_init( &pk ); TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey_legacy_start, diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 23d827ec4bd7..9b113b48ed31 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -229,7 +229,7 @@ static int construct_fake_rsa_key( unsigned char *buffer, return( len ); } -int check_key_attributes_sanity( psa_key_handle_t key ) +int check_key_attributes_sanity( mbedtls_svc_key_id_t key ) { int ok = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -305,31 +305,29 @@ int exercise_mac_setup( psa_key_type_t key_type, psa_mac_operation_t *operation, psa_status_t *status ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, - &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &key ) ); - *status = psa_mac_sign_setup( operation, handle, alg ); + *status = psa_mac_sign_setup( operation, key, alg ); /* Whether setup succeeded or failed, abort must succeed. */ PSA_ASSERT( psa_mac_abort( operation ) ); /* If setup failed, reproduce the failure, so that the caller can * test the resulting state of the operation object. */ if( *status != PSA_SUCCESS ) { - TEST_EQUAL( psa_mac_sign_setup( operation, handle, alg ), - *status ); + TEST_EQUAL( psa_mac_sign_setup( operation, key, alg ), *status ); } - psa_destroy_key( handle ); + psa_destroy_key( key ); return( 1 ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); return( 0 ); } @@ -340,35 +338,34 @@ int exercise_cipher_setup( psa_key_type_t key_type, psa_cipher_operation_t *operation, psa_status_t *status ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, - &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &key ) ); - *status = psa_cipher_encrypt_setup( operation, handle, alg ); + *status = psa_cipher_encrypt_setup( operation, key, alg ); /* Whether setup succeeded or failed, abort must succeed. */ PSA_ASSERT( psa_cipher_abort( operation ) ); /* If setup failed, reproduce the failure, so that the caller can * test the resulting state of the operation object. */ if( *status != PSA_SUCCESS ) { - TEST_EQUAL( psa_cipher_encrypt_setup( operation, handle, alg ), + TEST_EQUAL( psa_cipher_encrypt_setup( operation, key, alg ), *status ); } - psa_destroy_key( handle ); + psa_destroy_key( key ); return( 1 ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); return( 0 ); } -static int exercise_mac_key( psa_key_handle_t handle, +static int exercise_mac_key( mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -379,8 +376,7 @@ static int exercise_mac_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_SIGN_HASH ) { - PSA_ASSERT( psa_mac_sign_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); PSA_ASSERT( psa_mac_sign_finish( &operation, @@ -394,8 +390,7 @@ static int exercise_mac_key( psa_key_handle_t handle, ( usage & PSA_KEY_USAGE_SIGN_HASH ? PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); - PSA_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); TEST_EQUAL( psa_mac_verify_finish( &operation, mac, mac_length ), @@ -409,7 +404,7 @@ exit: return( 0 ); } -static int exercise_cipher_key( psa_key_handle_t handle, +static int exercise_cipher_key( mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -424,8 +419,7 @@ static int exercise_cipher_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_ENCRYPT ) { - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_cipher_generate_iv( &operation, iv, sizeof( iv ), &iv_length ) ); @@ -447,15 +441,14 @@ static int exercise_cipher_key( psa_key_handle_t handle, if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) ) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); /* This should be PSA_CIPHER_GET_IV_SIZE but the API doesn't * have this macro yet. */ iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( psa_get_key_type( &attributes ) ); maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg ); } - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_cipher_set_iv( &operation, iv, iv_length ) ); PSA_ASSERT( psa_cipher_update( &operation, @@ -483,7 +476,7 @@ exit: return( 0 ); } -static int exercise_aead_key( psa_key_handle_t handle, +static int exercise_aead_key( mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -496,7 +489,7 @@ static int exercise_aead_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_ENCRYPT ) { - PSA_ASSERT( psa_aead_encrypt( handle, alg, + PSA_ASSERT( psa_aead_encrypt( key, alg, nonce, nonce_length, NULL, 0, plaintext, sizeof( plaintext ), @@ -510,7 +503,7 @@ static int exercise_aead_key( psa_key_handle_t handle, ( usage & PSA_KEY_USAGE_ENCRYPT ? PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); - TEST_EQUAL( psa_aead_decrypt( handle, alg, + TEST_EQUAL( psa_aead_decrypt( key, alg, nonce, nonce_length, NULL, 0, ciphertext, ciphertext_length, @@ -525,7 +518,7 @@ exit: return( 0 ); } -static int exercise_signature_key( psa_key_handle_t handle, +static int exercise_signature_key( mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -554,7 +547,7 @@ static int exercise_signature_key( psa_key_handle_t handle, * even for algorithms that allow other input sizes. */ if( hash_alg != 0 ) payload_length = PSA_HASH_SIZE( hash_alg ); - PSA_ASSERT( psa_sign_hash( handle, alg, + PSA_ASSERT( psa_sign_hash( key, alg, payload, payload_length, signature, sizeof( signature ), &signature_length ) ); @@ -566,7 +559,7 @@ static int exercise_signature_key( psa_key_handle_t handle, ( usage & PSA_KEY_USAGE_SIGN_HASH ? PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); - TEST_EQUAL( psa_verify_hash( handle, alg, + TEST_EQUAL( psa_verify_hash( key, alg, payload, payload_length, signature, signature_length ), verify_status ); @@ -578,7 +571,7 @@ exit: return( 0 ); } -static int exercise_asymmetric_encryption_key( psa_key_handle_t handle, +static int exercise_asymmetric_encryption_key( mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -589,7 +582,7 @@ static int exercise_asymmetric_encryption_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_ENCRYPT ) { - PSA_ASSERT( psa_asymmetric_encrypt( handle, alg, + PSA_ASSERT( psa_asymmetric_encrypt( key, alg, plaintext, plaintext_length, NULL, 0, ciphertext, sizeof( ciphertext ), @@ -599,7 +592,7 @@ static int exercise_asymmetric_encryption_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_DECRYPT ) { psa_status_t status = - psa_asymmetric_decrypt( handle, alg, + psa_asymmetric_decrypt( key, alg, ciphertext, ciphertext_length, NULL, 0, plaintext, sizeof( plaintext ), @@ -617,7 +610,7 @@ exit: } static int setup_key_derivation_wrap( psa_key_derivation_operation_t* operation, - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, psa_algorithm_t alg, unsigned char* input1, size_t input1_length, unsigned char* input2, size_t input2_length, @@ -631,7 +624,7 @@ static int setup_key_derivation_wrap( psa_key_derivation_operation_t* operation, input1, input1_length ) ); PSA_ASSERT( psa_key_derivation_input_key( operation, PSA_KEY_DERIVATION_INPUT_SECRET, - handle ) ); + key ) ); PSA_ASSERT( psa_key_derivation_input_bytes( operation, PSA_KEY_DERIVATION_INPUT_INFO, input2, @@ -645,7 +638,7 @@ static int setup_key_derivation_wrap( psa_key_derivation_operation_t* operation, input1, input1_length ) ); PSA_ASSERT( psa_key_derivation_input_key( operation, PSA_KEY_DERIVATION_INPUT_SECRET, - handle ) ); + key ) ); PSA_ASSERT( psa_key_derivation_input_bytes( operation, PSA_KEY_DERIVATION_INPUT_LABEL, input2, input2_length ) ); @@ -665,7 +658,7 @@ exit: } -static int exercise_key_derivation_key( psa_key_handle_t handle, +static int exercise_key_derivation_key( mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -679,7 +672,7 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_DERIVE ) { - if( !setup_key_derivation_wrap( &operation, handle, alg, + if( !setup_key_derivation_wrap( &operation, key, alg, input1, input1_length, input2, input2_length, capacity ) ) goto exit; @@ -700,7 +693,7 @@ exit: * private key against its own public key. */ static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *operation, - psa_key_handle_t handle ) + mbedtls_svc_key_id_t key ) { psa_key_type_t private_key_type; psa_key_type_t public_key_type; @@ -713,18 +706,17 @@ static psa_status_t key_agreement_with_self( psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); private_key_type = psa_get_key_type( &attributes ); key_bits = psa_get_key_bits( &attributes ); public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type ); public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); ASSERT_ALLOC( public_key, public_key_length ); - PSA_ASSERT( psa_export_public_key( handle, - public_key, public_key_length, + PSA_ASSERT( psa_export_public_key( key, public_key, public_key_length, &public_key_length ) ); status = psa_key_derivation_key_agreement( - operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle, + operation, PSA_KEY_DERIVATION_INPUT_SECRET, key, public_key, public_key_length ); exit: mbedtls_free( public_key ); @@ -735,7 +727,7 @@ exit: /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg, - psa_key_handle_t handle ) + mbedtls_svc_key_id_t key ) { psa_key_type_t private_key_type; psa_key_type_t public_key_type; @@ -750,17 +742,17 @@ static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg, psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); private_key_type = psa_get_key_type( &attributes ); key_bits = psa_get_key_bits( &attributes ); public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type ); public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); ASSERT_ALLOC( public_key, public_key_length ); - PSA_ASSERT( psa_export_public_key( handle, + PSA_ASSERT( psa_export_public_key( key, public_key, public_key_length, &public_key_length ) ); - status = psa_raw_key_agreement( alg, handle, + status = psa_raw_key_agreement( alg, key, public_key, public_key_length, output, sizeof( output ), &output_length ); exit: @@ -769,7 +761,7 @@ exit: return( status ); } -static int exercise_raw_key_agreement_key( psa_key_handle_t handle, +static int exercise_raw_key_agreement_key( mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -779,7 +771,7 @@ static int exercise_raw_key_agreement_key( psa_key_handle_t handle, { /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ - PSA_ASSERT( raw_key_agreement_with_self( alg, handle ) ); + PSA_ASSERT( raw_key_agreement_with_self( alg, key ) ); } ok = 1; @@ -787,7 +779,7 @@ exit: return( ok ); } -static int exercise_key_agreement_key( psa_key_handle_t handle, +static int exercise_key_agreement_key( mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -800,7 +792,7 @@ static int exercise_key_agreement_key( psa_key_handle_t handle, /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( key_agreement_with_self( &operation, handle ) ); + PSA_ASSERT( key_agreement_with_self( &operation, key ) ); PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, sizeof( output ) ) ); @@ -1011,7 +1003,7 @@ exit: return( 0 ); } -static int exercise_export_key( psa_key_handle_t handle, +static int exercise_export_key( mbedtls_svc_key_id_t key, psa_key_usage_t usage ) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1020,12 +1012,12 @@ static int exercise_export_key( psa_key_handle_t handle, size_t exported_length = 0; int ok = 0; - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 && ! PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( &attributes ) ) ) { - TEST_EQUAL( psa_export_key( handle, NULL, 0, &exported_length ), + TEST_EQUAL( psa_export_key( key, NULL, 0, &exported_length ), PSA_ERROR_NOT_PERMITTED ); ok = 1; goto exit; @@ -1035,7 +1027,7 @@ static int exercise_export_key( psa_key_handle_t handle, psa_get_key_bits( &attributes ) ); ASSERT_ALLOC( exported, exported_size ); - PSA_ASSERT( psa_export_key( handle, + PSA_ASSERT( psa_export_key( key, exported, exported_size, &exported_length ) ); ok = exported_key_sanity_check( psa_get_key_type( &attributes ), @@ -1048,7 +1040,7 @@ exit: return( ok ); } -static int exercise_export_public_key( psa_key_handle_t handle ) +static int exercise_export_public_key( mbedtls_svc_key_id_t key ) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t public_type; @@ -1057,10 +1049,10 @@ static int exercise_export_public_key( psa_key_handle_t handle ) size_t exported_length = 0; int ok = 0; - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( psa_get_key_type( &attributes ) ) ) { - TEST_EQUAL( psa_export_public_key( handle, NULL, 0, &exported_length ), + TEST_EQUAL( psa_export_public_key( key, NULL, 0, &exported_length ), PSA_ERROR_INVALID_ARGUMENT ); return( 1 ); } @@ -1071,7 +1063,7 @@ static int exercise_export_public_key( psa_key_handle_t handle ) psa_get_key_bits( &attributes ) ); ASSERT_ALLOC( exported, exported_size ); - PSA_ASSERT( psa_export_public_key( handle, + PSA_ASSERT( psa_export_public_key( key, exported, exported_size, &exported_length ) ); ok = exported_key_sanity_check( public_type, @@ -1103,7 +1095,7 @@ exit: * if( ! exercise_key( ... ) ) goto exit; * ``` * - * \param handle The key to exercise. It should be capable of performing + * \param key The key to exercise. It should be capable of performing * \p alg. * \param usage The usage flags to assume. * \param alg The algorithm to exercise. @@ -1111,33 +1103,33 @@ exit: * \retval 0 The key failed the smoke tests. * \retval 1 The key passed the smoke tests. */ -static int exercise_key( psa_key_handle_t handle, +static int exercise_key( mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { int ok; - if( ! check_key_attributes_sanity( handle ) ) + if( ! check_key_attributes_sanity( key ) ) return( 0 ); if( alg == 0 ) ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */ else if( PSA_ALG_IS_MAC( alg ) ) - ok = exercise_mac_key( handle, usage, alg ); + ok = exercise_mac_key( key, usage, alg ); else if( PSA_ALG_IS_CIPHER( alg ) ) - ok = exercise_cipher_key( handle, usage, alg ); + ok = exercise_cipher_key( key, usage, alg ); else if( PSA_ALG_IS_AEAD( alg ) ) - ok = exercise_aead_key( handle, usage, alg ); + ok = exercise_aead_key( key, usage, alg ); else if( PSA_ALG_IS_SIGN( alg ) ) - ok = exercise_signature_key( handle, usage, alg ); + ok = exercise_signature_key( key, usage, alg ); else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) - ok = exercise_asymmetric_encryption_key( handle, usage, alg ); + ok = exercise_asymmetric_encryption_key( key, usage, alg ); else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) - ok = exercise_key_derivation_key( handle, usage, alg ); + ok = exercise_key_derivation_key( key, usage, alg ); else if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) ) - ok = exercise_raw_key_agreement_key( handle, usage, alg ); + ok = exercise_raw_key_agreement_key( key, usage, alg ); else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) - ok = exercise_key_agreement_key( handle, usage, alg ); + ok = exercise_key_agreement_key( key, usage, alg ); else { char message[40]; @@ -1148,8 +1140,8 @@ static int exercise_key( psa_key_handle_t handle, ok = 0; } - ok = ok && exercise_export_key( handle, usage ); - ok = ok && exercise_export_public_key( handle ); + ok = ok && exercise_export_key( key, usage ); + ok = ok && exercise_export_public_key( key ); return( ok ); } @@ -1182,7 +1174,7 @@ static psa_key_usage_t usage_to_exercise( psa_key_type_t type, } -static int test_operations_on_invalid_handle( psa_key_handle_t handle ) +static int test_operations_on_invalid_key( mbedtls_svc_key_id_t key ) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 0x6964 ); @@ -1194,7 +1186,7 @@ static int test_operations_on_invalid_handle( psa_key_handle_t handle ) psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); psa_set_key_algorithm( &attributes, PSA_ALG_CTR ); psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - TEST_EQUAL( psa_get_key_attributes( handle, &attributes ), + TEST_EQUAL( psa_get_key_attributes( key, &attributes ), PSA_ERROR_DOES_NOT_EXIST ); TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 ); @@ -1206,10 +1198,9 @@ static int test_operations_on_invalid_handle( psa_key_handle_t handle ) TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); - TEST_EQUAL( psa_export_key( handle, - buffer, sizeof( buffer ), &length ), + TEST_EQUAL( psa_export_key( key, buffer, sizeof( buffer ), &length ), PSA_ERROR_DOES_NOT_EXIST ); - TEST_EQUAL( psa_export_public_key( handle, + TEST_EQUAL( psa_export_public_key( key, buffer, sizeof( buffer ), &length ), PSA_ERROR_DOES_NOT_EXIST ); @@ -1459,7 +1450,7 @@ void import_with_policy( int type_arg, { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; psa_key_usage_t usage = usage_arg; psa_algorithm_t alg = alg_arg; @@ -1475,22 +1466,22 @@ void import_with_policy( int type_arg, status = psa_import_key( &attributes, key_material, sizeof( key_material ), - &handle ); + &key ); TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) goto exit; - PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage ); TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); ASSERT_NO_SLOT_NUMBER( &got_attributes ); - PSA_ASSERT( psa_destroy_key( handle ) ); - test_operations_on_invalid_handle( handle ); + PSA_ASSERT( psa_destroy_key( key ) ); + test_operations_on_invalid_key( key ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); psa_reset_key_attributes( &got_attributes ); PSA_DONE( ); } @@ -1503,7 +1494,7 @@ void import_with_data( data_t *data, int type_arg, { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; size_t attr_bits = attr_bits_arg; psa_status_t expected_status = expected_status_arg; @@ -1514,22 +1505,22 @@ void import_with_data( data_t *data, int type_arg, psa_set_key_type( &attributes, type ); psa_set_key_bits( &attributes, attr_bits ); - status = psa_import_key( &attributes, data->x, data->len, &handle ); + status = psa_import_key( &attributes, data->x, data->len, &key ); TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) goto exit; - PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); if( attr_bits != 0 ) TEST_EQUAL( attr_bits, psa_get_key_bits( &got_attributes ) ); ASSERT_NO_SLOT_NUMBER( &got_attributes ); - PSA_ASSERT( psa_destroy_key( handle ) ); - test_operations_on_invalid_handle( handle ); + PSA_ASSERT( psa_destroy_key( key ) ); + test_operations_on_invalid_key( key ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); psa_reset_key_attributes( &got_attributes ); PSA_DONE( ); } @@ -1543,7 +1534,7 @@ void import_large_key( int type_arg, int byte_size_arg, size_t byte_size = byte_size_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; uint8_t *buffer = NULL; size_t buffer_size = byte_size + 1; @@ -1559,18 +1550,18 @@ void import_large_key( int type_arg, int byte_size_arg, /* Try importing the key */ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_type( &attributes, type ); - status = psa_import_key( &attributes, buffer, byte_size, &handle ); + status = psa_import_key( &attributes, buffer, byte_size, &key ); TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) { - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); TEST_EQUAL( psa_get_key_bits( &attributes ), PSA_BYTES_TO_BITS( byte_size ) ); ASSERT_NO_SLOT_NUMBER( &attributes ); memset( buffer, 0, byte_size + 1 ); - PSA_ASSERT( psa_export_key( handle, buffer, byte_size, &n ) ); + PSA_ASSERT( psa_export_key( key, buffer, byte_size, &n ) ); for( n = 0; n < byte_size; n++ ) TEST_EQUAL( buffer[n], 'K' ); for( n = byte_size; n < buffer_size; n++ ) @@ -1578,7 +1569,7 @@ void import_large_key( int type_arg, int byte_size_arg, } exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); mbedtls_free( buffer ); } @@ -1587,7 +1578,7 @@ exit: /* BEGIN_CASE */ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; size_t bits = bits_arg; psa_status_t expected_status = expected_status_arg; psa_status_t status; @@ -1610,11 +1601,11 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) /* Try importing the key */ psa_set_key_type( &attributes, type ); - status = psa_import_key( &attributes, p, length, &handle ); + status = psa_import_key( &attributes, p, length, &key ); TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( key ) ); exit: mbedtls_free( buffer ); @@ -1631,7 +1622,7 @@ void import_export( data_t *data, int expected_export_status_arg, int canonical_input ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_export_status = expected_export_status_arg; @@ -1655,18 +1646,16 @@ void import_export( data_t *data, psa_set_key_type( &attributes, type ); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) ); /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); TEST_EQUAL( psa_get_key_bits( &got_attributes ), (size_t) expected_bits ); ASSERT_NO_SLOT_NUMBER( &got_attributes ); /* Export the key */ - status = psa_export_key( handle, - exported, export_size, - &exported_length ); + status = psa_export_key( key, exported, export_size, &exported_length ); TEST_EQUAL( status, expected_export_status ); /* The exported length must be set by psa_export_key() to a value between 0 @@ -1683,30 +1672,30 @@ void import_export( data_t *data, goto destroy; } - if( ! exercise_export_key( handle, usage_arg ) ) + if( ! exercise_export_key( key, usage_arg ) ) goto exit; if( canonical_input ) ASSERT_COMPARE( data->x, data->len, exported, exported_length ); else { - psa_key_handle_t handle2; + mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT; PSA_ASSERT( psa_import_key( &attributes, exported, exported_length, - &handle2 ) ); - PSA_ASSERT( psa_export_key( handle2, + &key2 ) ); + PSA_ASSERT( psa_export_key( key2, reexported, export_size, &reexported_length ) ); ASSERT_COMPARE( exported, exported_length, reexported, reexported_length ); - PSA_ASSERT( psa_close_key( handle2 ) ); + PSA_ASSERT( psa_destroy_key( key2 ) ); } TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, psa_get_key_bits( &got_attributes ) ) ); destroy: /* Destroy the key */ - PSA_ASSERT( psa_destroy_key( handle ) ); - test_operations_on_invalid_handle( handle ); + PSA_ASSERT( psa_destroy_key( key ) ); + test_operations_on_invalid_key( key ); exit: mbedtls_free( exported ); @@ -1724,7 +1713,7 @@ void import_export_public_key( data_t *data, int expected_export_status_arg, data_t *expected_public_key ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_export_status = expected_export_status_arg; @@ -1741,11 +1730,11 @@ void import_export_public_key( data_t *data, psa_set_key_type( &attributes, type ); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) ); /* Export the public key */ ASSERT_ALLOC( exported, export_size ); - status = psa_export_public_key( handle, + status = psa_export_public_key( key, exported, export_size, &exported_length ); TEST_EQUAL( status, expected_export_status ); @@ -1753,7 +1742,7 @@ void import_export_public_key( data_t *data, { psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ); size_t bits; - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); bits = psa_get_key_bits( &attributes ); TEST_ASSERT( expected_public_key->len <= PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) ); @@ -1763,7 +1752,7 @@ void import_export_public_key( data_t *data, exit: mbedtls_free( exported ); - psa_destroy_key( handle ); + psa_destroy_key( key ); psa_reset_key_attributes( &attributes ); PSA_DONE( ); } @@ -1775,7 +1764,7 @@ void import_and_exercise_key( data_t *data, int bits_arg, int alg_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; size_t bits = bits_arg; psa_algorithm_t alg = alg_arg; @@ -1790,22 +1779,22 @@ void import_and_exercise_key( data_t *data, psa_set_key_type( &attributes, type ); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) ); /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits ); /* Do something with the key according to its type and permitted usage. */ - if( ! exercise_key( handle, usage, alg ) ) + if( ! exercise_key( key, usage, alg ) ) goto exit; - PSA_ASSERT( psa_destroy_key( handle ) ); - test_operations_on_invalid_handle( handle ); + PSA_ASSERT( psa_destroy_key( key ) ); + test_operations_on_invalid_key( key ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); psa_reset_key_attributes( &got_attributes ); PSA_DONE( ); } @@ -1817,7 +1806,7 @@ void effective_key_attributes( int type_arg, int expected_type_arg, int usage_arg, int expected_usage_arg, int alg_arg, int expected_alg_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = type_arg; psa_key_type_t expected_key_type = expected_type_arg; size_t bits = bits_arg; @@ -1835,17 +1824,17 @@ void effective_key_attributes( int type_arg, int expected_type_arg, psa_set_key_type( &attributes, key_type ); psa_set_key_bits( &attributes, bits ); - PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); + PSA_ASSERT( psa_generate_key( &attributes, &key ) ); psa_reset_key_attributes( &attributes ); - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), expected_key_type ); TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), expected_alg ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); psa_reset_key_attributes( &attributes ); PSA_DONE( ); } @@ -1903,7 +1892,7 @@ void mac_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; psa_status_t status; @@ -1916,9 +1905,9 @@ void mac_key_policy( int policy_usage, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - status = psa_mac_sign_setup( &operation, handle, exercise_alg ); + status = psa_mac_sign_setup( &operation, key, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 ) PSA_ASSERT( status ); @@ -1927,7 +1916,7 @@ void mac_key_policy( int policy_usage, psa_mac_abort( &operation ); memset( mac, 0, sizeof( mac ) ); - status = psa_mac_verify_setup( &operation, handle, exercise_alg ); + status = psa_mac_verify_setup( &operation, key, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 ) PSA_ASSERT( status ); @@ -1936,7 +1925,7 @@ void mac_key_policy( int policy_usage, exit: psa_mac_abort( &operation ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -1948,7 +1937,7 @@ void cipher_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_status_t status; @@ -1960,9 +1949,9 @@ void cipher_key_policy( int policy_usage, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); + status = psa_cipher_encrypt_setup( &operation, key, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) PSA_ASSERT( status ); @@ -1970,7 +1959,7 @@ void cipher_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); psa_cipher_abort( &operation ); - status = psa_cipher_decrypt_setup( &operation, handle, exercise_alg ); + status = psa_cipher_decrypt_setup( &operation, key, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) PSA_ASSERT( status ); @@ -1979,7 +1968,7 @@ void cipher_key_policy( int policy_usage, exit: psa_cipher_abort( &operation ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -1993,7 +1982,7 @@ void aead_key_policy( int policy_usage, int tag_length_arg, int exercise_alg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; unsigned char nonce[16] = {0}; @@ -2012,9 +2001,9 @@ void aead_key_policy( int policy_usage, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - status = psa_aead_encrypt( handle, exercise_alg, + status = psa_aead_encrypt( key, exercise_alg, nonce, nonce_length, NULL, 0, NULL, 0, @@ -2027,7 +2016,7 @@ void aead_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); memset( tag, 0, sizeof( tag ) ); - status = psa_aead_decrypt( handle, exercise_alg, + status = psa_aead_decrypt( key, exercise_alg, nonce, nonce_length, NULL, 0, tag, tag_length, @@ -2040,7 +2029,7 @@ void aead_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -2052,7 +2041,7 @@ void asymmetric_encryption_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; size_t key_bits; @@ -2067,15 +2056,15 @@ void asymmetric_encryption_key_policy( int policy_usage, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, exercise_alg ); ASSERT_ALLOC( buffer, buffer_length ); - status = psa_asymmetric_encrypt( handle, exercise_alg, + status = psa_asymmetric_encrypt( key, exercise_alg, NULL, 0, NULL, 0, buffer, buffer_length, @@ -2088,7 +2077,7 @@ void asymmetric_encryption_key_policy( int policy_usage, if( buffer_length != 0 ) memset( buffer, 0, buffer_length ); - status = psa_asymmetric_decrypt( handle, exercise_alg, + status = psa_asymmetric_decrypt( key, exercise_alg, buffer, buffer_length, NULL, 0, buffer, buffer_length, @@ -2100,7 +2089,7 @@ void asymmetric_encryption_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); psa_reset_key_attributes( &attributes ); PSA_DONE( ); mbedtls_free( buffer ); @@ -2115,7 +2104,7 @@ void asymmetric_signature_key_policy( int policy_usage, int exercise_alg, int payload_length_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; @@ -2135,9 +2124,9 @@ void asymmetric_signature_key_policy( int policy_usage, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - status = psa_sign_hash( handle, exercise_alg, + status = psa_sign_hash( key, exercise_alg, payload, payload_length, signature, sizeof( signature ), &signature_length ); @@ -2147,7 +2136,7 @@ void asymmetric_signature_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); memset( signature, 0, sizeof( signature ) ); - status = psa_verify_hash( handle, exercise_alg, + status = psa_verify_hash( key, exercise_alg, payload, payload_length, signature, sizeof( signature ) ); if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 ) @@ -2156,7 +2145,7 @@ void asymmetric_signature_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -2168,7 +2157,7 @@ void derive_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; @@ -2180,7 +2169,7 @@ void derive_key_policy( int policy_usage, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) ); @@ -2195,7 +2184,7 @@ void derive_key_policy( int policy_usage, status = psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - handle ); + key ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) @@ -2205,7 +2194,7 @@ void derive_key_policy( int policy_usage, exit: psa_key_derivation_abort( &operation ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -2218,7 +2207,7 @@ void agreement_key_policy( int policy_usage, int exercise_alg, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -2232,16 +2221,16 @@ void agreement_key_policy( int policy_usage, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) ); - status = key_agreement_with_self( &operation, handle ); + status = key_agreement_with_self( &operation, key ); TEST_EQUAL( status, expected_status ); exit: psa_key_derivation_abort( &operation ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -2250,7 +2239,7 @@ exit: void key_policy_alg2( int key_type_arg, data_t *key_data, int usage_arg, int alg_arg, int alg2_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -2265,20 +2254,20 @@ void key_policy_alg2( int key_type_arg, data_t *key_data, psa_set_key_enrollment_algorithm( &attributes, alg2 ); psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage ); TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); TEST_EQUAL( psa_get_key_enrollment_algorithm( &got_attributes ), alg2 ); - if( ! exercise_key( handle, usage, alg ) ) + if( ! exercise_key( key, usage, alg ) ) goto exit; - if( ! exercise_key( handle, usage, alg2 ) ) + if( ! exercise_key( key, usage, alg2 ) ) goto exit; exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -2291,7 +2280,7 @@ void raw_agreement_key_policy( int policy_usage, int exercise_alg, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -2305,15 +2294,15 @@ void raw_agreement_key_policy( int policy_usage, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - status = raw_key_agreement_with_self( exercise_alg, handle ); + status = raw_key_agreement_with_self( exercise_alg, key ); TEST_EQUAL( status, expected_status ); exit: psa_key_derivation_abort( &operation ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -2333,8 +2322,8 @@ void copy_success( int source_usage_arg, psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; psa_algorithm_t expected_alg2 = expected_alg2_arg; - psa_key_handle_t source_handle = PSA_KEY_HANDLE_INIT; - psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT; uint8_t *export_buffer = NULL; PSA_ASSERT( psa_crypto_init( ) ); @@ -2346,8 +2335,8 @@ void copy_success( int source_usage_arg, psa_set_key_type( &source_attributes, type_arg ); PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, - &source_handle ) ); - PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) ); + &source_key ) ); + PSA_ASSERT( psa_get_key_attributes( source_key, &source_attributes ) ); /* Prepare the target attributes. */ if( copy_attributes ) @@ -2360,14 +2349,14 @@ void copy_success( int source_usage_arg, psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); /* Copy the key. */ - PSA_ASSERT( psa_copy_key( source_handle, - &target_attributes, &target_handle ) ); + PSA_ASSERT( psa_copy_key( source_key, + &target_attributes, &target_key ) ); /* Destroy the source to ensure that this doesn't affect the target. */ - PSA_ASSERT( psa_destroy_key( source_handle ) ); + PSA_ASSERT( psa_destroy_key( source_key ) ); /* Test that the target slot has the expected content and policy. */ - PSA_ASSERT( psa_get_key_attributes( target_handle, &target_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( target_key, &target_attributes ) ); TEST_EQUAL( psa_get_key_type( &source_attributes ), psa_get_key_type( &target_attributes ) ); TEST_EQUAL( psa_get_key_bits( &source_attributes ), @@ -2380,17 +2369,17 @@ void copy_success( int source_usage_arg, { size_t length; ASSERT_ALLOC( export_buffer, material->len ); - PSA_ASSERT( psa_export_key( target_handle, export_buffer, + PSA_ASSERT( psa_export_key( target_key, export_buffer, material->len, &length ) ); ASSERT_COMPARE( material->x, material->len, export_buffer, length ); } - if( ! exercise_key( target_handle, expected_usage, expected_alg ) ) + if( ! exercise_key( target_key, expected_usage, expected_alg ) ) goto exit; - if( ! exercise_key( target_handle, expected_usage, expected_alg2 ) ) + if( ! exercise_key( target_key, expected_usage, expected_alg2 ) ) goto exit; - PSA_ASSERT( psa_close_key( target_handle ) ); + PSA_ASSERT( psa_destroy_key( target_key ) ); exit: psa_reset_key_attributes( &source_attributes ); @@ -2411,8 +2400,8 @@ void copy_fail( int source_usage_arg, { psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t source_handle = PSA_KEY_HANDLE_INIT; - psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -2423,7 +2412,7 @@ void copy_fail( int source_usage_arg, psa_set_key_type( &source_attributes, type_arg ); PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, - &source_handle ) ); + &source_key ) ); /* Prepare the target attributes. */ psa_set_key_type( &target_attributes, target_type_arg ); @@ -2433,11 +2422,11 @@ void copy_fail( int source_usage_arg, psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); /* Try to copy the key. */ - TEST_EQUAL( psa_copy_key( source_handle, - &target_attributes, &target_handle ), + TEST_EQUAL( psa_copy_key( source_key, + &target_attributes, &target_key ), expected_status_arg ); - PSA_ASSERT( psa_destroy_key( source_handle ) ); + PSA_ASSERT( psa_destroy_key( source_key ) ); exit: psa_reset_key_attributes( &source_attributes ); @@ -2916,10 +2905,10 @@ exit: /* BEGIN_CASE */ void mac_bad_order( ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = PSA_KEY_TYPE_HMAC; psa_algorithm_t alg = PSA_ALG_HMAC(PSA_ALG_SHA_256); - const uint8_t key[] = { + const uint8_t key_data[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; @@ -2938,7 +2927,8 @@ void mac_bad_order( ) psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key, sizeof( key ), &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data, sizeof( key_data ), + &key ) ); /* Call update without calling setup beforehand. */ TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ), @@ -2958,16 +2948,13 @@ void mac_bad_order( ) PSA_ASSERT( psa_mac_abort( &operation ) ); /* Call setup twice in a row. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, - handle, alg ) ); - TEST_EQUAL( psa_mac_sign_setup( &operation, - handle, alg ), + PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); + TEST_EQUAL( psa_mac_sign_setup( &operation, key, alg ), PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_mac_abort( &operation ) ); /* Call update after sign finish. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); PSA_ASSERT( psa_mac_sign_finish( &operation, sign_mac, sizeof( sign_mac ), @@ -2977,8 +2964,7 @@ void mac_bad_order( ) PSA_ASSERT( psa_mac_abort( &operation ) ); /* Call update after verify finish. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); PSA_ASSERT( psa_mac_verify_finish( &operation, verify_mac, sizeof( verify_mac ) ) ); @@ -2987,8 +2973,7 @@ void mac_bad_order( ) PSA_ASSERT( psa_mac_abort( &operation ) ); /* Call sign finish twice in a row. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); PSA_ASSERT( psa_mac_sign_finish( &operation, sign_mac, sizeof( sign_mac ), @@ -3000,8 +2985,7 @@ void mac_bad_order( ) PSA_ASSERT( psa_mac_abort( &operation ) ); /* Call verify finish twice in a row. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); PSA_ASSERT( psa_mac_verify_finish( &operation, verify_mac, sizeof( verify_mac ) ) ); @@ -3011,8 +2995,7 @@ void mac_bad_order( ) PSA_ASSERT( psa_mac_abort( &operation ) ); /* Setup sign but try verify. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); TEST_EQUAL( psa_mac_verify_finish( &operation, verify_mac, sizeof( verify_mac ) ), @@ -3020,8 +3003,7 @@ void mac_bad_order( ) PSA_ASSERT( psa_mac_abort( &operation ) ); /* Setup verify but try sign. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); TEST_EQUAL( psa_mac_sign_finish( &operation, sign_mac, sizeof( sign_mac ), @@ -3029,7 +3011,7 @@ void mac_bad_order( ) PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_mac_abort( &operation ) ); - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( key ) ); exit: PSA_DONE( ); @@ -3038,19 +3020,19 @@ exit: /* BEGIN_CASE */ void mac_sign( int key_type_arg, - data_t *key, + data_t *key_data, int alg_arg, data_t *input, data_t *expected_mac ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_mac = NULL; size_t mac_buffer_size = - PSA_MAC_FINAL_SIZE( key_type, PSA_BYTES_TO_BITS( key->len ), alg ); + PSA_MAC_FINAL_SIZE( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg ); size_t mac_length = 0; const size_t output_sizes_to_test[] = { 0, @@ -3070,7 +3052,8 @@ void mac_sign( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); for( size_t i = 0; i < ARRAY_LENGTH( output_sizes_to_test ); i++ ) { @@ -3083,8 +3066,7 @@ void mac_sign( int key_type_arg, ASSERT_ALLOC( actual_mac, output_size ); /* Calculate the MAC. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input->x, input->len ) ); TEST_EQUAL( psa_mac_sign_finish( &operation, @@ -3104,7 +3086,7 @@ void mac_sign( int key_type_arg, exit: psa_mac_abort( &operation ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); mbedtls_free( actual_mac ); } @@ -3112,12 +3094,12 @@ exit: /* BEGIN_CASE */ void mac_verify( int key_type_arg, - data_t *key, + data_t *key_data, int alg_arg, data_t *input, data_t *expected_mac ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; @@ -3132,11 +3114,11 @@ void mac_verify( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); /* Test the correct MAC. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input->x, input->len ) ); PSA_ASSERT( psa_mac_verify_finish( &operation, @@ -3144,8 +3126,7 @@ void mac_verify( int key_type_arg, expected_mac->len ) ); /* Test a MAC that's too short. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input->x, input->len ) ); TEST_EQUAL( psa_mac_verify_finish( &operation, @@ -3156,8 +3137,7 @@ void mac_verify( int key_type_arg, /* Test a MAC that's too long. */ ASSERT_ALLOC( perturbed_mac, expected_mac->len + 1 ); memcpy( perturbed_mac, expected_mac->x, expected_mac->len ); - PSA_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input->x, input->len ) ); TEST_EQUAL( psa_mac_verify_finish( &operation, @@ -3170,8 +3150,7 @@ void mac_verify( int key_type_arg, { test_set_step( i ); perturbed_mac[i] ^= 1; - PSA_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input->x, input->len ) ); TEST_EQUAL( psa_mac_verify_finish( &operation, @@ -3183,7 +3162,7 @@ void mac_verify( int key_type_arg, exit: psa_mac_abort( &operation ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); mbedtls_free( perturbed_mac ); } @@ -3271,13 +3250,13 @@ exit: /* BEGIN_CASE */ void cipher_bad_order( ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = PSA_KEY_TYPE_AES; psa_algorithm_t alg = PSA_ALG_CBC_PKCS7; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 }; - const uint8_t key[] = { + const uint8_t key_data[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; const uint8_t text[] = { @@ -3290,18 +3269,18 @@ void cipher_bad_order( ) psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key, sizeof( key ), &handle ) ); - + PSA_ASSERT( psa_import_key( &attributes, key_data, sizeof( key_data ), + &key ) ); /* Call encrypt setup twice in a row. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); - TEST_EQUAL( psa_cipher_encrypt_setup( &operation, handle, alg ), + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + TEST_EQUAL( psa_cipher_encrypt_setup( &operation, key, alg ), PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_cipher_abort( &operation ) ); /* Call decrypt setup twice in a row. */ - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, handle, alg ) ); - TEST_EQUAL( psa_cipher_decrypt_setup( &operation, handle, alg ), + PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); + TEST_EQUAL( psa_cipher_decrypt_setup( &operation, key, alg ), PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_cipher_abort( &operation ) ); @@ -3313,7 +3292,7 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_abort( &operation ) ); /* Generate an IV twice in a row. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_cipher_generate_iv( &operation, buffer, sizeof( buffer ), &length ) ); @@ -3324,7 +3303,7 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_abort( &operation ) ); /* Generate an IV after it's already set. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ) ); TEST_EQUAL( psa_cipher_generate_iv( &operation, @@ -3340,7 +3319,7 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_abort( &operation ) ); /* Set an IV after it's already set. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ) ); TEST_EQUAL( psa_cipher_set_iv( &operation, @@ -3349,7 +3328,7 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_abort( &operation ) ); /* Set an IV after it's already generated. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_cipher_generate_iv( &operation, buffer, sizeof( buffer ), &length ) ); @@ -3375,7 +3354,7 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_abort( &operation ) ); /* Call update after finish. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ) ); PSA_ASSERT( psa_cipher_finish( &operation, @@ -3394,7 +3373,7 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_abort( &operation ) ); /* Call finish without an IV where an IV is required. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); /* Not calling update means we are encrypting an empty buffer, which is OK * for cipher modes with padding. */ TEST_EQUAL( psa_cipher_finish( &operation, @@ -3403,7 +3382,7 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_abort( &operation ) ); /* Call finish twice in a row. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ) ); PSA_ASSERT( psa_cipher_finish( &operation, @@ -3413,7 +3392,7 @@ void cipher_bad_order( ) PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_cipher_abort( &operation ) ); - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( key ) ); exit: psa_cipher_abort( &operation ); @@ -3423,11 +3402,11 @@ exit: /* BEGIN_CASE */ void cipher_encrypt( int alg_arg, int key_type_arg, - data_t *key, data_t *iv, + data_t *key_data, data_t *iv, data_t *input, data_t *expected_output, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -3445,10 +3424,10 @@ void cipher_encrypt( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); if( iv->len > 0 ) { @@ -3481,20 +3460,20 @@ void cipher_encrypt( int alg_arg, int key_type_arg, exit: psa_cipher_abort( &operation ); mbedtls_free( output ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ /* BEGIN_CASE */ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, - data_t *key, data_t *iv, + data_t *key_data, data_t *iv, data_t *input, int first_part_size_arg, int output1_length_arg, int output2_length_arg, data_t *expected_output ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; @@ -3513,10 +3492,10 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); if( iv->len > 0 ) { @@ -3554,20 +3533,20 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, exit: psa_cipher_abort( &operation ); mbedtls_free( output ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ /* BEGIN_CASE */ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, - data_t *key, data_t *iv, + data_t *key_data, data_t *iv, data_t *input, int first_part_size_arg, int output1_length_arg, int output2_length_arg, data_t *expected_output ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; @@ -3586,10 +3565,10 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); if( iv->len > 0 ) { @@ -3628,18 +3607,18 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, exit: psa_cipher_abort( &operation ); mbedtls_free( output ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ /* BEGIN_CASE */ void cipher_decrypt( int alg_arg, int key_type_arg, - data_t *key, data_t *iv, + data_t *key_data, data_t *iv, data_t *input, data_t *expected_output, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -3657,10 +3636,10 @@ void cipher_decrypt( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); if( iv->len > 0 ) { @@ -3693,17 +3672,17 @@ void cipher_decrypt( int alg_arg, int key_type_arg, exit: psa_cipher_abort( &operation ); mbedtls_free( output ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ /* BEGIN_CASE */ void cipher_verify_output( int alg_arg, int key_type_arg, - data_t *key, + data_t *key_data, data_t *input ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char iv[16] = {0}; @@ -3726,12 +3705,11 @@ void cipher_verify_output( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, - handle, alg ) ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, - handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) ); if( alg != PSA_ALG_ECB_NO_PADDING ) { @@ -3784,7 +3762,7 @@ exit: psa_cipher_abort( &operation2 ); mbedtls_free( output1 ); mbedtls_free( output2 ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -3792,11 +3770,11 @@ exit: /* BEGIN_CASE */ void cipher_verify_output_multipart( int alg_arg, int key_type_arg, - data_t *key, + data_t *key_data, data_t *input, int first_part_size_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; @@ -3820,12 +3798,11 @@ void cipher_verify_output_multipart( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, - handle, alg ) ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, - handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) ); if( alg != PSA_ALG_ECB_NO_PADDING ) { @@ -3896,7 +3873,7 @@ exit: psa_cipher_abort( &operation2 ); mbedtls_free( output1 ); mbedtls_free( output2 ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -3909,7 +3886,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, data_t *input_data, int expected_result_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output_data = NULL; @@ -3936,9 +3913,9 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - TEST_EQUAL( psa_aead_encrypt( handle, alg, + TEST_EQUAL( psa_aead_encrypt( key, alg, nonce->x, nonce->len, additional_data->x, additional_data->len, @@ -3956,7 +3933,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, TEST_EQUAL( input_data->len, PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, output_length ) ); - TEST_EQUAL( psa_aead_decrypt( handle, alg, + TEST_EQUAL( psa_aead_decrypt( key, alg, nonce->x, nonce->len, additional_data->x, additional_data->len, @@ -3970,7 +3947,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, } exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); mbedtls_free( output_data ); mbedtls_free( output_data2 ); PSA_DONE( ); @@ -3985,7 +3962,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, data_t *input_data, data_t *expected_result ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output_data = NULL; @@ -4008,9 +3985,9 @@ void aead_encrypt( int key_type_arg, data_t *key_data, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - PSA_ASSERT( psa_aead_encrypt( handle, alg, + PSA_ASSERT( psa_aead_encrypt( key, alg, nonce->x, nonce->len, additional_data->x, additional_data->len, input_data->x, input_data->len, @@ -4021,7 +3998,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, output_data, output_length ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); mbedtls_free( output_data ); PSA_DONE( ); } @@ -4036,7 +4013,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, data_t *expected_data, int expected_result_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output_data = NULL; @@ -4061,9 +4038,9 @@ void aead_decrypt( int key_type_arg, data_t *key_data, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - TEST_EQUAL( psa_aead_decrypt( handle, alg, + TEST_EQUAL( psa_aead_decrypt( key, alg, nonce->x, nonce->len, additional_data->x, additional_data->len, @@ -4077,7 +4054,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, output_data, output_length ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); mbedtls_free( output_data ); PSA_DONE( ); } @@ -4109,7 +4086,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, data_t *output_data ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t key_bits; @@ -4125,8 +4102,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); /* Allocate a buffer which has the size advertized by the @@ -4138,7 +4115,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ - PSA_ASSERT( psa_sign_hash( handle, alg, + PSA_ASSERT( psa_sign_hash( key, alg, input_data->x, input_data->len, signature, signature_size, &signature_length ) ); @@ -4149,7 +4126,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, #if defined(MBEDTLS_TEST_DEPRECATED) memset( signature, 0, signature_size ); signature_length = INVALID_EXPORT_LENGTH; - PSA_ASSERT( psa_asymmetric_sign( handle, alg, + PSA_ASSERT( psa_asymmetric_sign( key, alg, input_data->x, input_data->len, signature, signature_size, &signature_length ) ); @@ -4159,7 +4136,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); mbedtls_free( signature ); PSA_DONE( ); } @@ -4170,7 +4147,7 @@ void sign_fail( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, int signature_size_arg, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t signature_size = signature_size_arg; @@ -4189,9 +4166,9 @@ void sign_fail( int key_type_arg, data_t *key_data, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - actual_status = psa_sign_hash( handle, alg, + actual_status = psa_sign_hash( key, alg, input_data->x, input_data->len, signature, signature_size, &signature_length ); @@ -4204,7 +4181,7 @@ void sign_fail( int key_type_arg, data_t *key_data, #if defined(MBEDTLS_TEST_DEPRECATED) signature_length = INVALID_EXPORT_LENGTH; - TEST_EQUAL( psa_asymmetric_sign( handle, alg, + TEST_EQUAL( psa_asymmetric_sign( key, alg, input_data->x, input_data->len, signature, signature_size, &signature_length ), @@ -4214,7 +4191,7 @@ void sign_fail( int key_type_arg, data_t *key_data, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); mbedtls_free( signature ); PSA_DONE( ); } @@ -4224,7 +4201,7 @@ exit: void sign_verify( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t key_bits; @@ -4240,8 +4217,8 @@ void sign_verify( int key_type_arg, data_t *key_data, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); /* Allocate a buffer which has the size advertized by the @@ -4253,7 +4230,7 @@ void sign_verify( int key_type_arg, data_t *key_data, ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ - PSA_ASSERT( psa_sign_hash( handle, alg, + PSA_ASSERT( psa_sign_hash( key, alg, input_data->x, input_data->len, signature, signature_size, &signature_length ) ); @@ -4262,7 +4239,7 @@ void sign_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( signature_length > 0 ); /* Use the library to verify that the signature is correct. */ - PSA_ASSERT( psa_verify_hash( handle, alg, + PSA_ASSERT( psa_verify_hash( key, alg, input_data->x, input_data->len, signature, signature_length ) ); @@ -4272,7 +4249,7 @@ void sign_verify( int key_type_arg, data_t *key_data, * detected as invalid. Flip a bit at the beginning, not at the end, * because ECDSA may ignore the last few bits of the input. */ input_data->x[0] ^= 1; - TEST_EQUAL( psa_verify_hash( handle, alg, + TEST_EQUAL( psa_verify_hash( key, alg, input_data->x, input_data->len, signature, signature_length ), PSA_ERROR_INVALID_SIGNATURE ); @@ -4280,7 +4257,7 @@ void sign_verify( int key_type_arg, data_t *key_data, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); mbedtls_free( signature ); PSA_DONE( ); } @@ -4291,7 +4268,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, int alg_arg, data_t *hash_data, data_t *signature_data ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -4305,14 +4282,14 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - PSA_ASSERT( psa_verify_hash( handle, alg, + PSA_ASSERT( psa_verify_hash( key, alg, hash_data->x, hash_data->len, signature_data->x, signature_data->len ) ); #if defined(MBEDTLS_TEST_DEPRECATED) - PSA_ASSERT( psa_asymmetric_verify( handle, alg, + PSA_ASSERT( psa_asymmetric_verify( key, alg, hash_data->x, hash_data->len, signature_data->x, signature_data->len ) ); @@ -4321,7 +4298,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -4332,7 +4309,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, data_t *signature_data, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_status_t actual_status; @@ -4346,15 +4323,15 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - actual_status = psa_verify_hash( handle, alg, + actual_status = psa_verify_hash( key, alg, hash_data->x, hash_data->len, signature_data->x, signature_data->len ); TEST_EQUAL( actual_status, expected_status ); #if defined(MBEDTLS_TEST_DEPRECATED) - TEST_EQUAL( psa_asymmetric_verify( handle, alg, + TEST_EQUAL( psa_asymmetric_verify( key, alg, hash_data->x, hash_data->len, signature_data->x, signature_data->len ), expected_status ); @@ -4362,7 +4339,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -4376,7 +4353,7 @@ void asymmetric_encrypt( int key_type_arg, int expected_output_length_arg, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t expected_output_length = expected_output_length_arg; @@ -4395,16 +4372,16 @@ void asymmetric_encrypt( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); /* Determine the maximum output length */ - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); ASSERT_ALLOC( output, output_size ); /* Encrypt the input */ - actual_status = psa_asymmetric_encrypt( handle, alg, + actual_status = psa_asymmetric_encrypt( key, alg, input_data->x, input_data->len, label->x, label->len, output, output_size, @@ -4419,7 +4396,7 @@ void asymmetric_encrypt( int key_type_arg, output_length = ~0; if( output_size != 0 ) memset( output, 0, output_size ); - actual_status = psa_asymmetric_encrypt( handle, alg, + actual_status = psa_asymmetric_encrypt( key, alg, input_data->x, input_data->len, NULL, label->len, output, output_size, @@ -4430,7 +4407,7 @@ void asymmetric_encrypt( int key_type_arg, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); mbedtls_free( output ); PSA_DONE( ); } @@ -4443,7 +4420,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *input_data, data_t *label ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t key_bits; @@ -4462,10 +4439,10 @@ void asymmetric_encrypt_decrypt( int key_type_arg, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); /* Determine the maximum ciphertext length */ - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); ASSERT_ALLOC( output, output_size ); @@ -4475,7 +4452,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random * part of encryption process which prevents using fixed vectors. */ - PSA_ASSERT( psa_asymmetric_encrypt( handle, alg, + PSA_ASSERT( psa_asymmetric_encrypt( key, alg, input_data->x, input_data->len, label->x, label->len, output, output_size, @@ -4484,7 +4461,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, * it looks sensible. */ TEST_ASSERT( output_length <= output_size ); - PSA_ASSERT( psa_asymmetric_decrypt( handle, alg, + PSA_ASSERT( psa_asymmetric_decrypt( key, alg, output, output_length, label->x, label->len, output2, output2_size, @@ -4494,7 +4471,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); mbedtls_free( output ); mbedtls_free( output2 ); PSA_DONE( ); @@ -4509,7 +4486,7 @@ void asymmetric_decrypt( int key_type_arg, data_t *label, data_t *expected_data ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output = NULL; @@ -4527,9 +4504,9 @@ void asymmetric_decrypt( int key_type_arg, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - PSA_ASSERT( psa_asymmetric_decrypt( handle, alg, + PSA_ASSERT( psa_asymmetric_decrypt( key, alg, input_data->x, input_data->len, label->x, label->len, output, @@ -4545,7 +4522,7 @@ void asymmetric_decrypt( int key_type_arg, output_length = ~0; if( output_size != 0 ) memset( output, 0, output_size ); - PSA_ASSERT( psa_asymmetric_decrypt( handle, alg, + PSA_ASSERT( psa_asymmetric_decrypt( key, alg, input_data->x, input_data->len, NULL, label->len, output, @@ -4557,7 +4534,7 @@ void asymmetric_decrypt( int key_type_arg, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); mbedtls_free( output ); PSA_DONE( ); } @@ -4572,7 +4549,7 @@ void asymmetric_decrypt_fail( int key_type_arg, int output_size_arg, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output = NULL; @@ -4591,9 +4568,9 @@ void asymmetric_decrypt_fail( int key_type_arg, psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - actual_status = psa_asymmetric_decrypt( handle, alg, + actual_status = psa_asymmetric_decrypt( key, alg, input_data->x, input_data->len, label->x, label->len, output, output_size, @@ -4608,7 +4585,7 @@ void asymmetric_decrypt_fail( int key_type_arg, output_length = ~0; if( output_size != 0 ) memset( output, 0, output_size ); - actual_status = psa_asymmetric_decrypt( handle, alg, + actual_status = psa_asymmetric_decrypt( key, alg, input_data->x, input_data->len, NULL, label->len, output, output_size, @@ -4619,7 +4596,7 @@ void asymmetric_decrypt_fail( int key_type_arg, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); mbedtls_free( output ); PSA_DONE( ); } @@ -4711,14 +4688,14 @@ void derive_input( int alg_arg, expected_status_arg2, expected_status_arg3}; data_t *inputs[] = {input1, input2, input3}; - psa_key_handle_t handles[] = { PSA_KEY_HANDLE_INIT, - PSA_KEY_HANDLE_INIT, - PSA_KEY_HANDLE_INIT}; + mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT, + MBEDTLS_SVC_KEY_ID_INIT, + MBEDTLS_SVC_KEY_ID_INIT }; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; size_t i; psa_key_type_t output_key_type = output_key_type_arg; - psa_key_handle_t output_handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t output_key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t expected_output_status = expected_output_status_arg; psa_status_t actual_output_status; @@ -4736,19 +4713,19 @@ void derive_input( int alg_arg, psa_set_key_type( &attributes, key_types[i] ); PSA_ASSERT( psa_import_key( &attributes, inputs[i]->x, inputs[i]->len, - &handles[i] ) ); + &keys[i] ) ); if( PSA_KEY_TYPE_IS_KEY_PAIR( key_types[i] ) && steps[i] == PSA_KEY_DERIVATION_INPUT_SECRET ) { // When taking a private key as secret input, use key agreement // to add the shared secret to the derivation - TEST_EQUAL( key_agreement_with_self( &operation, handles[i] ), + TEST_EQUAL( key_agreement_with_self( &operation, keys[i] ), expected_statuses[i] ); } else { TEST_EQUAL( psa_key_derivation_input_key( &operation, steps[i], - handles[i] ), + keys[i] ), expected_statuses[i] ); } } @@ -4768,7 +4745,7 @@ void derive_input( int alg_arg, psa_set_key_bits( &attributes, 8 ); actual_output_status = psa_key_derivation_output_key( &attributes, &operation, - &output_handle ); + &output_key ); } else { @@ -4781,9 +4758,9 @@ void derive_input( int alg_arg, exit: psa_key_derivation_abort( &operation ); - for( i = 0; i < ARRAY_LENGTH( handles ); i++ ) - psa_destroy_key( handles[i] ); - psa_destroy_key( output_handle ); + for( i = 0; i < ARRAY_LENGTH( keys ); i++ ) + psa_destroy_key( keys[i] ); + psa_destroy_key( output_key ); PSA_DONE( ); } /* END_CASE */ @@ -4792,7 +4769,7 @@ exit: void test_derive_invalid_key_derivation_state( int alg_arg ) { psa_algorithm_t alg = alg_arg; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; size_t key_type = PSA_KEY_TYPE_DERIVE; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char input1[] = "Input 1"; @@ -4814,10 +4791,10 @@ void test_derive_invalid_key_derivation_state( int alg_arg ) PSA_ASSERT( psa_import_key( &attributes, key_data, sizeof( key_data ), - &handle ) ); + &key ) ); /* valid key derivation */ - if( !setup_key_derivation_wrap( &operation, handle, alg, + if( !setup_key_derivation_wrap( &operation, key, alg, input1, input1_length, input2, input2_length, capacity ) ) @@ -4834,7 +4811,7 @@ void test_derive_invalid_key_derivation_state( int alg_arg ) exit: psa_key_derivation_abort( &operation ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -4880,9 +4857,9 @@ void derive_output( int alg_arg, psa_algorithm_t alg = alg_arg; psa_key_derivation_step_t steps[] = {step1_arg, step2_arg, step3_arg}; data_t *inputs[] = {input1, input2, input3}; - psa_key_handle_t handles[] = { PSA_KEY_HANDLE_INIT, - PSA_KEY_HANDLE_INIT, - PSA_KEY_HANDLE_INIT}; + mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT, + MBEDTLS_SVC_KEY_ID_INIT, + MBEDTLS_SVC_KEY_ID_INIT }; size_t requested_capacity = requested_capacity_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t *expected_outputs[2] = @@ -4924,10 +4901,9 @@ void derive_output( int alg_arg, case PSA_KEY_DERIVATION_INPUT_SECRET: PSA_ASSERT( psa_import_key( &attributes, inputs[i]->x, inputs[i]->len, - &handles[i] ) ); + &keys[i] ) ); PSA_ASSERT( psa_key_derivation_input_key( - &operation, steps[i], - handles[i] ) ); + &operation, steps[i], keys[i] ) ); break; default: PSA_ASSERT( psa_key_derivation_input_bytes( @@ -4979,8 +4955,8 @@ void derive_output( int alg_arg, exit: mbedtls_free( output_buffer ); psa_key_derivation_abort( &operation ); - for( i = 0; i < ARRAY_LENGTH( handles ); i++ ) - psa_destroy_key( handles[i] ); + for( i = 0; i < ARRAY_LENGTH( keys ); i++ ) + psa_destroy_key( keys[i] ); PSA_DONE( ); } /* END_CASE */ @@ -4992,7 +4968,7 @@ void derive_full( int alg_arg, data_t *input2, int requested_capacity_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -5008,9 +4984,9 @@ void derive_full( int alg_arg, psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); + &key ) ); - if( !setup_key_derivation_wrap( &operation, handle, alg, + if( !setup_key_derivation_wrap( &operation, key, alg, input1->x, input1->len, input2->x, input2->len, requested_capacity ) ) @@ -5043,7 +5019,7 @@ void derive_full( int alg_arg, exit: psa_key_derivation_abort( &operation ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -5058,8 +5034,8 @@ void derive_key_exercise( int alg_arg, int derived_usage_arg, int derived_alg_arg ) { - psa_key_handle_t base_handle = PSA_KEY_HANDLE_INIT; - psa_key_handle_t derived_handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; psa_key_type_t derived_type = derived_type_arg; size_t derived_bits = derived_bits_arg; @@ -5076,10 +5052,10 @@ void derive_key_exercise( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &base_handle ) ); + &base_key ) ); /* Derive a key. */ - if ( setup_key_derivation_wrap( &operation, base_handle, alg, + if ( setup_key_derivation_wrap( &operation, base_key, alg, input1->x, input1->len, input2->x, input2->len, capacity ) ) goto exit; @@ -5089,22 +5065,22 @@ void derive_key_exercise( int alg_arg, psa_set_key_type( &attributes, derived_type ); psa_set_key_bits( &attributes, derived_bits ); PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation, - &derived_handle ) ); + &derived_key ) ); /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( derived_handle, &got_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( derived_key, &got_attributes ) ); TEST_EQUAL( psa_get_key_type( &got_attributes ), derived_type ); TEST_EQUAL( psa_get_key_bits( &got_attributes ), derived_bits ); /* Exercise the derived key. */ - if( ! exercise_key( derived_handle, derived_usage, derived_alg ) ) + if( ! exercise_key( derived_key, derived_usage, derived_alg ) ) goto exit; exit: psa_key_derivation_abort( &operation ); psa_reset_key_attributes( &got_attributes ); - psa_destroy_key( base_handle ); - psa_destroy_key( derived_handle ); + psa_destroy_key( base_key ); + psa_destroy_key( derived_key ); PSA_DONE( ); } /* END_CASE */ @@ -5117,8 +5093,8 @@ void derive_key_export( int alg_arg, int bytes1_arg, int bytes2_arg ) { - psa_key_handle_t base_handle = PSA_KEY_HANDLE_INIT; - psa_key_handle_t derived_handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; size_t bytes1 = bytes1_arg; size_t bytes2 = bytes2_arg; @@ -5138,10 +5114,10 @@ void derive_key_export( int alg_arg, psa_set_key_algorithm( &base_attributes, alg ); psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len, - &base_handle ) ); + &base_key ) ); /* Derive some material and output it. */ - if( !setup_key_derivation_wrap( &operation, base_handle, alg, + if( !setup_key_derivation_wrap( &operation, base_key, alg, input1->x, input1->len, input2->x, input2->len, capacity ) ) goto exit; @@ -5152,7 +5128,7 @@ void derive_key_export( int alg_arg, PSA_ASSERT( psa_key_derivation_abort( &operation ) ); /* Derive the same output again, but this time store it in key objects. */ - if( !setup_key_derivation_wrap( &operation, base_handle, alg, + if( !setup_key_derivation_wrap( &operation, base_key, alg, input1->x, input1->len, input2->x, input2->len, capacity ) ) goto exit; @@ -5162,16 +5138,16 @@ void derive_key_export( int alg_arg, psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) ); PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, - &derived_handle ) ); - PSA_ASSERT( psa_export_key( derived_handle, + &derived_key ) ); + PSA_ASSERT( psa_export_key( derived_key, export_buffer, bytes1, &length ) ); TEST_EQUAL( length, bytes1 ); - PSA_ASSERT( psa_destroy_key( derived_handle ) ); + PSA_ASSERT( psa_destroy_key( derived_key ) ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) ); PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, - &derived_handle ) ); - PSA_ASSERT( psa_export_key( derived_handle, + &derived_key ) ); + PSA_ASSERT( psa_export_key( derived_key, export_buffer + bytes1, bytes2, &length ) ); TEST_EQUAL( length, bytes2 ); @@ -5184,8 +5160,8 @@ exit: mbedtls_free( output_buffer ); mbedtls_free( export_buffer ); psa_key_derivation_abort( &operation ); - psa_destroy_key( base_handle ); - psa_destroy_key( derived_handle ); + psa_destroy_key( base_key ); + psa_destroy_key( derived_key ); PSA_DONE( ); } /* END_CASE */ @@ -5196,8 +5172,8 @@ void derive_key( int alg_arg, int type_arg, int bits_arg, int expected_status_arg ) { - psa_key_handle_t base_handle = PSA_KEY_HANDLE_INIT; - psa_key_handle_t derived_handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; psa_key_type_t type = type_arg; size_t bits = bits_arg; @@ -5212,9 +5188,9 @@ void derive_key( int alg_arg, psa_set_key_algorithm( &base_attributes, alg ); psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len, - &base_handle ) ); + &base_key ) ); - if( !setup_key_derivation_wrap( &operation, base_handle, alg, + if( !setup_key_derivation_wrap( &operation, base_key, alg, input1->x, input1->len, input2->x, input2->len, SIZE_MAX ) ) goto exit; @@ -5224,13 +5200,13 @@ void derive_key( int alg_arg, psa_set_key_type( &derived_attributes, type ); psa_set_key_bits( &derived_attributes, bits ); TEST_EQUAL( psa_key_derivation_output_key( &derived_attributes, &operation, - &derived_handle ), + &derived_key ), expected_status ); exit: psa_key_derivation_abort( &operation ); - psa_destroy_key( base_handle ); - psa_destroy_key( derived_handle ); + psa_destroy_key( base_key ); + psa_destroy_key( derived_key ); PSA_DONE( ); } /* END_CASE */ @@ -5241,7 +5217,7 @@ void key_agreement_setup( int alg_arg, data_t *our_key_data, data_t *peer_key_data, int expected_status_arg ) { - psa_key_handle_t our_key = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; psa_algorithm_t our_key_alg = our_key_alg_arg; psa_key_type_t our_key_type = our_key_type_arg; @@ -5290,7 +5266,7 @@ void raw_key_agreement( int alg_arg, data_t *peer_key_data, data_t *expected_output ) { - psa_key_handle_t our_key = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -5327,7 +5303,7 @@ void key_agreement_capacity( int alg_arg, data_t *peer_key_data, int expected_capacity_arg ) { - psa_key_handle_t our_key = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -5387,7 +5363,7 @@ void key_agreement_output( int alg_arg, data_t *peer_key_data, data_t *expected_output1, data_t *expected_output2 ) { - psa_key_handle_t our_key = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -5501,7 +5477,7 @@ void generate_key( int type_arg, int alg_arg, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; psa_key_usage_t usage = usage_arg; size_t bits = bits_arg; @@ -5518,22 +5494,22 @@ void generate_key( int type_arg, psa_set_key_bits( &attributes, bits ); /* Generate a key */ - TEST_EQUAL( psa_generate_key( &attributes, &handle ), expected_status ); + TEST_EQUAL( psa_generate_key( &attributes, &key ), expected_status ); if( expected_status != PSA_SUCCESS ) goto exit; /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits ); /* Do something with the key according to its type and permitted usage. */ - if( ! exercise_key( handle, usage, alg ) ) + if( ! exercise_key( key, usage, alg ) ) goto exit; exit: psa_reset_key_attributes( &got_attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -5543,7 +5519,7 @@ void generate_key_rsa( int bits_arg, data_t *e_arg, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR; size_t bits = bits_arg; psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; @@ -5578,12 +5554,12 @@ void generate_key_rsa( int bits_arg, psa_set_key_bits( &attributes, bits ); /* Generate a key */ - TEST_EQUAL( psa_generate_key( &attributes, &handle ), expected_status ); + TEST_EQUAL( psa_generate_key( &attributes, &key ), expected_status ); if( expected_status != PSA_SUCCESS ) goto exit; /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); PSA_ASSERT( psa_get_key_domain_parameters( &attributes, @@ -5595,11 +5571,11 @@ void generate_key_rsa( int bits_arg, ASSERT_COMPARE( e_read_buffer, e_read_length, e_arg->x, e_arg->len ); /* Do something with the key according to its type and permitted usage. */ - if( ! exercise_key( handle, usage, alg ) ) + if( ! exercise_key( key, usage, alg ) ) goto exit; /* Export the key and check the public exponent. */ - PSA_ASSERT( psa_export_public_key( handle, + PSA_ASSERT( psa_export_public_key( key, exported, exported_size, &exported_length ) ); { @@ -5634,7 +5610,7 @@ void generate_key_rsa( int bits_arg, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); mbedtls_free( e_read_buffer ); mbedtls_free( exported ); @@ -5649,8 +5625,8 @@ void persistent_key_load_key_from_storage( data_t *data, { mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 1 ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; - psa_key_handle_t base_key = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; size_t bits = bits_arg; psa_key_usage_t usage_flags = usage_flags_arg; @@ -5681,12 +5657,12 @@ void persistent_key_load_key_from_storage( data_t *data, case IMPORT_KEY: /* Import the key */ PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, - &handle ) ); + &key ) ); break; case GENERATE_KEY: /* Generate a key */ - PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); + PSA_ASSERT( psa_generate_key( &attributes, &key ) ); break; case DERIVE_KEY: @@ -5711,10 +5687,10 @@ void persistent_key_load_key_from_storage( data_t *data, NULL, 0 ) ); PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation, - &handle ) ); + &key ) ); PSA_ASSERT( psa_key_derivation_abort( &operation ) ); PSA_ASSERT( psa_destroy_key( base_key ) ); - base_key = PSA_KEY_HANDLE_INIT; + base_key = MBEDTLS_SVC_KEY_ID_INIT; } break; } @@ -5723,7 +5699,7 @@ void persistent_key_load_key_from_storage( data_t *data, /* Export the key if permitted by the key policy. */ if( usage_flags & PSA_KEY_USAGE_EXPORT ) { - PSA_ASSERT( psa_export_key( handle, + PSA_ASSERT( psa_export_key( key, first_export, export_size, &first_exported_length ) ); if( generation_method == IMPORT_KEY ) @@ -5732,13 +5708,12 @@ void persistent_key_load_key_from_storage( data_t *data, } /* Shutdown and restart */ - PSA_ASSERT( psa_close_key( handle ) ); + PSA_ASSERT( psa_purge_key( key ) ); PSA_DONE(); PSA_ASSERT( psa_crypto_init() ); /* Check key slot still contains key data */ - PSA_ASSERT( psa_open_key( key_id, &handle ) ); - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), key_id ) ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), @@ -5751,7 +5726,7 @@ void persistent_key_load_key_from_storage( data_t *data, /* Export the key again if permitted by the key policy. */ if( usage_flags & PSA_KEY_USAGE_EXPORT ) { - PSA_ASSERT( psa_export_key( handle, + PSA_ASSERT( psa_export_key( key, second_export, export_size, &second_exported_length ) ); ASSERT_COMPARE( first_export, first_exported_length, @@ -5759,7 +5734,7 @@ void persistent_key_load_key_from_storage( data_t *data, } /* Do something with the key according to its type and permitted usage. */ - if( ! exercise_key( handle, usage_flags, alg ) ) + if( ! exercise_key( key, usage_flags, alg ) ) goto exit; exit: @@ -5768,14 +5743,7 @@ exit: mbedtls_free( second_export ); psa_key_derivation_abort( &operation ); psa_destroy_key( base_key ); - if( psa_key_handle_is_null( handle ) ) - { - /* In case there was a test failure after creating the persistent key - * but while it was not open, try to re-open the persistent key - * to delete it. */ - (void) psa_open_key( key_id, &handle ); - } - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 53df781e04bb..415418854d81 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -19,7 +19,7 @@ void ecdsa_sign( int force_status_arg, { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); uint8_t signature[64]; @@ -34,7 +34,7 @@ void ecdsa_sign( int force_status_arg, psa_set_key_algorithm( &attributes, alg ); psa_import_key( &attributes, key_input->x, key_input->len, - &handle ); + &key ); test_driver_signature_sign_hooks.forced_status = force_status; if( fake_output == 1 ) @@ -43,7 +43,7 @@ void ecdsa_sign( int force_status_arg, test_driver_signature_sign_hooks.forced_output_length = expected_output->len; } - actual_status = psa_sign_hash( handle, alg, + actual_status = psa_sign_hash( key, alg, data_input->x, data_input->len, signature, sizeof( signature ), &signature_length ); @@ -57,7 +57,7 @@ void ecdsa_sign( int force_status_arg, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); test_driver_signature_sign_hooks = test_driver_signature_hooks_init(); } @@ -73,7 +73,7 @@ void ecdsa_verify( int force_status_arg, { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); psa_status_t actual_status; @@ -88,7 +88,7 @@ void ecdsa_verify( int force_status_arg, psa_set_key_algorithm( &attributes, alg ); psa_import_key( &attributes, key_input->x, key_input->len, - &handle ); + &key ); } else { @@ -98,12 +98,12 @@ void ecdsa_verify( int force_status_arg, psa_set_key_algorithm( &attributes, alg ); psa_import_key( &attributes, key_input->x, key_input->len, - &handle ); + &key ); } test_driver_signature_verify_hooks.forced_status = force_status; - actual_status = psa_verify_hash( handle, alg, + actual_status = psa_verify_hash( key, alg, data_input->x, data_input->len, signature_input->x, signature_input->len ); TEST_EQUAL( actual_status, expected_status ); @@ -111,7 +111,7 @@ void ecdsa_verify( int force_status_arg, exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); test_driver_signature_verify_hooks = test_driver_signature_hooks_init(); } @@ -124,7 +124,7 @@ void generate_key( int force_status_arg, { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 ); const uint8_t *expected_output = NULL; @@ -152,13 +152,13 @@ void generate_key( int force_status_arg, PSA_ASSERT( psa_crypto_init( ) ); - actual_status = psa_generate_key( &attributes, &handle ); + actual_status = psa_generate_key( &attributes, &key ); TEST_EQUAL( test_driver_key_management_hooks.hits, 1 ); TEST_EQUAL( actual_status, expected_status ); if( actual_status == PSA_SUCCESS ) { - psa_export_key( handle, actual_output, sizeof(actual_output), &actual_output_length ); + psa_export_key( key, actual_output, sizeof(actual_output), &actual_output_length ); if( fake_output->len > 0 ) { @@ -178,7 +178,7 @@ void generate_key( int force_status_arg, } exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); test_driver_key_management_hooks = test_driver_key_management_hooks_init(); } @@ -193,7 +193,7 @@ void validate_key( int force_status_arg, psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; psa_key_type_t key_type = key_type_arg; - psa_key_handle_t handle = 0; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t actual_status; test_driver_key_management_hooks = test_driver_key_management_hooks_init(); @@ -207,12 +207,12 @@ void validate_key( int force_status_arg, PSA_ASSERT( psa_crypto_init( ) ); - actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &handle ); + actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &key ); TEST_EQUAL( test_driver_key_management_hooks.hits, 1 ); TEST_EQUAL( actual_status, expected_status ); exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); test_driver_key_management_hooks = test_driver_key_management_hooks_init(); } @@ -220,13 +220,13 @@ exit: /* BEGIN_CASE */ void cipher_encrypt( int alg_arg, int key_type_arg, - data_t *key, data_t *iv, + data_t *key_data, data_t *iv, data_t *input, data_t *expected_output, int mock_output_arg, int force_status_arg, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -247,10 +247,10 @@ void cipher_encrypt( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); test_driver_cipher_hooks.hits = 0; @@ -305,7 +305,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, exit: psa_cipher_abort( &operation ); mbedtls_free( output ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); test_driver_cipher_hooks = test_driver_cipher_hooks_init(); } @@ -313,13 +313,13 @@ exit: /* BEGIN_CASE */ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, - data_t *key, data_t *iv, + data_t *key_data, data_t *iv, data_t *input, int first_part_size_arg, int output1_length_arg, int output2_length_arg, data_t *expected_output ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; @@ -339,10 +339,10 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); test_driver_cipher_hooks.hits = 0; @@ -390,7 +390,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, exit: psa_cipher_abort( &operation ); mbedtls_free( output ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); test_driver_cipher_hooks = test_driver_cipher_hooks_init(); } @@ -398,13 +398,13 @@ exit: /* BEGIN_CASE */ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, - data_t *key, data_t *iv, + data_t *key_data, data_t *iv, data_t *input, int first_part_size_arg, int output1_length_arg, int output2_length_arg, data_t *expected_output ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; @@ -424,10 +424,10 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); test_driver_cipher_hooks.hits = 0; @@ -477,7 +477,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, exit: psa_cipher_abort( &operation ); mbedtls_free( output ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); test_driver_cipher_hooks = test_driver_cipher_hooks_init(); } @@ -485,13 +485,13 @@ exit: /* BEGIN_CASE */ void cipher_decrypt( int alg_arg, int key_type_arg, - data_t *key, data_t *iv, + data_t *key_data, data_t *iv, data_t *input, data_t *expected_output, int mock_output_arg, int force_status_arg, int expected_status_arg ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -512,10 +512,10 @@ void cipher_decrypt( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, - handle, alg ) ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); test_driver_cipher_hooks.hits = 0; @@ -569,7 +569,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, exit: psa_cipher_abort( &operation ); mbedtls_free( output ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); test_driver_cipher_hooks = test_driver_cipher_hooks_init(); } @@ -577,10 +577,10 @@ exit: /* BEGIN_CASE */ void cipher_entry_points( int alg_arg, int key_type_arg, - data_t *key, data_t *iv, + data_t *key_data, data_t *iv, data_t *input ) { - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -600,12 +600,12 @@ void cipher_entry_points( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); /* Test setup call, encrypt */ test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; - status = psa_cipher_encrypt_setup( &operation, - handle, alg ); + status = psa_cipher_encrypt_setup( &operation, key, alg ); /* When setup fails, it shouldn't call any further entry points */ TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); @@ -615,8 +615,7 @@ void cipher_entry_points( int alg_arg, int key_type_arg, TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); /* Test setup call failure, decrypt */ - status = psa_cipher_decrypt_setup( &operation, - handle, alg ); + status = psa_cipher_decrypt_setup( &operation, key, alg ); /* When setup fails, it shouldn't call any further entry points */ TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); @@ -627,8 +626,7 @@ void cipher_entry_points( int alg_arg, int key_type_arg, /* Test IV setting failure */ test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, - handle, alg ); + status = psa_cipher_encrypt_setup( &operation, key, alg ); TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); test_driver_cipher_hooks.hits = 0; @@ -650,8 +648,7 @@ void cipher_entry_points( int alg_arg, int key_type_arg, /* Test IV generation failure */ test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, - handle, alg ); + status = psa_cipher_encrypt_setup( &operation, key, alg ); TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); test_driver_cipher_hooks.hits = 0; @@ -673,8 +670,7 @@ void cipher_entry_points( int alg_arg, int key_type_arg, /* Test update failure */ test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, - handle, alg ); + status = psa_cipher_encrypt_setup( &operation, key, alg ); TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); test_driver_cipher_hooks.hits = 0; @@ -704,8 +700,7 @@ void cipher_entry_points( int alg_arg, int key_type_arg, /* Test finish failure */ test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, - handle, alg ); + status = psa_cipher_encrypt_setup( &operation, key, alg ); TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); test_driver_cipher_hooks.hits = 0; @@ -744,7 +739,7 @@ void cipher_entry_points( int alg_arg, int key_type_arg, exit: psa_cipher_abort( &operation ); mbedtls_free( output ); - psa_destroy_key( handle ); + psa_destroy_key( key ); PSA_DONE( ); test_driver_cipher_hooks = test_driver_cipher_hooks_init(); } diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index d587886dcb2b..62ef6e2d7388 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -185,7 +185,7 @@ void validate_module_init_key_based( int count ) psa_status_t status; uint8_t data[10] = { 0 }; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = mbedtls_svc_key_id_make( 0xdead, 0xdead ); + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0xdead, 0xdead ); int i; for( i = 0; i < count; i++ ) @@ -195,9 +195,9 @@ void validate_module_init_key_based( int count ) PSA_DONE( ); } psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - status = psa_import_key( &attributes, data, sizeof( data ), &handle ); + status = psa_import_key( &attributes, data, sizeof( data ), &key ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_ASSERT( psa_key_handle_is_null( handle ) ); + TEST_ASSERT( mbedtls_svc_key_id_is_null( key ) ); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 34b88a70b5b1..ed30848ad857 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -117,7 +117,6 @@ exit: void save_large_persistent_key( int data_length_arg, int expected_status ) { mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; uint8_t *data = NULL; size_t data_length = data_length_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -129,11 +128,11 @@ void save_large_persistent_key( int data_length_arg, int expected_status ) psa_set_key_id( &attributes, key_id ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - TEST_EQUAL( psa_import_key( &attributes, data, data_length, &handle ), + TEST_EQUAL( psa_import_key( &attributes, data, data_length, &key_id ), expected_status ); if( expected_status == PSA_SUCCESS ) - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( key_id ) ); exit: mbedtls_free( data ); @@ -149,7 +148,7 @@ void persistent_key_destroy( int owner_id_arg, int key_id_arg, int restart, { mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( owner_id_arg, key_id_arg ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t first_type = (psa_key_type_t) first_type_arg; psa_key_type_t second_type = (psa_key_type_t) second_type_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -160,24 +159,21 @@ void persistent_key_destroy( int owner_id_arg, int key_id_arg, int restart, psa_set_key_type( &attributes, first_type ); PSA_ASSERT( psa_import_key( &attributes, first_data->x, first_data->len, - &handle ) ); + &returned_key_id ) ); if( restart ) { - psa_close_key( handle ); + psa_close_key( key_id ); PSA_DONE(); PSA_ASSERT( psa_crypto_init() ); - PSA_ASSERT( psa_open_key( key_id, &handle ) ); } TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 ); /* Destroy the key */ - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( key_id ) ); /* Check key slot storage is removed */ TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); - TEST_EQUAL( psa_open_key( key_id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); - TEST_ASSERT( psa_key_handle_is_null( handle ) ); /* Shutdown and restart */ PSA_DONE(); @@ -187,9 +183,9 @@ void persistent_key_destroy( int owner_id_arg, int key_id_arg, int restart, psa_set_key_id( &attributes, key_id ); psa_set_key_type( &attributes, second_type ); PSA_ASSERT( psa_import_key( &attributes, second_data->x, second_data->len, - &handle ) ); + &returned_key_id ) ); - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( key_id ) ); exit: PSA_DONE(); @@ -203,42 +199,44 @@ void persistent_key_import( int owner_id_arg, int key_id_arg, int type_arg, { mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( owner_id_arg, key_id_arg ); + mbedtls_svc_key_id_t returned_key_id; psa_key_type_t type = (psa_key_type_t) type_arg; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init() ); psa_set_key_id( &attributes, key_id ); psa_set_key_type( &attributes, type ); - TEST_EQUAL( psa_import_key( &attributes, data->x, data->len, &handle ), + TEST_EQUAL( psa_import_key( &attributes, data->x, data->len, &returned_key_id ), expected_status ); if( expected_status != PSA_SUCCESS ) { + TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_key_id ) ); TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); goto exit; } + TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key_id ) ); + if( restart ) { - psa_close_key( handle ); + PSA_ASSERT( psa_purge_key( key_id ) ); PSA_DONE(); PSA_ASSERT( psa_crypto_init() ); - PSA_ASSERT( psa_open_key( key_id, &handle ) ); } psa_reset_key_attributes( &attributes ); - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), key_id ) ); + PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); + TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), + key_id ) ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), PSA_KEY_LIFETIME_PERSISTENT ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( key_id ) ); exit: psa_reset_key_attributes( &attributes ); @@ -254,7 +252,7 @@ void import_export_persistent_key( data_t *data, int type_arg, { mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 ); psa_key_type_t type = (psa_key_type_t) type_arg; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT; unsigned char *exported = NULL; size_t export_size = data->len; size_t exported_length; @@ -269,20 +267,20 @@ void import_export_persistent_key( data_t *data, int type_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, + &returned_key_id ) ); if( restart ) { - psa_close_key( handle ); + PSA_ASSERT( psa_purge_key( key_id ) ); PSA_DONE(); PSA_ASSERT( psa_crypto_init() ); - PSA_ASSERT( psa_open_key( key_id, &handle ) ); } /* Test the key information */ psa_reset_key_attributes( &attributes ); - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), key_id ) ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), @@ -299,13 +297,13 @@ void import_export_persistent_key( data_t *data, int type_arg, psa_destroy_persistent_key( key_id ); } /* Export the key */ - PSA_ASSERT( psa_export_key( handle, exported, export_size, + PSA_ASSERT( psa_export_key( key_id, exported, export_size, &exported_length ) ); ASSERT_COMPARE( data->x, data->len, exported, exported_length ); /* Destroy the key */ - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( key_id ) ); TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); exit: diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index f22e6b7ec6a3..e5f87e08b962 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -367,7 +367,7 @@ static psa_status_t ram_export_public( psa_drv_se_context_t *context, size_t *data_length ) { psa_status_t status; - psa_key_handle_t handle; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; (void) context; @@ -379,11 +379,11 @@ static psa_status_t ram_export_public( psa_drv_se_context_t *context, status = psa_import_key( &attributes, ram_slots[slot_number].content, PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ), - &handle ); + &key ); if( status != PSA_SUCCESS ) return( status ); - status = psa_export_public_key( handle, data, data_size, data_length ); - psa_destroy_key( handle ); + status = psa_export_public_key( key, data, data_size, data_length ); + psa_destroy_key( key ); return( PSA_SUCCESS ); } @@ -450,7 +450,7 @@ static psa_status_t ram_sign( psa_drv_se_context_t *context, { ram_slot_t *slot; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; (void) context; @@ -463,13 +463,13 @@ static psa_status_t ram_sign( psa_drv_se_context_t *context, DRIVER_ASSERT( psa_import_key( &attributes, slot->content, PSA_BITS_TO_BYTES( slot->bits ), - &handle ) == PSA_SUCCESS ); - status = psa_sign_hash( handle, alg, + &key ) == PSA_SUCCESS ); + status = psa_sign_hash( key, alg, hash, hash_length, signature, signature_size, signature_length ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); return( status ); } @@ -483,7 +483,7 @@ static psa_status_t ram_verify( psa_drv_se_context_t *context, { ram_slot_t *slot; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; (void) context; @@ -496,20 +496,18 @@ static psa_status_t ram_verify( psa_drv_se_context_t *context, DRIVER_ASSERT( psa_import_key( &attributes, slot->content, PSA_BITS_TO_BYTES( slot->bits ), - &handle ) == + &key ) == PSA_SUCCESS ); - status = psa_verify_hash( handle, alg, + status = psa_verify_hash( key, alg, hash, hash_length, signature, signature_length ); exit: - psa_destroy_key( handle ); + psa_destroy_key( key ); return( status ); } - - /****************************************************************/ /* Other test helper functions */ /****************************************************************/ @@ -524,13 +522,13 @@ typedef enum /* Check that the attributes of a key reported by psa_get_key_attributes() * are consistent with the attributes used when creating the key. */ static int check_key_attributes( - psa_key_handle_t handle, + mbedtls_svc_key_id_t key, const psa_key_attributes_t *reference_attributes ) { int ok = 0; psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_attributes( handle, &actual_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( key, &actual_attributes ) ); TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &actual_attributes ), @@ -654,7 +652,7 @@ static int is_status_smoke_free( psa_status_t status ) * mostly bogus parameters: the goal is to ensure that there is no memory * corruption or crash. This test function is most useful when run under * an environment with sanity checks such as ASan or MSan. */ -static int smoke_test_key( psa_key_handle_t handle ) +static int smoke_test_key( mbedtls_svc_key_id_t key ) { int ok = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -664,54 +662,54 @@ static int smoke_test_key( psa_key_handle_t handle ) PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t buffer[80]; /* large enough for a public key for ECDH */ size_t length; - psa_key_handle_t handle2 = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT; - SMOKE_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + SMOKE_ASSERT( psa_get_key_attributes( key, &attributes ) ); - SMOKE_ASSERT( psa_export_key( handle, + SMOKE_ASSERT( psa_export_key( key, buffer, sizeof( buffer ), &length ) ); - SMOKE_ASSERT( psa_export_public_key( handle, + SMOKE_ASSERT( psa_export_public_key( key, buffer, sizeof( buffer ), &length ) ); - SMOKE_ASSERT( psa_copy_key( handle, &attributes, &handle2 ) ); - if( ! psa_key_handle_is_null( handle2 ) ) - PSA_ASSERT( psa_close_key( handle2 ) ); + SMOKE_ASSERT( psa_copy_key( key, &attributes, &key2 ) ); + if( ! mbedtls_svc_key_id_is_null( key2 ) ) + PSA_ASSERT( psa_destroy_key( key2 ) ); - SMOKE_ASSERT( psa_mac_sign_setup( &mac_operation, handle, PSA_ALG_CMAC ) ); + SMOKE_ASSERT( psa_mac_sign_setup( &mac_operation, key, PSA_ALG_CMAC ) ); PSA_ASSERT( psa_mac_abort( &mac_operation ) ); - SMOKE_ASSERT( psa_mac_verify_setup( &mac_operation, handle, + SMOKE_ASSERT( psa_mac_verify_setup( &mac_operation, key, PSA_ALG_HMAC( PSA_ALG_SHA_256 ) ) ); PSA_ASSERT( psa_mac_abort( &mac_operation ) ); - SMOKE_ASSERT( psa_cipher_encrypt_setup( &cipher_operation, handle, + SMOKE_ASSERT( psa_cipher_encrypt_setup( &cipher_operation, key, PSA_ALG_CTR ) ); PSA_ASSERT( psa_cipher_abort( &cipher_operation ) ); - SMOKE_ASSERT( psa_cipher_decrypt_setup( &cipher_operation, handle, + SMOKE_ASSERT( psa_cipher_decrypt_setup( &cipher_operation, key, PSA_ALG_CTR ) ); PSA_ASSERT( psa_cipher_abort( &cipher_operation ) ); - SMOKE_ASSERT( psa_aead_encrypt( handle, PSA_ALG_CCM, + SMOKE_ASSERT( psa_aead_encrypt( key, PSA_ALG_CCM, buffer, sizeof( buffer ), NULL, 0, buffer, sizeof( buffer), buffer, sizeof( buffer), &length ) ); - SMOKE_ASSERT( psa_aead_decrypt( handle, PSA_ALG_CCM, + SMOKE_ASSERT( psa_aead_decrypt( key, PSA_ALG_CCM, buffer, sizeof( buffer ), NULL, 0, buffer, sizeof( buffer), buffer, sizeof( buffer), &length ) ); - SMOKE_ASSERT( psa_sign_hash( handle, PSA_ALG_ECDSA_ANY, + SMOKE_ASSERT( psa_sign_hash( key, PSA_ALG_ECDSA_ANY, buffer, 32, buffer, sizeof( buffer ), &length ) ); - SMOKE_ASSERT( psa_verify_hash( handle, PSA_ALG_ECDSA_ANY, + SMOKE_ASSERT( psa_verify_hash( key, PSA_ALG_ECDSA_ANY, buffer, 32, buffer, sizeof( buffer ) ) ); - SMOKE_ASSERT( psa_asymmetric_encrypt( handle, PSA_ALG_RSA_PKCS1V15_CRYPT, + SMOKE_ASSERT( psa_asymmetric_encrypt( key, PSA_ALG_RSA_PKCS1V15_CRYPT, buffer, 10, NULL, 0, buffer, sizeof( buffer ), &length ) ); - SMOKE_ASSERT( psa_asymmetric_decrypt( handle, PSA_ALG_RSA_PKCS1V15_CRYPT, + SMOKE_ASSERT( psa_asymmetric_decrypt( key, PSA_ALG_RSA_PKCS1V15_CRYPT, buffer, sizeof( buffer ), NULL, 0, buffer, sizeof( buffer ), &length ) ); @@ -724,12 +722,12 @@ static int smoke_test_key( psa_key_handle_t handle ) NULL, 0 ) ); SMOKE_ASSERT( psa_key_derivation_input_key( &derivation_operation, PSA_KEY_DERIVATION_INPUT_SECRET, - handle ) ); + key ) ); PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) ); /* If the key is asymmetric, try it in a key agreement, both as * part of a derivation operation and standalone. */ - if( psa_export_public_key( handle, buffer, sizeof( buffer ), &length ) == + if( psa_export_public_key( key, buffer, sizeof( buffer ), &length ) == PSA_SUCCESS ) { psa_algorithm_t alg = @@ -742,11 +740,11 @@ static int smoke_test_key( psa_key_handle_t handle ) SMOKE_ASSERT( psa_key_derivation_key_agreement( &derivation_operation, PSA_KEY_DERIVATION_INPUT_SECRET, - handle, buffer, length ) ); + key, buffer, length ) ); PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) ); SMOKE_ASSERT( psa_raw_key_agreement( - alg, handle, buffer, length, + alg, key, buffer, length, buffer, sizeof( buffer ), &length ) ); } #endif /* MBEDTLS_SHA256_C */ @@ -880,7 +878,8 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; uint8_t exported[sizeof( key_material )]; @@ -909,7 +908,7 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); PSA_ASSERT( psa_import_key( &attributes, key_material, sizeof( key_material ), - &handle ) ); + &returned_id ) ); if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) @@ -940,7 +939,8 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) { /* Check that the PSA core has no knowledge of the volatile key */ - TEST_ASSERT( psa_open_key( id, &handle ) == PSA_ERROR_DOES_NOT_EXIST ); + TEST_ASSERT( psa_open_key( returned_id, &handle ) == + PSA_ERROR_DOES_NOT_EXIST ); /* Drop data from our mockup driver */ ram_slots_reset(); @@ -948,20 +948,16 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) /* Re-import key */ PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &handle ) ); + key_material, sizeof( key_material ), + &returned_id ) ); } else { - - /* Check we can re-open the persistent key */ + /* Check the persistent key file */ if( ! check_persistent_data( location, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) goto exit; - - /* Check that the PSA core still knows about the key */ - PSA_ASSERT( psa_open_key( id, &handle ) ); } } @@ -972,24 +968,23 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( sizeof( key_material ) ) ); psa_set_key_slot_number( &attributes, min_slot ); - psa_set_key_id( &attributes, handle ); - if( ! check_key_attributes( handle, &attributes ) ) + psa_set_key_id( &attributes, returned_id ); + if( ! check_key_attributes( returned_id, &attributes ) ) goto exit; /* Test the key data. */ - PSA_ASSERT( psa_export_key( handle, + PSA_ASSERT( psa_export_key( returned_id, exported, sizeof( exported ), &exported_length ) ); ASSERT_COMPARE( key_material, sizeof( key_material ), exported, exported_length ); - PSA_ASSERT( psa_destroy_key( handle ) ); - handle = PSA_KEY_HANDLE_INIT; + PSA_ASSERT( psa_destroy_key( returned_id ) ); if( ! check_persistent_data( location, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) goto exit; - TEST_EQUAL( psa_open_key( id, &handle ), + TEST_EQUAL( psa_open_key( returned_id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); /* Test that the key has been erased from the designated slot. */ @@ -1015,7 +1010,8 @@ void key_creation_in_chosen_slot( int slot_arg, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id; + psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; @@ -1042,7 +1038,7 @@ void key_creation_in_chosen_slot( int slot_arg, psa_set_key_slot_number( &attributes, wanted_slot ); status = psa_import_key( &attributes, key_material, sizeof( key_material ), - &handle ); + &returned_id ); TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) @@ -1062,7 +1058,6 @@ void key_creation_in_chosen_slot( int slot_arg, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) goto exit; - PSA_ASSERT( psa_open_key( id, &handle ) ); } /* Test that the key was created in the expected slot. */ @@ -1070,16 +1065,14 @@ void key_creation_in_chosen_slot( int slot_arg, /* Test that the key is reported with the correct attributes, * including the expected slot. */ - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( id, &attributes ) ); - PSA_ASSERT( psa_destroy_key( handle ) ); - handle = PSA_KEY_HANDLE_INIT; + PSA_ASSERT( psa_destroy_key( id ) ); if( ! check_persistent_data( location, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) goto exit; - TEST_EQUAL( psa_open_key( id, &handle ), - PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); exit: PSA_DONE( ); @@ -1099,7 +1092,8 @@ void import_key_smoke( int type_arg, int alg_arg, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id; + psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; TEST_USES_KEY_ID( id ); @@ -1127,13 +1121,13 @@ void import_key_smoke( int type_arg, int alg_arg, psa_set_key_type( &attributes, type ); PSA_ASSERT( psa_import_key( &attributes, key_material->x, key_material->len, - &handle ) ); + &returned_id ) ); if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; /* Do stuff with the key. */ - if( ! smoke_test_key( handle ) ) + if( ! smoke_test_key( id ) ) goto exit; /* Restart and try again. */ @@ -1143,18 +1137,15 @@ void import_key_smoke( int type_arg, int alg_arg, if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; - PSA_ASSERT( psa_open_key( id, &handle ) ); - if( ! smoke_test_key( handle ) ) + if( ! smoke_test_key( id ) ) goto exit; /* We're done. */ - PSA_ASSERT( psa_destroy_key( handle ) ); - handle = PSA_KEY_HANDLE_INIT; + PSA_ASSERT( psa_destroy_key( id ) ); if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; - TEST_EQUAL( psa_open_key( id, &handle ), - PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); exit: PSA_DONE( ); @@ -1173,7 +1164,7 @@ void generate_key_not_supported( int type_arg, int bits_arg ) psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; TEST_USES_KEY_ID( id ); @@ -1193,7 +1184,7 @@ void generate_key_not_supported( int type_arg, int bits_arg ) psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_type( &attributes, type ); psa_set_key_bits( &attributes, bits ); - TEST_EQUAL( psa_generate_key( &attributes, &handle ), + TEST_EQUAL( psa_generate_key( &attributes, &returned_id ), PSA_ERROR_NOT_SUPPORTED ); exit: @@ -1214,7 +1205,8 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id; + psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; TEST_USES_KEY_ID( id ); @@ -1241,13 +1233,13 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); psa_set_key_bits( &attributes, bits ); - PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); + PSA_ASSERT( psa_generate_key( &attributes, &returned_id ) ); if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; /* Do stuff with the key. */ - if( ! smoke_test_key( handle ) ) + if( ! smoke_test_key( id ) ) goto exit; /* Restart and try again. */ @@ -1257,18 +1249,15 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; - PSA_ASSERT( psa_open_key( id, &handle ) ); - if( ! smoke_test_key( handle ) ) + if( ! smoke_test_key( id ) ) goto exit; /* We're done. */ - PSA_ASSERT( psa_destroy_key( handle ) ); - handle = PSA_KEY_HANDLE_INIT; + PSA_ASSERT( psa_destroy_key( id ) ); if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; - TEST_EQUAL( psa_open_key( id, &handle ), - PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); exit: PSA_DONE( ); @@ -1296,8 +1285,8 @@ void sign_verify( int flow, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t drv_handle = PSA_KEY_HANDLE_INIT; /* key managed by the driver */ - psa_key_handle_t sw_handle = PSA_KEY_HANDLE_INIT; /* transparent key */ + mbedtls_svc_key_id_t returned_id; + mbedtls_svc_key_id_t sw_key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t drv_attributes; uint8_t signature[PSA_SIGNATURE_MAX_SIZE]; @@ -1352,11 +1341,11 @@ void sign_verify( int flow, if( generating ) { psa_set_key_bits( &drv_attributes, bits ); - PSA_ASSERT( psa_generate_key( &drv_attributes, &drv_handle ) ); + PSA_ASSERT( psa_generate_key( &drv_attributes, &returned_id ) ); /* Since we called a generate method that does not actually * generate material, store the desired result of generation in * the mock secure element storage. */ - PSA_ASSERT( psa_get_key_attributes( drv_handle, &drv_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( id, &drv_attributes ) ); TEST_EQUAL( key_material->len, PSA_BITS_TO_BYTES( bits ) ); memcpy( ram_slots[ram_min_slot].content, key_material->x, key_material->len ); @@ -1365,7 +1354,7 @@ void sign_verify( int flow, { PSA_ASSERT( psa_import_key( &drv_attributes, key_material->x, key_material->len, - &drv_handle ) ); + &returned_id ) ); } /* Either import the same key in software, or export the driver's @@ -1376,20 +1365,20 @@ void sign_verify( int flow, case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: PSA_ASSERT( psa_import_key( &sw_attributes, key_material->x, key_material->len, - &sw_handle ) ); + &sw_key ) ); break; case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC: { uint8_t public_key[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE( PSA_VENDOR_ECC_MAX_CURVE_BITS )]; size_t public_key_length; - PSA_ASSERT( psa_export_public_key( drv_handle, + PSA_ASSERT( psa_export_public_key( id, public_key, sizeof( public_key ), &public_key_length ) ); psa_set_key_type( &sw_attributes, PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ) ); PSA_ASSERT( psa_import_key( &sw_attributes, public_key, public_key_length, - &sw_handle ) ); + &sw_key ) ); break; } } @@ -1400,16 +1389,14 @@ void sign_verify( int flow, case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC: PSA_ASSERT_VIA_DRIVER( - psa_sign_hash( drv_handle, - alg, + psa_sign_hash( id, alg, input->x, input->len, signature, sizeof( signature ), &signature_length ), PSA_SUCCESS ); break; case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION: - PSA_ASSERT( psa_sign_hash( sw_handle, - alg, + PSA_ASSERT( psa_sign_hash( sw_key, alg, input->x, input->len, signature, sizeof( signature ), &signature_length ) ); @@ -1417,30 +1404,30 @@ void sign_verify( int flow, } /* Verify with both keys. */ - PSA_ASSERT( psa_verify_hash( sw_handle, alg, + PSA_ASSERT( psa_verify_hash( sw_key, alg, input->x, input->len, signature, signature_length ) ); PSA_ASSERT_VIA_DRIVER( - psa_verify_hash( drv_handle, alg, + psa_verify_hash( id, alg, input->x, input->len, signature, signature_length ), PSA_SUCCESS ); /* Change the signature and verify again. */ signature[0] ^= 1; - TEST_EQUAL( psa_verify_hash( sw_handle, alg, + TEST_EQUAL( psa_verify_hash( sw_key, alg, input->x, input->len, signature, signature_length ), PSA_ERROR_INVALID_SIGNATURE ); PSA_ASSERT_VIA_DRIVER( - psa_verify_hash( drv_handle, alg, + psa_verify_hash( id, alg, input->x, input->len, signature, signature_length ), PSA_ERROR_INVALID_SIGNATURE ); exit: - psa_destroy_key( drv_handle ); - psa_destroy_key( sw_handle ); + psa_destroy_key( id ); + psa_destroy_key( sw_key ); PSA_DONE( ); ram_slots_reset( ); psa_purge_storage( ); @@ -1461,9 +1448,9 @@ void register_key_smoke_test( int lifetime_arg, psa_drv_se_key_management_t key_management; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); + psa_key_handle_t handle; size_t bit_size = 48; psa_key_slot_number_t wanted_slot = 0x123456789; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_status_t status; TEST_USES_KEY_ID( id ); @@ -1499,10 +1486,8 @@ void register_key_smoke_test( int lifetime_arg, goto exit; /* Test that the key exists and has the expected attributes. */ - PSA_ASSERT( psa_open_key( id, &handle ) ); - if( ! check_key_attributes( handle, &attributes ) ) + if( ! check_key_attributes( id, &attributes ) ) goto exit; - PSA_ASSERT( psa_close_key( handle ) ); #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) mbedtls_svc_key_id_t invalid_id = @@ -1510,22 +1495,21 @@ void register_key_smoke_test( int lifetime_arg, TEST_EQUAL( psa_open_key( invalid_id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); #endif + PSA_ASSERT( psa_purge_key( id ) ); + /* Restart and try again. */ PSA_DONE( ); PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_open_key( id, &handle ) ); - if( ! check_key_attributes( handle, &attributes ) ) + if( ! check_key_attributes( id, &attributes ) ) goto exit; /* This time, destroy the key. */ - PSA_ASSERT( psa_destroy_key( handle ) ); - handle = PSA_KEY_HANDLE_INIT; - TEST_EQUAL( psa_open_key( id, &handle ), - PSA_ERROR_DOES_NOT_EXIST ); + PSA_ASSERT( psa_destroy_key( id ) ); + TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); exit: psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); + psa_destroy_key( id ); PSA_DONE( ); psa_purge_storage( ); memset( &validate_slot_number_directions, 0, diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 0e2e203c87c1..629c924ed9da 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -333,7 +333,7 @@ void mock_import( int mock_alloc_return_value, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; @@ -357,7 +357,7 @@ void mock_import( int mock_alloc_return_value, psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); TEST_ASSERT( psa_import_key( &attributes, key_material, sizeof( key_material ), - &handle ) == expected_result ); + &returned_id ) == expected_result ); TEST_ASSERT( mock_allocate_data.called == 1 ); TEST_ASSERT( mock_import_data.called == @@ -385,7 +385,7 @@ void mock_import( int mock_alloc_return_value, if( expected_result == PSA_SUCCESS ) { - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( id ) ); TEST_ASSERT( mock_destroy_data.called == 1 ); } exit: @@ -402,7 +402,7 @@ void mock_export( int mock_export_return_value, int expected_result ) psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; uint8_t exported[sizeof( key_material )]; @@ -428,15 +428,15 @@ void mock_export( int mock_export_return_value, int expected_result ) psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); PSA_ASSERT( psa_import_key( &attributes, key_material, sizeof( key_material ), - &handle ) ); + &returned_id ) ); - TEST_ASSERT( psa_export_key( handle, - exported, sizeof( exported ), - &exported_length ) == expected_result ); + TEST_ASSERT( psa_export_key( id, + exported, sizeof( exported ), + &exported_length ) == expected_result ); TEST_ASSERT( mock_export_data.called == 1 ); - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( id ) ); TEST_ASSERT( mock_destroy_data.called == 1 ); @@ -456,7 +456,7 @@ void mock_generate( int mock_alloc_return_value, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mock_allocate_data.return_value = mock_alloc_return_value; @@ -477,7 +477,7 @@ void mock_generate( int mock_alloc_return_value, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); psa_set_key_bits( &attributes, 8 ); - TEST_ASSERT( psa_generate_key( &attributes, &handle ) == expected_result ); + TEST_ASSERT( psa_generate_key( &attributes, &returned_id) == expected_result ); TEST_ASSERT( mock_allocate_data.called == 1 ); TEST_ASSERT( mock_generate_data.called == ( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) ); @@ -504,7 +504,7 @@ void mock_generate( int mock_alloc_return_value, if( expected_result == PSA_SUCCESS ) { - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( id ) ); TEST_ASSERT( mock_destroy_data.called == 1 ); } @@ -523,7 +523,7 @@ void mock_export_public( int mock_export_public_return_value, psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; uint8_t exported[sizeof( key_material )]; @@ -549,13 +549,13 @@ void mock_export_public( int mock_export_public_return_value, PSA_ASSERT( psa_import_key( &attributes, key_material, sizeof( key_material ), - &handle ) ); + &returned_id ) ); - TEST_ASSERT( psa_export_public_key( handle, exported, sizeof(exported), + TEST_ASSERT( psa_export_public_key( id, exported, sizeof(exported), &exported_length ) == expected_result ); TEST_ASSERT( mock_export_public_data.called == 1 ); - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( id ) ); TEST_ASSERT( mock_destroy_data.called == 1 ); exit: @@ -573,7 +573,7 @@ void mock_sign( int mock_sign_return_value, int expected_result ) psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); @@ -607,16 +607,16 @@ void mock_sign( int mock_sign_return_value, int expected_result ) PSA_ASSERT( psa_import_key( &attributes, key_material, sizeof( key_material ), - &handle ) ); + &returned_id ) ); - TEST_ASSERT( psa_sign_hash( handle, algorithm, + TEST_ASSERT( psa_sign_hash( id, algorithm, hash, sizeof( hash ), signature, sizeof( signature ), &signature_length) == expected_result ); TEST_ASSERT( mock_sign_data.called == 1 ); - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( id ) ); TEST_ASSERT( mock_destroy_data.called == 1 ); exit: @@ -634,7 +634,7 @@ void mock_verify( int mock_verify_return_value, int expected_result ) psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); @@ -667,15 +667,15 @@ void mock_verify( int mock_verify_return_value, int expected_result ) PSA_ASSERT( psa_import_key( &attributes, key_material, sizeof( key_material ), - &handle ) ); + &returned_id ) ); - TEST_ASSERT( psa_verify_hash( handle, algorithm, + TEST_ASSERT( psa_verify_hash( id, algorithm, hash, sizeof( hash ), signature, sizeof( signature ) ) == expected_result ); TEST_ASSERT( mock_verify_data.called == 1 ); - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( id ) ); TEST_ASSERT( mock_destroy_data.called == 1 ); exit: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 2b3087ff940f..4e959b6d2f00 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -164,5 +164,5 @@ invalid_handle:INVALID_HANDLE_CLOSED:PSA_ERROR_DOES_NOT_EXIST:PSA_ERROR_DOES_NOT invalid handle: huge invalid_handle:INVALID_HANDLE_HUGE:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE -Open many transient handles -many_transient_handles:42 +Open many transient keys +many_transient_keys:42 diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 12cf3eac9901..2f9d01b371dd 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -7,11 +7,11 @@ typedef enum { - CLOSE_BY_CLOSE, /**< Close the handle(s). */ - CLOSE_BY_DESTROY, /**< Destroy the handle(s). */ - CLOSE_BY_SHUTDOWN, /**< Deinit and reinit without closing handles. */ - CLOSE_BY_CLOSE_WITH_SHUTDOWN, /**< Close handle(s) then deinit/reinit. */ - CLOSE_BY_DESTROY_WITH_SHUTDOWN, /**< Destroy handle(s) then deinit/reinit. */ + CLOSE_BY_CLOSE, /**< Close key(s). */ + CLOSE_BY_DESTROY, /**< Destroy key(s) */ + CLOSE_BY_SHUTDOWN, /**< Deinit and reinit without closing keys. */ + CLOSE_BY_CLOSE_WITH_SHUTDOWN, /**< Close key(s) then deinit/reinit. */ + CLOSE_BY_DESTROY_WITH_SHUTDOWN, /**< Destroy key(s) then deinit/reinit. */ } close_method_t; typedef enum @@ -74,21 +74,22 @@ static void psa_purge_key_storage( void ) #define TEST_USES_KEY_ID( key_id ) ( (void) ( key_id ) ) #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -/** Apply \p close_method to invalidate the specified handles: +/** Apply \p close_method to invalidate the specified key: * close it, destroy it, or do nothing; */ -static int invalidate_handle( close_method_t close_method, - psa_key_handle_t handle ) +static int invalidate_key( close_method_t close_method, + mbedtls_svc_key_id_t key ) { switch( close_method ) { + /* Closing the key invalidate only volatile keys, not permanent ones. */ case CLOSE_BY_CLOSE: case CLOSE_BY_CLOSE_WITH_SHUTDOWN: - PSA_ASSERT( psa_close_key( handle ) ); + PSA_ASSERT( psa_close_key( key ) ); break; case CLOSE_BY_DESTROY: case CLOSE_BY_DESTROY_WITH_SHUTDOWN: - PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_destroy_key( key ) ); break; case CLOSE_BY_SHUTDOWN: break; @@ -142,7 +143,7 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, psa_key_usage_t usage_flags = usage_arg; psa_key_type_t type = type_arg; close_method_t close_method = close_method_arg; - psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -152,21 +153,21 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); - TEST_ASSERT( ! psa_key_handle_is_null( handle ) ); - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + &key ) ); + TEST_ASSERT( ! mbedtls_svc_key_id_is_null( key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); - /* Do something that invalidates the handle. */ - if( ! invalidate_handle( close_method, handle ) ) + /* Do something that invalidates the key. */ + if( ! invalidate_key( close_method, key ) ) goto exit; if( ! invalidate_psa( close_method ) ) goto exit; - /* Test that the handle is now invalid. */ - TEST_EQUAL( psa_get_key_attributes( handle, &attributes ), + /* Test that the key is now invalid. */ + TEST_EQUAL( psa_get_key_attributes( key, &attributes ), PSA_ERROR_DOES_NOT_EXIST ); - TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL( psa_close_key( key ), PSA_ERROR_DOES_NOT_EXIST ); exit: PSA_DONE( ); @@ -186,6 +187,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, psa_key_usage_t usage_flags = usage_arg; psa_key_type_t type = type_arg; close_method_t close_method = close_method_arg; + mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t read_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -195,14 +197,13 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) mbedtls_svc_key_id_t wrong_owner_id = mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg ); - psa_key_handle_t invalid_handle = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t invalid_svc_key_id = MBEDTLS_SVC_KEY_ID_INIT; #endif TEST_USES_KEY_ID( id ); PSA_ASSERT( psa_crypto_init( ) ); - /* Get a handle and import a key. */ psa_set_key_id( &attributes, id ); psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_type( &attributes, type ); @@ -210,15 +211,15 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_enrollment_algorithm( &attributes, alg2 ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); - TEST_ASSERT( ! psa_key_handle_is_null( handle ) ); + &returned_id ) ); + TEST_ASSERT( mbedtls_svc_key_id_equal( id, returned_id ) ); #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ), + TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_svc_key_id ), PSA_ERROR_DOES_NOT_EXIST ); #endif - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( id, &attributes ) ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), id ) ); @@ -227,15 +228,16 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); - /* Close the key and reopen it. */ - PSA_ASSERT( psa_close_key( handle ) ); + /* Close the key and then open it. */ + PSA_ASSERT( psa_close_key( id ) ); #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ), + TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_svc_key_id ), PSA_ERROR_DOES_NOT_EXIST ); #endif PSA_ASSERT( psa_open_key( id, &handle ) ); + TEST_ASSERT( ! psa_key_handle_is_null( handle ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); TEST_ASSERT( mbedtls_svc_key_id_equal( @@ -245,13 +247,16 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); - /* Do something that invalidates the handle. */ - if( ! invalidate_handle( close_method, handle ) ) + /* + * Do something that wipes key data in volatile memory or destroy the + * key. + */ + if( ! invalidate_key( close_method, id ) ) goto exit; if( ! invalidate_psa( close_method ) ) goto exit; - /* Try to reopen the key. If we destroyed it, check that it doesn't + /* Try to reaccess the key. If we destroyed it, check that it doesn't * exist. Otherwise check that it still exists and has the expected * content. */ switch( close_method ) @@ -260,7 +265,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, case CLOSE_BY_CLOSE_WITH_SHUTDOWN: case CLOSE_BY_SHUTDOWN: PSA_ASSERT( psa_open_key( id, &handle ) ); - PSA_ASSERT( psa_get_key_attributes( handle, &read_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( id, &read_attributes ) ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), psa_get_key_lifetime( &read_attributes ) ); TEST_ASSERT( mbedtls_svc_key_id_equal( @@ -278,17 +283,14 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, if( usage_flags & PSA_KEY_USAGE_EXPORT ) { ASSERT_ALLOC( reexported, key_data->len ); - PSA_ASSERT( psa_export_key( handle, - reexported, key_data->len, + PSA_ASSERT( psa_export_key( id, reexported, key_data->len, &reexported_length ) ); ASSERT_COMPARE( key_data->x, key_data->len, reexported, reexported_length ); } else { - TEST_EQUAL( psa_export_key( handle, - NULL, 0, - &reexported_length ), + TEST_EQUAL( psa_export_key( id, NULL, 0, &reexported_length ), PSA_ERROR_NOT_PERMITTED ); } PSA_ASSERT( psa_close_key( handle ) ); @@ -296,7 +298,14 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, case CLOSE_BY_DESTROY: case CLOSE_BY_DESTROY_WITH_SHUTDOWN: - TEST_EQUAL( psa_open_key( id, &handle ), + /* + * Test that the key handle and identifier are now not refering to an + * existing key. + */ + TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ), + PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL( psa_get_key_attributes( id, &read_attributes ), PSA_ERROR_DOES_NOT_EXIST ); break; } @@ -314,8 +323,7 @@ void create_existent( int lifetime_arg, int owner_id_arg, int id_arg, { psa_key_lifetime_t lifetime = lifetime_arg; mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); - psa_key_handle_t handle1 = PSA_KEY_HANDLE_INIT; - psa_key_handle_t handle2 = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA; const uint8_t material1[5] = "a key"; @@ -336,26 +344,24 @@ void create_existent( int lifetime_arg, int owner_id_arg, int id_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &attributes, 0 ); PSA_ASSERT( psa_import_key( &attributes, material1, sizeof( material1 ), - &handle1 ) ); - TEST_ASSERT( ! psa_key_handle_is_null( handle1 ) ); + &returned_id ) ); + TEST_ASSERT( mbedtls_svc_key_id_equal( id, returned_id ) ); if( reopen_policy == CLOSE_BEFORE ) - PSA_ASSERT( psa_close_key( handle1 ) ); + PSA_ASSERT( psa_close_key( id ) ); /* Attempt to create a new key in the same slot. */ TEST_EQUAL( psa_import_key( &attributes, material2, sizeof( material2 ), - &handle2 ), + &returned_id ), PSA_ERROR_ALREADY_EXISTS ); - TEST_ASSERT( psa_key_handle_is_null( handle2 ) ); + TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_id ) ); if( reopen_policy == CLOSE_AFTER ) - PSA_ASSERT( psa_close_key( handle1 ) ); - if( reopen_policy == CLOSE_BEFORE || reopen_policy == CLOSE_AFTER ) - PSA_ASSERT( psa_open_key( id, &handle1 ) ); + PSA_ASSERT( psa_close_key( id ) ); /* Check that the original key hasn't changed. */ psa_reset_key_attributes( &attributes ); - PSA_ASSERT( psa_get_key_attributes( handle1, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( id, &attributes ) ); TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), id ) ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); @@ -364,13 +370,13 @@ void create_existent( int lifetime_arg, int owner_id_arg, int id_arg, TEST_EQUAL( psa_get_key_usage_flags( &attributes ), PSA_KEY_USAGE_EXPORT ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - PSA_ASSERT( psa_export_key( handle1, + PSA_ASSERT( psa_export_key( id, reexported, sizeof( reexported ), &reexported_length ) ); ASSERT_COMPARE( material1, sizeof( material1 ), reexported, reexported_length ); - PSA_ASSERT( psa_close_key( handle1 ) ); + PSA_ASSERT( psa_close_key( id ) ); exit: PSA_DONE( ); @@ -404,7 +410,8 @@ void create_fail( int lifetime_arg, int id_arg, mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = mbedtls_svc_key_id_make( 0xdead, 0xdead ); + mbedtls_svc_key_id_t returned_id = + mbedtls_svc_key_id_make( 0xdead, 0xdead ); uint8_t material[1] = {'k'}; TEST_USES_KEY_ID( id ); @@ -415,9 +422,9 @@ void create_fail( int lifetime_arg, int id_arg, psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); TEST_EQUAL( psa_import_key( &attributes, material, sizeof( material ), - &handle ), + &returned_id ), expected_status ); - TEST_ASSERT( psa_key_handle_is_null( handle ) ); + TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_id ) ); exit: PSA_DONE( ); @@ -443,16 +450,17 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, mbedtls_svc_key_id_make( source_owner_id_arg, source_id_arg ); psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; - psa_key_handle_t source_handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t source_type = type_arg; + mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_lifetime_t target_lifetime = target_lifetime_arg; mbedtls_svc_key_id_t target_id = mbedtls_svc_key_id_make( target_owner_id_arg, target_id_arg ); psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; - psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_svc_key_id_t returned_target_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT; psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; psa_algorithm_t expected_alg2 = expected_alg2_arg; @@ -473,9 +481,10 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, - &source_handle ) ); + &returned_source_id ) ); /* Update the attributes with the bit size. */ - PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( returned_source_id, + &source_attributes ) ); /* Prepare the target slot. */ psa_set_key_id( &target_attributes, target_id ); @@ -486,11 +495,11 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); /* Copy the key. */ - PSA_ASSERT( psa_copy_key( source_handle, - &target_attributes, &target_handle ) ); + PSA_ASSERT( psa_copy_key( returned_source_id, + &target_attributes, &returned_target_id ) ); /* Destroy the source to ensure that this doesn't affect the target. */ - PSA_ASSERT( psa_destroy_key( source_handle ) ); + PSA_ASSERT( psa_destroy_key( returned_source_id ) ); /* If the target key is persistent, restart the system to make * sure that the material is still alive. */ @@ -503,7 +512,8 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, /* Test that the target slot has the expected content. */ psa_reset_key_attributes( &target_attributes ); - PSA_ASSERT( psa_get_key_attributes( target_handle, &target_attributes ) ); + PSA_ASSERT( psa_get_key_attributes( returned_target_id, + &target_attributes ) ); if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE ) { @@ -513,10 +523,9 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, else { #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( target_id ), + TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( returned_target_id ), target_owner_id_arg ); #endif - TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( target_id ), 0 ); } TEST_EQUAL( target_lifetime, psa_get_key_lifetime( &target_attributes ) ); @@ -531,7 +540,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, { size_t length; ASSERT_ALLOC( export_buffer, material->len ); - PSA_ASSERT( psa_export_key( target_handle, export_buffer, + PSA_ASSERT( psa_export_key( returned_target_id, export_buffer, material->len, &length ) ); ASSERT_COMPARE( material->x, material->len, export_buffer, length ); @@ -540,12 +549,12 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, { size_t length; /* Check that the key is actually non-exportable. */ - TEST_EQUAL( psa_export_key( target_handle, export_buffer, + TEST_EQUAL( psa_export_key( returned_target_id, export_buffer, material->len, &length ), PSA_ERROR_NOT_PERMITTED ); } - PSA_ASSERT( psa_destroy_key( target_handle ) ); + PSA_ASSERT( psa_destroy_key( returned_target_id ) ); exit: PSA_DONE( ); @@ -569,16 +578,16 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, mbedtls_svc_key_id_make( 1, source_id_arg ); psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; - psa_key_handle_t source_handle = PSA_KEY_HANDLE_INIT; psa_key_type_t source_type = source_type_arg; + mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_lifetime_t target_lifetime = target_lifetime_arg; mbedtls_svc_key_id_t target_id = mbedtls_svc_key_id_make( 1, target_id_arg ); psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; - psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT; psa_key_type_t target_type = target_type_arg; - psa_key_handle_t new_handle = mbedtls_svc_key_id_make( 0xdead, 0xdead ); + mbedtls_svc_key_id_t returned_target_id = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t new_key = MBEDTLS_SVC_KEY_ID_INIT; uint8_t *export_buffer = NULL; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes1 = PSA_KEY_ATTRIBUTES_INIT; @@ -600,12 +609,12 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, psa_set_key_algorithm( &attributes, source_alg ); PSA_ASSERT( psa_import_key( &attributes, source_material->x, source_material->len, - &source_handle ) ); + &returned_source_id ) ); /* Populate the target slot. */ if( mbedtls_svc_key_id_equal( target_id, source_id ) ) { - target_handle = source_handle; + returned_target_id = returned_source_id; } else { @@ -616,20 +625,21 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, psa_set_key_algorithm( &attributes1, target_alg ); PSA_ASSERT( psa_import_key( &attributes1, target_material->x, target_material->len, - &target_handle ) ); + &returned_target_id ) ); } - PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes1 ) ); + + PSA_ASSERT( psa_get_key_attributes( returned_target_id, &attributes1 ) ); /* Make a copy attempt. */ psa_set_key_id( &attributes, target_id ); psa_set_key_lifetime( &attributes, target_lifetime ); - TEST_EQUAL( psa_copy_key( source_handle, - &attributes, &new_handle ), + TEST_EQUAL( psa_copy_key( returned_source_id, + &attributes, &new_key ), PSA_ERROR_ALREADY_EXISTS ); - TEST_ASSERT( psa_key_handle_is_null( new_handle ) ); + TEST_ASSERT( mbedtls_svc_key_id_is_null( new_key ) ); /* Test that the target slot is unaffected. */ - PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes2 ) ); + PSA_ASSERT( psa_get_key_attributes( returned_target_id, &attributes2 ) ); TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes1 ), psa_get_key_id( &attributes2 ) ) ); @@ -647,15 +657,15 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, { size_t length; ASSERT_ALLOC( export_buffer, target_material->len ); - PSA_ASSERT( psa_export_key( target_handle, export_buffer, + PSA_ASSERT( psa_export_key( returned_target_id, export_buffer, target_material->len, &length ) ); ASSERT_COMPARE( target_material->x, target_material->len, export_buffer, length ); } - PSA_ASSERT( psa_destroy_key( source_handle ) ); - if( ! psa_key_handle_equal( target_handle, source_handle ) ) - PSA_ASSERT( psa_destroy_key( target_handle ) ); + PSA_ASSERT( psa_destroy_key( returned_source_id ) ); + if( ! mbedtls_svc_key_id_equal( target_id, source_id ) ) + PSA_ASSERT( psa_destroy_key( returned_target_id ) ); exit: PSA_DONE( ); @@ -750,51 +760,51 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void many_transient_handles( int max_handles_arg ) +void many_transient_keys( int max_keys_arg ) { - psa_key_handle_t *handles = NULL; - size_t max_handles = max_handles_arg; + mbedtls_svc_key_id_t *keys = NULL; + size_t max_keys = max_keys_arg; size_t i, j; psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t exported[sizeof( size_t )]; size_t exported_length; - ASSERT_ALLOC( handles, max_handles ); + ASSERT_ALLOC( keys, max_keys ); PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &attributes, 0 ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - for( i = 0; i < max_handles; i++ ) + for( i = 0; i < max_keys; i++ ) { status = psa_import_key( &attributes, (uint8_t *) &i, sizeof( i ), - &handles[i] ); + &keys[i] ); if( status == PSA_ERROR_INSUFFICIENT_MEMORY ) break; PSA_ASSERT( status ); - TEST_ASSERT( ! psa_key_handle_is_null( handles[i] ) ); + TEST_ASSERT( ! mbedtls_svc_key_id_is_null( keys[i] ) ); for( j = 0; j < i; j++ ) - TEST_ASSERT( ! psa_key_handle_equal( handles[i], handles[j] ) ); + TEST_ASSERT( ! mbedtls_svc_key_id_equal( keys[i], keys[j] ) ); } - max_handles = i; + max_keys = i; - for( i = 1; i < max_handles; i++ ) + for( i = 1; i < max_keys; i++ ) { - PSA_ASSERT( psa_close_key( handles[i - 1] ) ); - PSA_ASSERT( psa_export_key( handles[i], + PSA_ASSERT( psa_close_key( keys[i - 1] ) ); + PSA_ASSERT( psa_export_key( keys[i], exported, sizeof( exported ), &exported_length ) ); ASSERT_COMPARE( exported, exported_length, (uint8_t *) &i, sizeof( i ) ); } - PSA_ASSERT( psa_close_key( handles[i - 1] ) ); + PSA_ASSERT( psa_close_key( keys[i - 1] ) ); exit: PSA_DONE( ); - mbedtls_free( handles ); + mbedtls_free( keys ); } /* END_CASE */ diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 1dd264264961..9f2007d0bc32 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -161,7 +161,7 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, int cert_type ) { mbedtls_pk_context key; - psa_key_handle_t slot = PSA_KEY_HANDLE_INIT; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t md_alg_psa; mbedtls_x509write_csr req; unsigned char buf[4096]; @@ -178,7 +178,7 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, mbedtls_pk_init( &key ); TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); - TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &slot, md_alg_psa ) == 0 ); + TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &key_id, md_alg_psa ) == 0 ); mbedtls_x509write_csr_init( &req ); mbedtls_x509write_csr_set_md_alg( &req, md_type ); @@ -202,7 +202,7 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, exit: mbedtls_x509write_csr_free( &req ); mbedtls_pk_free( &key ); - psa_destroy_key( slot ); + psa_destroy_key( key_id ); PSA_DONE( ); } /* END_CASE */ From 39309979220294af8f534c2231676cf1dc62ad52 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 20 Oct 2020 17:01:35 +0200 Subject: [PATCH 17/55] tests: slot mgmt: Add purge checks in volatile key lifecycle test Signed-off-by: Ronald Cron --- .../test_suite_psa_crypto_slot_management.function | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 2f9d01b371dd..9fc2eac6d42f 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -157,6 +157,16 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, TEST_ASSERT( ! mbedtls_svc_key_id_is_null( key ) ); PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); + psa_reset_key_attributes( &attributes ); + + /* + * Purge the key and make sure that it is still valid, as purging a + * volatile key shouldn't invalidate/destroy it. + */ + PSA_ASSERT( psa_purge_key( key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + TEST_EQUAL( psa_get_key_type( &attributes ), type ); + psa_reset_key_attributes( &attributes ); /* Do something that invalidates the key. */ if( ! invalidate_key( close_method, key ) ) From e7e86cfa3c7d4d023dc53f0875b5378619e2d140 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 20 Oct 2020 17:24:41 +0200 Subject: [PATCH 18/55] tests: slot mgmt: Rename ways of invalidating keys Rename ways of invalidating keys before introducing key purging tests because the "CLOSE_BY" prefix doesn't get on well with the purge operation. Signed-off-by: Ronald Cron --- ...test_suite_psa_crypto_slot_management.data | 38 ++++----- ..._suite_psa_crypto_slot_management.function | 81 ++++++++++--------- 2 files changed, 64 insertions(+), 55 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 4e959b6d2f00..e5827b53cf7e 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -1,65 +1,65 @@ Transient slot, check after closing -transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING Transient slot, check after closing and restarting -transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE_WITH_SHUTDOWN +transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN Transient slot, check after destroying -transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY +transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING Transient slot, check after destroying and restarting -transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY_WITH_SHUTDOWN +transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN Transient slot, check after restart with live handles -transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN +transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN Persistent slot, check after closing, id=min -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING Persistent slot, check after closing and restarting, id=min -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING Persistent slot, check after destroying, id=min -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING Persistent slot, check after destroying and restarting, id=min -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING Persistent slot, check after restart with live handle, id=min -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN Persistent slot, check after closing, id=max -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:129:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:129:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING Persistent slot, check after destroying, id=max -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:130:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:130:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING Persistent slot, check after restart, id=max -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:131:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:131:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN Persistent slot: ECP keypair (ECDSA, exportable), close depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING Persistent slot: ECP keypair (ECDSA, exportable), close+restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:133:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:133:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN Persistent slot: ECP keypair (ECDSA, exportable), restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:134:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:134:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:136:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:136:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN Attempt to overwrite: close before create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x1736:1:CLOSE_BEFORE diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 9fc2eac6d42f..3b9ff24c4222 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -7,12 +7,21 @@ typedef enum { - CLOSE_BY_CLOSE, /**< Close key(s). */ - CLOSE_BY_DESTROY, /**< Destroy key(s) */ - CLOSE_BY_SHUTDOWN, /**< Deinit and reinit without closing keys. */ - CLOSE_BY_CLOSE_WITH_SHUTDOWN, /**< Close key(s) then deinit/reinit. */ - CLOSE_BY_DESTROY_WITH_SHUTDOWN, /**< Destroy key(s) then deinit/reinit. */ -} close_method_t; + /**< Close key(s) */ + INVALIDATE_BY_CLOSING, + + /**< Destroy key(s) */ + INVALIDATE_BY_DESTROYING, + + /**< Terminate and reinitialize without closing/destroying keys */ + INVALIDATE_BY_SHUTDOWN, + + /**< Close key(s) then terminate and re-initialize */ + INVALIDATE_BY_CLOSING_WITH_SHUTDOWN, + + /**< Destroy key(s) then terminate and re-initialize */ + INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN, +} invalidate_method_t; typedef enum { @@ -74,24 +83,24 @@ static void psa_purge_key_storage( void ) #define TEST_USES_KEY_ID( key_id ) ( (void) ( key_id ) ) #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -/** Apply \p close_method to invalidate the specified key: +/** Apply \p invalidate_method to invalidate the specified key: * close it, destroy it, or do nothing; */ -static int invalidate_key( close_method_t close_method, +static int invalidate_key( invalidate_method_t invalidate_method, mbedtls_svc_key_id_t key ) { - switch( close_method ) + switch( invalidate_method ) { /* Closing the key invalidate only volatile keys, not permanent ones. */ - case CLOSE_BY_CLOSE: - case CLOSE_BY_CLOSE_WITH_SHUTDOWN: + case INVALIDATE_BY_CLOSING: + case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: PSA_ASSERT( psa_close_key( key ) ); break; - case CLOSE_BY_DESTROY: - case CLOSE_BY_DESTROY_WITH_SHUTDOWN: + case INVALIDATE_BY_DESTROYING: + case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN: PSA_ASSERT( psa_destroy_key( key ) ); break; - case CLOSE_BY_SHUTDOWN: + case INVALIDATE_BY_SHUTDOWN: break; } return( 1 ); @@ -99,20 +108,20 @@ exit: return( 0 ); } -/** Restart the PSA subsystem if \p close_method says so. */ -static int invalidate_psa( close_method_t close_method ) +/** Restart the PSA subsystem if \p invalidate_method says so. */ +static int invalidate_psa( invalidate_method_t invalidate_method ) { - switch( close_method ) + switch( invalidate_method ) { - case CLOSE_BY_CLOSE: - case CLOSE_BY_DESTROY: + case INVALIDATE_BY_CLOSING: + case INVALIDATE_BY_DESTROYING: return( 1 ); - case CLOSE_BY_CLOSE_WITH_SHUTDOWN: - case CLOSE_BY_DESTROY_WITH_SHUTDOWN: + case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: + case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN: /* All keys must have been closed. */ PSA_DONE( ); break; - case CLOSE_BY_SHUTDOWN: + case INVALIDATE_BY_SHUTDOWN: /* Some keys may remain behind, and we're testing that this * properly closes them. */ mbedtls_psa_crypto_free( ); @@ -137,12 +146,12 @@ exit: /* BEGIN_CASE */ void transient_slot_lifecycle( int usage_arg, int alg_arg, int type_arg, data_t *key_data, - int close_method_arg ) + int invalidate_method_arg ) { psa_algorithm_t alg = alg_arg; psa_key_usage_t usage_flags = usage_arg; psa_key_type_t type = type_arg; - close_method_t close_method = close_method_arg; + invalidate_method_t invalidate_method = invalidate_method_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -169,9 +178,9 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, psa_reset_key_attributes( &attributes ); /* Do something that invalidates the key. */ - if( ! invalidate_key( close_method, key ) ) + if( ! invalidate_key( invalidate_method, key ) ) goto exit; - if( ! invalidate_psa( close_method ) ) + if( ! invalidate_psa( invalidate_method ) ) goto exit; /* Test that the key is now invalid. */ @@ -188,7 +197,7 @@ exit: void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, int usage_arg, int alg_arg, int alg2_arg, int type_arg, data_t *key_data, - int close_method_arg ) + int invalidate_method_arg ) { psa_key_lifetime_t lifetime = lifetime_arg; mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); @@ -196,7 +205,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, psa_algorithm_t alg2 = alg2_arg; psa_key_usage_t usage_flags = usage_arg; psa_key_type_t type = type_arg; - close_method_t close_method = close_method_arg; + invalidate_method_t invalidate_method = invalidate_method_arg; mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_handle_t handle = PSA_KEY_HANDLE_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -261,19 +270,19 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, * Do something that wipes key data in volatile memory or destroy the * key. */ - if( ! invalidate_key( close_method, id ) ) + if( ! invalidate_key( invalidate_method, id ) ) goto exit; - if( ! invalidate_psa( close_method ) ) + if( ! invalidate_psa( invalidate_method ) ) goto exit; /* Try to reaccess the key. If we destroyed it, check that it doesn't * exist. Otherwise check that it still exists and has the expected * content. */ - switch( close_method ) + switch( invalidate_method ) { - case CLOSE_BY_CLOSE: - case CLOSE_BY_CLOSE_WITH_SHUTDOWN: - case CLOSE_BY_SHUTDOWN: + case INVALIDATE_BY_CLOSING: + case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: + case INVALIDATE_BY_SHUTDOWN: PSA_ASSERT( psa_open_key( id, &handle ) ); PSA_ASSERT( psa_get_key_attributes( id, &read_attributes ) ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), @@ -306,8 +315,8 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, PSA_ASSERT( psa_close_key( handle ) ); break; - case CLOSE_BY_DESTROY: - case CLOSE_BY_DESTROY_WITH_SHUTDOWN: + case INVALIDATE_BY_DESTROYING: + case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN: /* * Test that the key handle and identifier are now not refering to an * existing key. From 994b80546cb6c2a0dab05f0407b0409ff5f82002 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 20 Oct 2020 17:59:45 +0200 Subject: [PATCH 19/55] tests: slot mgmt: Fix test data For persistent keys there were two successive INVALIDATE_BY_(CLOSING/DESTROYING) identical tests where the comments of the second test rather indicated that it should had been an INVALIDATE_BY_(CLOSING/DESTROYING)_WITH_SHUTDOWN test. Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto_slot_management.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index e5827b53cf7e..c3264895f167 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -17,13 +17,13 @@ Persistent slot, check after closing, id=min persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING Persistent slot, check after closing and restarting, id=min -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN Persistent slot, check after destroying, id=min persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING Persistent slot, check after destroying and restarting, id=min -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN Persistent slot, check after restart with live handle, id=min persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN From f67aefed3f3057aafa597dc7d3fdd1b3c22fd309 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 20 Oct 2020 17:50:24 +0200 Subject: [PATCH 20/55] tests: slot mgmt: Add psa_purge_key testing Signed-off-by: Ronald Cron --- .../test_suite_psa_crypto_slot_management.data | 17 +++++++++++++++++ ...st_suite_psa_crypto_slot_management.function | 15 +++++++++++++++ 2 files changed, 32 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index c3264895f167..bf5a89ecd4be 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -25,6 +25,12 @@ persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:126:PSA_KEY_ID_USER_MIN:0: Persistent slot, check after destroying and restarting, id=min persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN +Persistent slot, check after purging, id=min +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:200:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING + +Persistent slot, check after purging and restarting, id=min +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:201:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING_WITH_SHUTDOWN + Persistent slot, check after restart with live handle, id=min persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN @@ -34,6 +40,9 @@ persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:129:PSA_KEY_ID_USER_MAX:0: Persistent slot, check after destroying, id=max persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:130:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING +Persistent slot, check after purging, id=max +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:202:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING + Persistent slot, check after restart, id=max persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:131:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN @@ -45,6 +54,10 @@ Persistent slot: ECP keypair (ECDSA, exportable), close+restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:133:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN +Persistent slot: ECP keypair (ECDSA, exportable), purge +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING + Persistent slot: ECP keypair (ECDSA, exportable), restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:134:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN @@ -57,6 +70,10 @@ Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:136:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN +Persistent slot: ECP keypair (ECDH+ECDSA, exportable), purge +depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING + Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 3b9ff24c4222..b334257ba2b7 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -13,6 +13,9 @@ typedef enum /**< Destroy key(s) */ INVALIDATE_BY_DESTROYING, + /**< Purge key(s) */ + INVALIDATE_BY_PURGING, + /**< Terminate and reinitialize without closing/destroying keys */ INVALIDATE_BY_SHUTDOWN, @@ -21,6 +24,9 @@ typedef enum /**< Destroy key(s) then terminate and re-initialize */ INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN, + + /**< Purge key(s) then terminate and re-initialize */ + INVALIDATE_BY_PURGING_WITH_SHUTDOWN, } invalidate_method_t; typedef enum @@ -100,6 +106,11 @@ static int invalidate_key( invalidate_method_t invalidate_method, case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN: PSA_ASSERT( psa_destroy_key( key ) ); break; + /* Purging the key just purge RAM data of persitent keys. */ + case INVALIDATE_BY_PURGING: + case INVALIDATE_BY_PURGING_WITH_SHUTDOWN: + PSA_ASSERT( psa_purge_key( key ) ); + break; case INVALIDATE_BY_SHUTDOWN: break; } @@ -115,9 +126,11 @@ static int invalidate_psa( invalidate_method_t invalidate_method ) { case INVALIDATE_BY_CLOSING: case INVALIDATE_BY_DESTROYING: + case INVALIDATE_BY_PURGING: return( 1 ); case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN: + case INVALIDATE_BY_PURGING_WITH_SHUTDOWN: /* All keys must have been closed. */ PSA_DONE( ); break; @@ -282,6 +295,8 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, { case INVALIDATE_BY_CLOSING: case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: + case INVALIDATE_BY_PURGING: + case INVALIDATE_BY_PURGING_WITH_SHUTDOWN: case INVALIDATE_BY_SHUTDOWN: PSA_ASSERT( psa_open_key( id, &handle ) ); PSA_ASSERT( psa_get_key_attributes( id, &read_attributes ) ); From fc9c5561273c1b18431612f7aaaa2f77999c42c4 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 15 Oct 2020 19:24:49 +0200 Subject: [PATCH 21/55] Forbid volatile key identifiers for non volatile keys Volatile key identifiers in the vendor range are reserved to volatile keys thus don't allow them for persistent keys when creating a key. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 2 +- library/psa_crypto_slot_management.c | 12 +++++++++--- library/psa_crypto_slot_management.h | 12 ++++++++---- .../suites/test_suite_psa_crypto_se_driver_hal.data | 13 +++++++++++-- .../test_suite_psa_crypto_se_driver_hal.function | 1 + 5 files changed, 30 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a437aeec9b91..17cec9756b60 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1792,7 +1792,7 @@ static psa_status_t psa_validate_key_attributes( { status = psa_validate_key_id( psa_get_key_id( attributes ), - psa_key_lifetime_is_external( lifetime ) ); + psa_key_lifetime_is_external( lifetime ), 0 ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 6471591b5b00..1e521d1748f0 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -51,7 +51,8 @@ typedef struct static psa_global_data_t global_data; -psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ) +psa_status_t psa_validate_key_id( + mbedtls_svc_key_id_t key, int vendor_ok, int volatile_ok ) { psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); @@ -61,7 +62,12 @@ psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ) if( vendor_ok && ( PSA_KEY_ID_VENDOR_MIN <= key_id ) && - ( key_id <= PSA_KEY_ID_VENDOR_MAX ) ) + ( key_id < PSA_KEY_ID_VOLATILE_MIN ) ) + return( PSA_SUCCESS ); + + if( volatile_ok && + ( PSA_KEY_ID_VOLATILE_MIN <= key_id ) && + ( key_id <= PSA_KEY_ID_VOLATILE_MAX ) ) return( PSA_SUCCESS ); return( PSA_ERROR_INVALID_HANDLE ); @@ -191,7 +197,7 @@ psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, if( ! global_data.key_slots_initialized ) return( PSA_ERROR_BAD_STATE ); - status = psa_validate_key_id( key, 1 ); + status = psa_validate_key_id( key, 1, 1 ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 98a1ce7535eb..b1d66e4ee042 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -155,13 +155,17 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ); /** Validate a key identifier. * - * \param[in] key The key identifier. - * \param[in] vendor_ok Non-zero to indicate that key identifiers in the - * vendor range are allowed, \c 0 otherwise. + * \param[in] key The key identifier. + * \param[in] vendor_ok Non-zero to indicate that key identifiers in the + * vendor range are allowed, volatile key identifiers + * excepted \c 0 otherwise. + * \param[in] volatile_ok Non-zero to indicate that volatile key identifiers + * are allowed \c 0 otherwise. * * \retval #PSA_SUCCESS The identifier is valid. * \retval #PSA_ERROR_INVALID_ARGUMENT The key identifier is not valid. */ -psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ); +psa_status_t psa_validate_key_id( + mbedtls_svc_key_id_t key, int vendor_ok, int volatile_ok ); #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 645e27d3c5a5..239a68f2ab91 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -150,8 +150,17 @@ register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:1:-1:PSA_ERROR_NOT_SUPPORT Key registration: key id out of range register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_HANDLE -Key registration: key id in vendor range -register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX:1:PSA_SUCCESS +Key registration: key id min vendor +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MIN:1:PSA_SUCCESS + +Key registration: key id max vendor except volatile +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN-1:1:PSA_SUCCESS + +Key registration: key id min volatile +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN:1:PSA_ERROR_INVALID_HANDLE + +Key registration: key id max volatile +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MAX:1:PSA_ERROR_INVALID_HANDLE Import-sign-verify: sign in driver, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index e5f87e08b962..28ab03f247a8 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -3,6 +3,7 @@ #include "psa/crypto_se_driver.h" #include "psa_crypto_se.h" +#include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" /* Invasive peeking: check the persistent data */ From 97c8ad5fee7672637f72a520872fdf63256f6363 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 15 Oct 2020 11:17:11 +0200 Subject: [PATCH 22/55] Merge search of loaded volatile and persistent keys Signed-off-by: Ronald Cron --- library/psa_crypto_slot_management.c | 93 ++++++++++++++++++---------- library/psa_crypto_slot_management.h | 15 +++++ 2 files changed, 75 insertions(+), 33 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 1e521d1748f0..33149f059ad9 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -73,37 +73,72 @@ psa_status_t psa_validate_key_id( return( PSA_ERROR_INVALID_HANDLE ); } -static psa_key_slot_t* psa_get_slot_from_volatile_key_id( - mbedtls_svc_key_id_t key ) +/** Search for the description of a key given its identifier. + * + * The descriptions of volatile keys and loaded persistent keys are + * stored in key slots. This function returns a pointer to the key slot + * containing the description of a key given its identifier. + * + * The function searches the key slots containing the description of the key + * with \p key identifier. The function does only read accesses to the key + * slots. The function does not load any persistent key thus does not access + * any storage. + * + * For volatile key identifiers, only one key slot is queried as a volatile + * key with identifier key_id can only be stored in slot of index + * ( key_id - PSA_KEY_ID_VOLATILE_MIN ). + * + * \param key Key identifier to query. + * \param[out] p_slot On success, `*p_slot` contains a pointer to the + * key slot containing the description of the key + * identified by \p key. + * + * \retval PSA_SUCCESS + * The pointer to the key slot containing the description of the key + * identified by \p key was returned. + * \retval PSA_ERROR_INVALID_HANDLE + * \p key is not a valid key identifier. + * \retval #PSA_ERROR_DOES_NOT_EXIST + * There is no key with key identifier \p key in the key slots. + */ +static psa_status_t psa_search_key_in_slots( + mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot ) { - psa_key_slot_t *slot; psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); + psa_key_slot_t *slot = NULL; - if( ( key_id < PSA_KEY_ID_VOLATILE_MIN ) || - ( key_id > PSA_KEY_ID_VOLATILE_MAX ) ) - return( NULL ); - - slot = &global_data.key_slots[ key_id - PSA_KEY_ID_VOLATILE_MIN ]; - - return( mbedtls_svc_key_id_equal( key, slot->attr.id ) ? slot : NULL ); -} + psa_status_t status = psa_validate_key_id( key, 1, 1 ); + if( status != PSA_SUCCESS ) + return( status ); -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -static psa_key_slot_t* psa_get_slot_from_key_id( - mbedtls_svc_key_id_t key ) -{ - psa_key_slot_t *slot = &global_data.key_slots[ PSA_KEY_SLOT_COUNT ]; + if( psa_key_id_is_volatile( key_id ) ) + { + slot = &global_data.key_slots[ key_id - PSA_KEY_ID_VOLATILE_MIN ]; - while( slot > &global_data.key_slots[ 0 ] ) + if( ! mbedtls_svc_key_id_equal( key, slot->attr.id ) ) + status = PSA_ERROR_DOES_NOT_EXIST; + } + else { - slot--; - if( mbedtls_svc_key_id_equal( key, slot->attr.id ) ) - return( slot ); + status = PSA_ERROR_DOES_NOT_EXIST; + slot = &global_data.key_slots[ PSA_KEY_SLOT_COUNT ]; + + while( slot > &global_data.key_slots[ 0 ] ) + { + slot--; + if( mbedtls_svc_key_id_equal( key, slot->attr.id ) ) + { + status = PSA_SUCCESS; + break; + } + } } - return( NULL ); + if( status == PSA_SUCCESS ) + *p_slot = slot; + + return( status ); } -#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ psa_status_t psa_initialize_key_slots( void ) { @@ -191,27 +226,19 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *slot ) psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot ) { - psa_status_t status = PSA_ERROR_GENERIC_ERROR; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; *p_slot = NULL; if( ! global_data.key_slots_initialized ) return( PSA_ERROR_BAD_STATE ); - status = psa_validate_key_id( key, 1, 1 ); - if( status != PSA_SUCCESS ) + status = psa_search_key_in_slots( key, p_slot ); + if( status != PSA_ERROR_DOES_NOT_EXIST ) return( status ); - *p_slot = psa_get_slot_from_volatile_key_id( key ); - if( *p_slot != NULL ) - return( PSA_SUCCESS ); - #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_key_id_t volatile_key_id; - *p_slot = psa_get_slot_from_key_id( key ); - if( *p_slot != NULL ) - return( PSA_SUCCESS ); - status = psa_get_empty_key_slot( &volatile_key_id, p_slot ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index b1d66e4ee042..9470b3ef2a90 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -46,6 +46,21 @@ */ #define PSA_KEY_ID_VOLATILE_MAX PSA_KEY_ID_VENDOR_MAX +/** Test whether a key identifier is a volatile key identifier. + * + * \param key_id Key identifier to test. + * + * \retval 1 + * The key identifier is a volatile key identifier. + * \retval 0 + * The key identifier is not a volatile key identifier. + */ +static inline int psa_key_id_is_volatile( psa_key_id_t key_id ) +{ + return( ( key_id >= PSA_KEY_ID_VOLATILE_MIN ) && + ( key_id <= PSA_KEY_ID_VOLATILE_MAX ) ); +} + /** Retrieve the description of a key given its identifier. * * The descriptions of volatile keys and loaded persistent keys are From 513451987d409673f0b2f4a6a96af8aa932f1fbe Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 16 Oct 2020 16:07:03 +0200 Subject: [PATCH 23/55] Fix close/purge of a key In case of persistent keys, do not load the key in a slot before to close/purge it. Signed-off-by: Ronald Cron --- library/psa_crypto_slot_management.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 33149f059ad9..b6f76ad26ca0 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -332,7 +332,7 @@ psa_status_t psa_close_key( psa_key_handle_t handle ) if( psa_key_handle_is_null( handle ) ) return( PSA_SUCCESS ); - status = psa_get_key_slot( handle, &slot ); + status = psa_search_key_in_slots( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -344,7 +344,7 @@ psa_status_t psa_purge_key( mbedtls_svc_key_id_t key ) psa_status_t status; psa_key_slot_t *slot; - status = psa_get_key_slot( key, &slot ); + status = psa_search_key_in_slots( key, &slot ); if( status != PSA_SUCCESS ) return( status ); From 3c76a42475f270aba1037904d456d7ff962d20d0 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 16 Oct 2020 12:17:04 +0200 Subject: [PATCH 24/55] Improve psa_key_start_creation description Signed-off-by: Ronald Cron --- library/psa_crypto.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 17cec9756b60..2f01bf25ee2c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1834,7 +1834,9 @@ static psa_status_t psa_validate_key_attributes( * * \param method An identification of the calling function. * \param[in] attributes Key attributes for the new key. - * \param[out] key On success, identifier of the key. + * \param[out] key On success, identifier of the key. Note that the + * key identifier is also stored in the prepared + * slot. * \param[out] p_slot On success, a pointer to the prepared slot. * \param[out] p_drv On any return, the driver for the key, if any. * NULL for a transparent key. From 6b5ff53c01407238bb0bf8d2dfe1a50e626b5f25 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 16 Oct 2020 14:38:19 +0200 Subject: [PATCH 25/55] Add mbedtls_set_key_owner_id API Add the mbedtls_set_key_owner_id API, API specific to the MbedTLS PSA implementation. The API allows to define the owner of volatile keys. Signed-off-by: Ronald Cron --- include/psa/crypto.h | 19 +++++++++++++++++++ include/psa/crypto_struct.h | 8 ++++++++ 2 files changed, 27 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 15ffe2271f41..f1f5bd896a85 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -152,6 +152,25 @@ static psa_key_attributes_t psa_key_attributes_init(void); static void psa_set_key_id( psa_key_attributes_t *attributes, mbedtls_svc_key_id_t key ); +#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER +/** Set the owner identifier of a key. + * + * When key identifiers encode key owner identifiers, psa_set_key_id() does + * not allow to define in key attributes the owner of volatile keys as + * psa_set_key_id() enforces the key to be persistent. + * + * This function allows to set in key attributes the owner identifier of a + * key. It is intended to be used for volatile keys. For persistent keys, + * it is recommended to use the PSA Cryptography API psa_set_key_id() to define + * the owner of a key. + * + * \param[out] attributes The attribute structure to write to. + * \param owner_id The key owner identifier. + */ +static void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, + mbedtls_key_owner_id_t owner_id ); +#endif + /** Set the location of a persistent key. * * To make a key persistent, you must give it a persistent key identifier diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index be0e28015b97..bf178ec6e041 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -385,6 +385,14 @@ static inline mbedtls_svc_key_id_t psa_get_key_id( return( attributes->core.id ); } +#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER +static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, + mbedtls_key_owner_id_t owner ) +{ + attributes->core.id.owner = owner; +} +#endif + static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime) { From 390f607f7f7efc98d61c678e9c835dbd91f1c656 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 16 Oct 2020 15:32:23 +0200 Subject: [PATCH 26/55] Add tests checking owner of volatile keys When key identifiers encode key owner, add tests checking that: . the key owner of an imported volatile key is the one specified. . a key identifier of a volatile key with a valid PSA key identifier but the wrong owner is rejected. Signed-off-by: Ronald Cron --- ...test_suite_psa_crypto_slot_management.data | 10 +++---- ..._suite_psa_crypto_slot_management.function | 26 ++++++++++++++++++- 2 files changed, 30 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index bf5a89ecd4be..4f31a23ec1de 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -1,17 +1,17 @@ Transient slot, check after closing -transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING +transient_slot_lifecycle:0x1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING Transient slot, check after closing and restarting -transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN +transient_slot_lifecycle:0x13:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN Transient slot, check after destroying -transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING +transient_slot_lifecycle:0x135:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING Transient slot, check after destroying and restarting -transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN +transient_slot_lifecycle:0x1357:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN Transient slot, check after restart with live handles -transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN +transient_slot_lifecycle:0x13579:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN Persistent slot, check after closing, id=min persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index b334257ba2b7..75e1d8b826c8 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -157,7 +157,8 @@ exit: */ /* BEGIN_CASE */ -void transient_slot_lifecycle( int usage_arg, int alg_arg, +void transient_slot_lifecycle( int owner_id_arg, + int usage_arg, int alg_arg, int type_arg, data_t *key_data, int invalidate_method_arg ) { @@ -171,6 +172,14 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Import a key. */ + #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + mbedtls_key_owner_id_t owner_id = owner_id_arg; + + mbedtls_set_key_owner_id( &attributes, owner_id ); + #else + (void)owner_id_arg; + #endif + psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); @@ -181,6 +190,21 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, TEST_EQUAL( psa_get_key_type( &attributes ), type ); psa_reset_key_attributes( &attributes ); + #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + { + psa_key_handle_t handle; + mbedtls_svc_key_id_t key_with_invalid_owner = + mbedtls_svc_key_id_make( owner_id + 1, + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) ); + + TEST_ASSERT( mbedtls_key_owner_id_equal( + owner_id, + MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( key ) ) ); + TEST_EQUAL( psa_open_key( key_with_invalid_owner, &handle ), + PSA_ERROR_DOES_NOT_EXIST ); + } + #endif + /* * Purge the key and make sure that it is still valid, as purging a * volatile key shouldn't invalidate/destroy it. From f1ff9a83fa895e9c47103d755970e497131b5994 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 19 Oct 2020 08:44:19 +0200 Subject: [PATCH 27/55] tests: psa: Use PSA_KEY_LIFETIME_IS_VOLATILE where it should Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto.function | 4 ++-- tests/suites/test_suite_psa_crypto_slot_management.function | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9b113b48ed31..204e36e9893f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -112,7 +112,7 @@ int lifetime_is_secure_element( psa_key_lifetime_t lifetime ) { /* At the moment, anything that isn't a built-in lifetime is either * a secure element or unassigned. */ - return( lifetime != PSA_KEY_LIFETIME_VOLATILE && + return( ( ! PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) && lifetime != PSA_KEY_LIFETIME_PERSISTENT ); } #else @@ -245,7 +245,7 @@ int check_key_attributes_sanity( mbedtls_svc_key_id_t key ) bits = psa_get_key_bits( &attributes ); /* Persistence */ - if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) + if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) { TEST_ASSERT( ( PSA_KEY_ID_VOLATILE_MIN <= diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 75e1d8b826c8..817094bdec29 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -561,7 +561,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, /* If the target key is persistent, restart the system to make * sure that the material is still alive. */ - if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE ) + if( ! PSA_KEY_LIFETIME_IS_VOLATILE( target_lifetime ) ) { mbedtls_psa_crypto_free( ); PSA_ASSERT( psa_crypto_init( ) ); @@ -573,7 +573,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, PSA_ASSERT( psa_get_key_attributes( returned_target_id, &target_attributes ) ); - if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE ) + if( ! PSA_KEY_LIFETIME_IS_VOLATILE( target_lifetime ) ) { TEST_ASSERT( mbedtls_svc_key_id_equal( target_id, psa_get_key_id( &target_attributes ) ) ); @@ -657,7 +657,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Populate the source slot. */ - if( source_lifetime != PSA_KEY_LIFETIME_VOLATILE ) + if( ! PSA_KEY_LIFETIME_IS_VOLATILE( source_lifetime ) ) { psa_set_key_id( &attributes, source_id ); psa_set_key_lifetime( &attributes, source_lifetime ); From 967835596cca5e7c208593eae5e303c0bcfa088b Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 19 Oct 2020 12:06:30 +0200 Subject: [PATCH 28/55] psa: Fix references to macros in comments This commit tries to fix the usage of #MACRO_NAME to reference macros in comments. Signed-off-by: Ronald Cron --- include/psa/crypto.h | 45 +++++++++++---------- include/psa/crypto_accel_driver.h | 30 +++++++------- include/psa/crypto_entropy_driver.h | 4 +- include/psa/crypto_se_driver.h | 60 ++++++++++++++-------------- include/psa/crypto_values.h | 2 +- library/psa_crypto_core.h | 4 +- library/psa_crypto_invasive.h | 6 +-- library/psa_crypto_its.h | 38 +++++++++--------- library/psa_crypto_slot_management.c | 6 +-- library/psa_crypto_slot_management.h | 4 +- library/psa_crypto_storage.c | 18 ++++----- library/psa_crypto_storage.h | 30 +++++++------- 12 files changed, 124 insertions(+), 123 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f1f5bd896a85..0a7f3c8192ed 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -467,9 +467,9 @@ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key); * implementation-defined. * * \param source_key The key to copy. It must allow the usage - * PSA_KEY_USAGE_COPY. If a private or secret key is + * #PSA_KEY_USAGE_COPY. If a private or secret key is * being copied outside of a secure element it must - * also allow PSA_KEY_USAGE_EXPORT. + * also allow #PSA_KEY_USAGE_EXPORT. * \param[in] attributes The attributes for the new key. * They are used as follows: * - The key type and size may be 0. If either is @@ -535,7 +535,7 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key, * key will cause the multipart operation to fail. * * \param key Identifier of the key to erase. If this is \c 0, do nothing and - * return PSA_SUCCESS. + * return #PSA_SUCCESS. * * \retval #PSA_SUCCESS * \p key was a valid identifier and the key material that it @@ -704,7 +704,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, * The policy on the key must have the usage flag #PSA_KEY_USAGE_EXPORT set. * * \param key Identifier of the key to export. It must allow the - * usage PSA_KEY_USAGE_EXPORT, unless it is a public + * usage #PSA_KEY_USAGE_EXPORT, unless it is a public * key. * \param[out] data Buffer where the key data is to be written. * \param data_size Size of the \p data buffer in bytes. @@ -1596,7 +1596,7 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * #psa_cipher_operation_t object to provide other forms of IV. * * \param key Identifier of the key to use for the operation. - * It must allow the usage PSA_KEY_USAGE_ENCRYPT. + * It must allow the usage #PSA_KEY_USAGE_ENCRYPT. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). @@ -1643,7 +1643,7 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key, * \param key Identifier of the key to use for the operation. * It must remain valid until the operation * terminates. It must allow the usage - * PSA_KEY_USAGE_DECRYPT. + * #PSA_KEY_USAGE_DECRYPT. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). @@ -1764,7 +1764,7 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * \param key Identifier of the key to use for the operation. * It must remain valid until the operation * terminates. It must allow the usage - * PSA_KEY_USAGE_ENCRYPT. + * #PSA_KEY_USAGE_ENCRYPT. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). @@ -1828,7 +1828,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \param key Identifier of the key to use for the operation. * It must remain valid until the operation * terminates. It must allow the usage - * PSA_KEY_USAGE_DECRYPT. + * #PSA_KEY_USAGE_DECRYPT. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). @@ -2070,7 +2070,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * * \param key Identifier of the key to use for the * operation. It must allow the usage - * PSA_KEY_USAGE_ENCRYPT. + * #PSA_KEY_USAGE_ENCRYPT. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -2132,7 +2132,7 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, * * \param key Identifier of the key to use for the * operation. It must allow the usage - * PSA_KEY_USAGE_DECRYPT. + * #PSA_KEY_USAGE_DECRYPT. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -2277,7 +2277,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * \param key Identifier of the key to use for the operation. * It must remain valid until the operation * terminates. It must allow the usage - * PSA_KEY_USAGE_ENCRYPT. + * #PSA_KEY_USAGE_ENCRYPT. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -2286,7 +2286,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. @@ -2344,7 +2344,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * \param key Identifier of the key to use for the operation. * It must remain valid until the operation * terminates. It must allow the usage - * PSA_KEY_USAGE_DECRYPT. + * #PSA_KEY_USAGE_DECRYPT. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -2353,7 +2353,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. @@ -2396,7 +2396,7 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be an active aead encrypt - operation, with no nonce set). + * operation, with no nonce set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p nonce buffer is too small. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2830,7 +2830,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * * \param key Identifier of the key to use for the operation. * It must be an asymmetric key pair. The key must - * allow the usage PSA_KEY_USAGE_SIGN_HASH. + * allow the usage #PSA_KEY_USAGE_SIGN_HASH. * \param alg A signature algorithm that is compatible with * the type of \p key. * \param[in] hash The hash or message to sign. @@ -2881,7 +2881,8 @@ psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key, * * \param key Identifier of the key to use for the operation. It * must be a public key or an asymmetric key pair. The - * key must allow the usage PSA_KEY_USAGE_VERIFY_HASH. + * key must allow the usage + * #PSA_KEY_USAGE_VERIFY_HASH. * \param alg A signature algorithm that is compatible with * the type of \p key. * \param[in] hash The hash or message whose signature is to be @@ -2922,7 +2923,7 @@ psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key, * \param key Identifer of the key to use for the operation. * It must be a public key or an asymmetric key * pair. It must allow the usage - * PSA_KEY_USAGE_ENCRYPT. + * #PSA_KEY_USAGE_ENCRYPT. * \param alg An asymmetric encryption algorithm that is * compatible with the type of \p key. * \param[in] input The message to encrypt. @@ -2982,7 +2983,7 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, * * \param key Identifier of the key to use for the operation. * It must be an asymmetric key pair. It must - * allow the usage PSA_KEY_USAGE_DECRYPT. + * allow the usage #PSA_KEY_USAGE_DECRYPT. * \param alg An asymmetric encryption algorithm that is * compatible with the type of \p key. * \param[in] input The message to decrypt. @@ -3288,7 +3289,7 @@ psa_status_t psa_key_derivation_input_bytes( * \param step Which step the input data is for. * \param key Identifier of the key. It must have an * appropriate type for step and must allow the - * usage PSA_KEY_USAGE_DERIVE. + * usage #PSA_KEY_USAGE_DERIVE. * * \retval #PSA_SUCCESS * Success. @@ -3340,7 +3341,7 @@ psa_status_t psa_key_derivation_input_key( * input of the type given by \p step. * \param step Which step the input data is for. * \param private_key Identifier of the private key to use. It must - * allow the usage PSA_KEY_USAGE_DERIVE. + * allow the usage #PSA_KEY_USAGE_DERIVE. * \param[in] peer_key Public key of the peer. The peer key must be in the * same format that psa_import_key() accepts for the * public key type corresponding to the type of @@ -3610,7 +3611,7 @@ psa_status_t psa_key_derivation_abort( * #PSA_ALG_IS_RAW_KEY_AGREEMENT(\p alg) * is true). * \param private_key Identifier of the private key to use. It must - * allow the usage PSA_KEY_USAGE_DERIVE. + * allow the usage #PSA_KEY_USAGE_DERIVE. * \param[in] peer_key Public key of the peer. It must be * in the same format that psa_import_key() * accepts. The standard formats for public diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h index 1a193c5b9e38..4488ea8ad8f4 100644 --- a/include/psa/crypto_accel_driver.h +++ b/include/psa/crypto_accel_driver.h @@ -75,7 +75,7 @@ typedef struct psa_drv_hash_context_s psa_drv_hash_context_t; * \param[in,out] p_context A structure that will contain the * hardware-specific hash context * - * \retval PSA_SUCCESS Success. + * \retval #PSA_SUCCESS Success. */ typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context); @@ -120,7 +120,7 @@ typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context, * \param[out] p_output_length The number of bytes placed in `p_output` after * success * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. */ typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context, @@ -188,7 +188,7 @@ typedef struct psa_drv_accel_mac_context_s psa_drv_accel_mac_context_t; * to be used in the operation * \param[in] key_length The size in bytes of the key material * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. */ typedef psa_status_t (*psa_drv_accel_mac_setup_t)(psa_drv_accel_mac_context_t *p_context, @@ -235,7 +235,7 @@ typedef psa_status_t (*psa_drv_accel_mac_update_t)(psa_drv_accel_mac_context_t * * \param[in] mac_length The size in bytes of the buffer that has been * allocated for the `p_mac` buffer * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. */ typedef psa_status_t (*psa_drv_accel_mac_finish_t)(psa_drv_accel_mac_context_t *p_context, @@ -261,7 +261,7 @@ typedef psa_status_t (*psa_drv_accel_mac_finish_t)(psa_drv_accel_mac_context_t * * \param[in] mac_length The size in bytes of the data in the `p_mac` * buffer * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * The operation completed successfully and the comparison matched */ typedef psa_status_t (*psa_drv_accel_mac_finish_verify_t)(psa_drv_accel_mac_context_t *p_context, @@ -335,7 +335,7 @@ typedef psa_status_t (*psa_drv_accel_mac_t)(const uint8_t *p_input, * \param[in] p_mac The MAC data to be compared * \param[in] mac_length The length in bytes of the `p_mac` buffer * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * The operation completed successfully and the comparison matched */ typedef psa_status_t (*psa_drv_accel_mac_verify_t)(const uint8_t *p_input, @@ -396,7 +396,7 @@ typedef struct psa_drv_accel_cipher_context_s psa_drv_accel_cipher_context_t; * to be used in the operation * \param[in] key_data_size The size in bytes of the key material * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_accel_cipher_setup_t)(psa_drv_accel_cipher_context_t *p_context, psa_encrypt_or_decrypt_t direction, @@ -419,7 +419,7 @@ typedef psa_status_t (*psa_drv_accel_cipher_setup_t)(psa_drv_accel_cipher_contex * \param[in] p_iv A buffer containing the initialization vecotr * \param[in] iv_length The size in bytes of the contents of `p_iv` * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_accel_cipher_set_iv_t)(psa_drv_accel_cipher_context_t *p_context, const uint8_t *p_iv, @@ -448,7 +448,7 @@ typedef psa_status_t (*psa_drv_accel_cipher_set_iv_t)(psa_drv_accel_cipher_conte * \param[out] p_output_length After completion, will contain the number * of bytes placed in the `p_output` buffer * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_accel_cipher_update_t)(psa_drv_accel_cipher_context_t *p_context, const uint8_t *p_input, @@ -477,7 +477,7 @@ typedef psa_status_t (*psa_drv_accel_cipher_update_t)(psa_drv_accel_cipher_conte * \param[out] p_output_length After completion, will contain the number of * bytes placed in the `p_output` buffer * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_accel_cipher_finish_t)(psa_drv_accel_cipher_context_t *p_context, uint8_t *p_output, @@ -499,7 +499,7 @@ typedef psa_status_t (*psa_drv_accel_cipher_finish_t)(psa_drv_accel_cipher_conte * \param[in,out] p_context A hardware-specific structure for the * previously started cipher operation * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_accel_cipher_abort_t)(psa_drv_accel_cipher_context_t *p_context); @@ -659,7 +659,7 @@ typedef psa_status_t (*psa_drv_accel_aead_decrypt_t)(const uint8_t *p_key, * \param[out] p_signature_length On success, the number of bytes * that make up the returned signature value * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_accel_asymmetric_sign_t)(const uint8_t *p_key, size_t key_size, @@ -697,7 +697,7 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_sign_t)(const uint8_t *p_key, * \param[in] p_signature Buffer containing the signature to verify * \param[in] signature_length Size of the `p_signature` buffer in bytes * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * The signature is valid. */ typedef psa_status_t (*psa_drv_accel_asymmetric_verify_t)(const uint8_t *p_key, @@ -748,7 +748,7 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_verify_t)(const uint8_t *p_key, * \param[out] p_output_length On success, the number of bytes * that make up the returned output * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_accel_asymmetric_encrypt_t)(const uint8_t *p_key, size_t key_size, @@ -800,7 +800,7 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_encrypt_t)(const uint8_t *p_key, * \param[out] p_output_length On success, the number of bytes * that make up the returned output * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_accel_asymmetric_decrypt_t)(const uint8_t *p_key, size_t key_size, diff --git a/include/psa/crypto_entropy_driver.h b/include/psa/crypto_entropy_driver.h index 61750448bb3f..9b6546ee9470 100644 --- a/include/psa/crypto_entropy_driver.h +++ b/include/psa/crypto_entropy_driver.h @@ -47,7 +47,7 @@ extern "C" { * containing any context information for * the implementation * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_entropy_init_t)(void *p_context); @@ -75,7 +75,7 @@ typedef psa_status_t (*psa_drv_entropy_init_t)(void *p_context); * \param[out] p_received_entropy_bits The amount of entropy (in bits) * actually provided in `p_buffer` * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_entropy_get_bits_t)(void *p_context, uint8_t *p_buffer, diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 46b2d645cbe4..1fae575161bf 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -178,7 +178,7 @@ typedef uint64_t psa_key_slot_number_t; * \param[in] algorithm The algorithm to be used to underly the MAC * operation * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. */ typedef psa_status_t (*psa_drv_se_mac_setup_t)(psa_drv_se_context_t *drv_context, @@ -213,7 +213,7 @@ typedef psa_status_t (*psa_drv_se_mac_update_t)(void *op_context, * \param[out] p_mac_length After completion, will contain the number of * bytes placed in the `p_mac` buffer * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. */ typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *op_context, @@ -230,10 +230,10 @@ typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *op_context, * will be compared against * \param[in] mac_length The size in bytes of the value stored in `p_mac` * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * The operation completed successfully and the MACs matched each * other - * \retval PSA_ERROR_INVALID_SIGNATURE + * \retval #PSA_ERROR_INVALID_SIGNATURE * The operation completed successfully, but the calculated MAC did * not match the provided MAC */ @@ -264,7 +264,7 @@ typedef psa_status_t (*psa_drv_se_mac_abort_t)(void *op_context); * \param[out] p_mac_length After completion, will contain the number of * bytes placed in the `output` buffer * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. */ typedef psa_status_t (*psa_drv_se_mac_generate_t)(psa_drv_se_context_t *drv_context, @@ -289,10 +289,10 @@ typedef psa_status_t (*psa_drv_se_mac_generate_t)(psa_drv_se_context_t *drv_cont * be compared against * \param[in] mac_length The size in bytes of `mac` * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * The operation completed successfully and the MACs matched each * other - * \retval PSA_ERROR_INVALID_SIGNATURE + * \retval #PSA_ERROR_INVALID_SIGNATURE * The operation completed successfully, but the calculated MAC did * not match the provided MAC */ @@ -384,8 +384,8 @@ typedef struct { * \param[in] direction Indicates whether the operation is an encrypt * or decrypt * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED */ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_context, void *op_context, @@ -406,7 +406,7 @@ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_cont * \param[in] p_iv A buffer containing the initialization vector * \param[in] iv_length The size (in bytes) of the `p_iv` buffer * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *op_context, const uint8_t *p_iv, @@ -428,7 +428,7 @@ typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *op_context, * \param[out] p_output_length After completion, will contain the number * of bytes placed in the `p_output` buffer * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *op_context, const uint8_t *p_input, @@ -449,7 +449,7 @@ typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *op_context, * \param[out] p_output_length After completion, will contain the number of * bytes placed in the `p_output` buffer * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *op_context, uint8_t *p_output, @@ -484,8 +484,8 @@ typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *op_context); * \param[in] output_size The allocated size in bytes of the `p_output` * buffer * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED */ typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -553,7 +553,7 @@ typedef struct { * \param[out] p_signature_length On success, the number of bytes * that make up the returned signature value * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -578,7 +578,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_drv_se_context_t *drv_c * \param[in] p_signature Buffer containing the signature to verify * \param[in] signature_length Size of the `p_signature` buffer in bytes * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * The signature is valid. */ typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_drv_se_context_t *drv_context, @@ -617,7 +617,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_drv_se_context_t *drv * \param[out] p_output_length On success, the number of bytes that make up * the returned output * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -657,7 +657,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *dr * \param[out] p_output_length On success, the number of bytes * that make up the returned output * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -1195,7 +1195,7 @@ typedef struct { * \param[in] source_key The key to be used as the source material for * the key derivation * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t *drv_context, void *op_context, @@ -1215,7 +1215,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t * * \param[in] p_collateral A buffer containing the collateral data * \param[in] collateral_size The size in bytes of the collateral * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context, uint32_t collateral_id, @@ -1230,7 +1230,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context, * \param[in] dest_key The slot where the generated key material * should be placed * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context, psa_key_slot_number_t dest_key); @@ -1244,7 +1244,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context, * \param[out] p_output_length Upon success, contains the number of bytes of * key material placed in `p_output` * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *op_context, uint8_t *p_output, @@ -1353,7 +1353,7 @@ typedef struct { * \param location The location value through which this driver will * be exposed to applications. * This driver will be used for all keys such that - * `location == PSA_KEY_LIFETIME_LOCATION( lifetime )`. + * `location == #PSA_KEY_LIFETIME_GET_LOCATION( lifetime )`. * The value #PSA_KEY_LOCATION_LOCAL_STORAGE is reserved * and may not be used for drivers. Implementations * may reserve other values. @@ -1362,22 +1362,22 @@ typedef struct { * module keeps running. It is typically a global * constant. * - * \return PSA_SUCCESS + * \return #PSA_SUCCESS * The driver was successfully registered. Applications can now * use \p lifetime to access keys through the methods passed to * this function. - * \return PSA_ERROR_BAD_STATE + * \return #PSA_ERROR_BAD_STATE * This function was called after the initialization of the * cryptography module, and this implementation does not support * driver registration at this stage. - * \return PSA_ERROR_ALREADY_EXISTS + * \return #PSA_ERROR_ALREADY_EXISTS * There is already a registered driver for this value of \p lifetime. - * \return PSA_ERROR_INVALID_ARGUMENT + * \return #PSA_ERROR_INVALID_ARGUMENT * \p lifetime is a reserved value. - * \return PSA_ERROR_NOT_SUPPORTED + * \return #PSA_ERROR_NOT_SUPPORTED * `methods->hal_version` is not supported by this implementation. - * \return PSA_ERROR_INSUFFICIENT_MEMORY - * \return PSA_ERROR_NOT_PERMITTED + * \return #PSA_ERROR_INSUFFICIENT_MEMORY + * \return #PSA_ERROR_NOT_PERMITTED */ psa_status_t psa_register_se_driver( psa_key_location_t location, diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 9828768a0d14..580b89e09867 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1452,7 +1452,7 @@ * a key derivation function. * Usually, raw key agreement algorithms are constructed directly with * a \c PSA_ALG_xxx macro while non-raw key agreement algorithms are - * constructed with PSA_ALG_KEY_AGREEMENT(). + * constructed with #PSA_ALG_KEY_AGREEMENT(). * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 8d1f1bb283dc..86d804bd4356 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -130,10 +130,10 @@ static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot, * * \param[in,out] slot The key slot to wipe. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. This includes the case of a key slot that was * already fully wiped. - * \retval PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h index c609c777ed64..2b4ee1f348cf 100644 --- a/library/psa_crypto_invasive.h +++ b/library/psa_crypto_invasive.h @@ -62,12 +62,12 @@ * It is called by mbedtls_psa_crypto_free(). * By default this is mbedtls_entropy_free(). * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_NOT_PERMITTED * The caller does not have the permission to configure * entropy sources. - * \retval PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_BAD_STATE * The library has already been initialized. */ psa_status_t mbedtls_psa_crypto_configure_entropy_sources( diff --git a/library/psa_crypto_its.h b/library/psa_crypto_its.h index b671d63a50c7..11703a08f10e 100644 --- a/library/psa_crypto_its.h +++ b/library/psa_crypto_its.h @@ -72,12 +72,12 @@ struct psa_storage_info_t * * \return A status indicating the success/failure of the operation * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG - * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid - * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`) + * \retval #PSA_SUCCESS The operation completed successfully + * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG + * \retval #PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium + * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) + * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`) * is invalid, for example is `NULL` or references memory the caller cannot access */ psa_status_t psa_its_set(psa_storage_uid_t uid, @@ -97,11 +97,11 @@ psa_status_t psa_its_set(psa_storage_uid_t uid, * * \return A status indicating the success/failure of the operation * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided `uid` value was not found in the storage - * \retval PSA_ERROR_INVALID_SIZE The operation failed because the data associated with provided uid is larger than `data_size` - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`, `p_data_length`) + * \retval #PSA_SUCCESS The operation completed successfully + * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided `uid` value was not found in the storage + * \retval #PSA_ERROR_INVALID_SIZE The operation failed because the data associated with provided uid is larger than `data_size` + * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) + * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`, `p_data_length`) * is invalid. For example is `NULL` or references memory the caller cannot access. * In addition, this can also happen if an invalid offset was provided. */ @@ -119,10 +119,10 @@ psa_status_t psa_its_get(psa_storage_uid_t uid, * * \return A status indicating the success/failure of the operation * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) - * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_info`) + * \retval #PSA_SUCCESS The operation completed successfully + * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage + * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) + * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_info`) * is invalid, for example is `NULL` or references memory the caller cannot access */ psa_status_t psa_its_get_info(psa_storage_uid_t uid, @@ -135,10 +135,10 @@ psa_status_t psa_its_get_info(psa_storage_uid_t uid, * * \return A status indicating the success/failure of the operation * - * \retval PSA_SUCCESS The operation completed successfully - * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage - * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG - * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) + * \retval #PSA_SUCCESS The operation completed successfully + * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage + * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG + * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) */ psa_status_t psa_its_remove(psa_storage_uid_t uid); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index b6f76ad26ca0..6f6ba07d281f 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -86,17 +86,17 @@ psa_status_t psa_validate_key_id( * * For volatile key identifiers, only one key slot is queried as a volatile * key with identifier key_id can only be stored in slot of index - * ( key_id - PSA_KEY_ID_VOLATILE_MIN ). + * ( key_id - #PSA_KEY_ID_VOLATILE_MIN ). * * \param key Key identifier to query. * \param[out] p_slot On success, `*p_slot` contains a pointer to the * key slot containing the description of the key * identified by \p key. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * The pointer to the key slot containing the description of the key * identified by \p key was returned. - * \retval PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_HANDLE * \p key is not a valid key identifier. * \retval #PSA_ERROR_DOES_NOT_EXIST * There is no key with key identifier \p key in the key slots. diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 9470b3ef2a90..2b90ce87b453 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -33,7 +33,7 @@ * * The last PSA_KEY_SLOT_COUNT identifiers of the implementation range * of key identifiers are reserved for volatile key identifiers. - * A volatile key identifier is equal to PSA_KEY_ID_VOLATILE_MIN plus the + * A volatile key identifier is equal to #PSA_KEY_ID_VOLATILE_MIN plus the * index of the key slot containing the volatile key definition. */ @@ -97,7 +97,7 @@ psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, /** Initialize the key slot structures. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Currently this function always succeeds. */ psa_status_t psa_initialize_key_slots( void ); diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 2ab5903a3cf7..1ebd20ee3777 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -90,9 +90,9 @@ static psa_storage_uid_t psa_its_identifier_of_slot( mbedtls_svc_key_id_t key ) * \param[out] data Buffer where the data is to be written. * \param data_size Size of the \c data buffer in bytes. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_STORAGE_FAILURE - * \retval PSA_ERROR_DOES_NOT_EXIST + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_DOES_NOT_EXIST */ static psa_status_t psa_crypto_storage_load( const mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size ) @@ -137,10 +137,10 @@ int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ) * \param data_length The number of bytes * that make up the data. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_INSUFFICIENT_STORAGE - * \retval PSA_ERROR_STORAGE_FAILURE - * \retval PSA_ERROR_ALREADY_EXISTS + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_ALREADY_EXISTS */ static psa_status_t psa_crypto_storage_store( const mbedtls_svc_key_id_t key, const uint8_t *data, @@ -210,8 +210,8 @@ psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key ) * is to be obtained. * \param[out] data_length The number of bytes that make up the data. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_STORAGE_FAILURE */ static psa_status_t psa_crypto_storage_get_data_length( const mbedtls_svc_key_id_t key, diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 3def1b5e4b07..fbc94fc387de 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -93,11 +93,11 @@ int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ); * \param[in] data Buffer containing the key data. * \param data_length The number of bytes that make up the key data. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_INSUFFICIENT_STORAGE - * \retval PSA_ERROR_STORAGE_FAILURE - * \retval PSA_ERROR_ALREADY_EXISTS + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_ALREADY_EXISTS */ psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, const uint8_t *data, @@ -122,10 +122,10 @@ psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, * \param[out] data Pointer to an allocated key data buffer on return. * \param[out] data_length The number of bytes that make up the key data. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_STORAGE_FAILURE - * \retval PSA_ERROR_DOES_NOT_EXIST + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_DOES_NOT_EXIST */ psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, uint8_t **data, @@ -137,10 +137,10 @@ psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, * \param key Persistent identifier of the key to remove * from persistent storage. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * The key was successfully removed, * or the key did not exist. - * \retval PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE */ psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key ); @@ -182,10 +182,10 @@ void psa_format_key_data_for_storage( const uint8_t *data, * \param[out] attr On success, the attribute structure is filled * with the loaded key metadata. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_INSUFFICIENT_STORAGE - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_STORAGE_FAILURE */ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, size_t storage_data_length, From 4067d1c1e571b2e0189cfd230671c6c52c6f274f Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 19 Oct 2020 13:34:38 +0200 Subject: [PATCH 29/55] psa: Improve key creation documentation Signed-off-by: Ronald Cron --- include/psa/crypto.h | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0a7f3c8192ed..3c2324ac9de0 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -484,7 +484,9 @@ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key); * both sets of restrictions apply, as * described in the documentation of this function. * \param[out] target_key On success, an identifier for the newly created - * key. \c 0 on failure. + * key. For persistent keys, this is the key + * identifier defined in \p attributes. + * \c 0 on failure. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE @@ -598,6 +600,8 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key); * If the key size in \p attributes is nonzero, * it must be equal to the size from \p data. * \param[out] key On success, an identifier to the newly created key. + * For persistent keys, this is the key identifier + * defined in \p attributes. * \c 0 on failure. * \param[in] data Buffer containing the key data. The content of this * buffer is interpreted according to the type declared @@ -3530,7 +3534,9 @@ psa_status_t psa_key_derivation_output_bytes( * \param[in] attributes The attributes for the new key. * \param[in,out] operation The key derivation operation object to read from. * \param[out] key On success, an identifier for the newly created - * key. \c 0 on failure. + * key. For persistent keys, this is the key + * identifier defined in \p attributes. + * \c 0 on failure. * * \retval #PSA_SUCCESS * Success. @@ -3706,7 +3712,9 @@ psa_status_t psa_generate_random(uint8_t *output, * * \param[in] attributes The attributes for the new key. * \param[out] key On success, an identifier for the newly created - * key. \c 0 on failure. + * key. For persistent keys, this is the key + * identifier defined in \p attributes. + * \c 0 on failure. * * \retval #PSA_SUCCESS * Success. From d98059d599dc4745d480b052626718d70bae8ad7 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 23 Oct 2020 18:00:55 +0200 Subject: [PATCH 30/55] psa: Fix tests/handling of lifetime incompatible with location The lifetime of key attributes now encodes whether a key is volatile/persistent or not AND its location. Fix PSA code where the fact that the lifetime encodes the key location was not taken into account properly. Fix the impacted tests and add two non regression tests. Signed-off-by: Ronald Cron --- include/psa/crypto_struct.h | 14 +++++++++++--- library/psa_crypto.c | 2 +- library/psa_crypto_slot_management.c | 2 +- tests/suites/test_suite_psa_crypto.data | 6 ++++++ .../test_suite_psa_crypto_se_driver_hal.function | 7 ++++++- 5 files changed, 25 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index bf178ec6e041..6a018e1f9011 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -374,9 +374,17 @@ static inline struct psa_key_attributes_s psa_key_attributes_init( void ) static inline void psa_set_key_id( psa_key_attributes_t *attributes, mbedtls_svc_key_id_t key ) { + psa_key_lifetime_t lifetime = attributes->core.lifetime; + attributes->core.id = key; - if( attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE ) - attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT; + + if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) + { + attributes->core.lifetime = + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_LIFETIME_PERSISTENT, + PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) ); + } } static inline mbedtls_svc_key_id_t psa_get_key_id( @@ -397,7 +405,7 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime) { attributes->core.lifetime = lifetime; - if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) + if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) { #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER attributes->core.id.key_id = 0; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2f01bf25ee2c..82e25499c422 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1342,7 +1342,7 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( slot->attr.lifetime != PSA_KEY_LIFETIME_VOLATILE ) + if( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) { status = psa_destroy_persistent_key( slot->attr.id ); if( overall_status == PSA_SUCCESS ) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 6f6ba07d281f..7308f6fccdb9 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -348,7 +348,7 @@ psa_status_t psa_purge_key( mbedtls_svc_key_id_t key ) if( status != PSA_SUCCESS ) return( status ); - if( slot->attr.lifetime == PSA_KEY_LIFETIME_VOLATILE ) + if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) return PSA_SUCCESS; return( psa_wipe_key_slot( slot ) ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 8ba9ec10a123..44f11a6e2a32 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -13,12 +13,18 @@ persistence_attributes:-1:0:3:-1:0:0:0:3 PSA key attributes: id then back to volatile persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_VOLATILE:-1:0:0:0x5678:PSA_KEY_LIFETIME_VOLATILE +PSA key attributes: id then back to non local volatile +persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1):-1:0:0:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1) + PSA key attributes: id then lifetime persistence_attributes:0x1234:0x5678:3:-1:0:0x1234:0x5678:3 PSA key attributes: lifetime then id persistence_attributes:0x1234:0x5678:3:0x1235:0x5679:0x1235:0x5679:3 +PSA key attributes: non local volatile lifetime then id +persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,3):0x1235:0x5679:0x1235:0x5679:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_PERSISTENT,3) + PSA key attributes: slot number slot_number_attribute: diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 28ab03f247a8..c9f9dbe7cbec 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -969,7 +969,12 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( sizeof( key_material ) ) ); psa_set_key_slot_number( &attributes, min_slot ); - psa_set_key_id( &attributes, returned_id ); + + if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) + attributes.core.id = returned_id; + else + psa_set_key_id( &attributes, returned_id ); + if( ! check_key_attributes( returned_id, &attributes ) ) goto exit; From 65f38a3c2e5c22d7f8a008914dc90141f17b6336 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 23 Oct 2020 17:11:13 +0200 Subject: [PATCH 31/55] Add key id check when creating a volatile key Signed-off-by: Ronald Cron --- library/psa_crypto.c | 9 +++++++-- tests/suites/test_suite_psa_crypto.function | 5 +++++ .../test_suite_psa_crypto_se_driver_hal.function | 1 - .../test_suite_psa_crypto_slot_management.data | 3 +++ .../test_suite_psa_crypto_slot_management.function | 13 ++++++++++++- 5 files changed, 27 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 82e25499c422..e45c52e0b133 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1777,6 +1777,7 @@ static psa_status_t psa_validate_key_attributes( { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes ); + mbedtls_svc_key_id_t key = psa_get_key_id( attributes ); status = psa_validate_key_location( psa_get_key_lifetime( attributes ), p_drv ); @@ -1787,8 +1788,12 @@ static psa_status_t psa_validate_key_attributes( if( status != PSA_SUCCESS ) return( status ); - /* Validate the key identifier only in the case of a persistent key. */ - if ( ! PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) + if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) + { + if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } + else { status = psa_validate_key_id( psa_get_key_id( attributes ), diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 204e36e9893f..82797681ef94 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2340,7 +2340,12 @@ void copy_success( int source_usage_arg, /* Prepare the target attributes. */ if( copy_attributes ) + { target_attributes = source_attributes; + /* Set volatile lifetime to reset the key identifier to 0. */ + psa_set_key_lifetime( &target_attributes, PSA_KEY_LIFETIME_VOLATILE ); + } + if( target_usage_arg != -1 ) psa_set_key_usage_flags( &target_attributes, target_usage_arg ); if( target_alg_arg != -1 ) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index c9f9dbe7cbec..04aecb6b75e1 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -911,7 +911,6 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) key_material, sizeof( key_material ), &returned_id ) ); - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) { /* For volatile keys, check no persistent data was created */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 4f31a23ec1de..25334255981f 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -114,6 +114,9 @@ Create failure: invalid key id (0) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_HANDLE +Create failure: invalid key id (1) for a volatile key +create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT + Create failure: invalid key id (random seed UID) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_HANDLE diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 817094bdec29..66bf0a46e5f8 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -476,8 +476,19 @@ void create_fail( int lifetime_arg, int id_arg, PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_id( &attributes, id ); psa_set_key_lifetime( &attributes, lifetime ); + if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) + { + /* + * Not possible to set a key identifier different from 0 through + * PSA key attributes APIs thus accessing to the attributes + * directly. + */ + attributes.core.id = id; + } + else + psa_set_key_id( &attributes, id ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); TEST_EQUAL( psa_import_key( &attributes, material, sizeof( material ), &returned_id ), From 54b900827b76143a1ba58039c9c78eac8e843133 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 29 Oct 2020 15:26:43 +0100 Subject: [PATCH 32/55] psa: Forbid creation/registration of keys in vendor range The identifier of keys created/registred should be in the application range. This is by spec for key creation. This may change for registered key. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 8 ++------ .../suites/test_suite_psa_crypto_persistent_key.data | 12 ++++++++++++ .../test_suite_psa_crypto_persistent_key.function | 1 + .../suites/test_suite_psa_crypto_se_driver_hal.data | 4 ++-- 4 files changed, 17 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e45c52e0b133..2c4878d64d0e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1779,8 +1779,7 @@ static psa_status_t psa_validate_key_attributes( psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes ); mbedtls_svc_key_id_t key = psa_get_key_id( attributes ); - status = psa_validate_key_location( psa_get_key_lifetime( attributes ), - p_drv ); + status = psa_validate_key_location( lifetime, p_drv ); if( status != PSA_SUCCESS ) return( status ); @@ -1795,10 +1794,7 @@ static psa_status_t psa_validate_key_attributes( } else { - status = psa_validate_key_id( - psa_get_key_id( attributes ), - psa_key_lifetime_is_external( lifetime ), 0 ); - + status = psa_validate_key_id( psa_get_key_id( attributes ), 0, 0 ); if( status != PSA_SUCCESS ) return( status ); } diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 98db74d34990..93f0fc07ef38 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -46,6 +46,18 @@ Persistent key import with restart (RSA) depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS +Persistent key import (RSA) invalid key id (VENDOR_MIN) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +persistent_key_import:256:PSA_KEY_ID_VENDOR_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE + +Persistent key import (RSA) invalid key id (VOLATILE_MIN) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +persistent_key_import:256:PSA_KEY_ID_VOLATILE_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE + +Persistent key import (RSA) invalid key id (VENDOR_MAX) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +persistent_key_import:256:PSA_KEY_ID_VENDOR_MAX:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE + Persistent key import garbage data, should fail depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index ed30848ad857..c4c2b75f6bcf 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -10,6 +10,7 @@ #include #include "test/psa_crypto_helpers.h" +#include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" #include "mbedtls/md.h" diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 239a68f2ab91..18d1d748ed8d 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -151,10 +151,10 @@ Key registration: key id out of range register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_HANDLE Key registration: key id min vendor -register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MIN:1:PSA_SUCCESS +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MIN:1:PSA_ERROR_INVALID_HANDLE Key registration: key id max vendor except volatile -register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN-1:1:PSA_SUCCESS +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN-1:1:PSA_ERROR_INVALID_HANDLE Key registration: key id min volatile register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN:1:PSA_ERROR_INVALID_HANDLE From f95a2b1190803ab8d3317fa579435a49ca7f2889 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 22 Oct 2020 15:24:49 +0200 Subject: [PATCH 33/55] psa: mgmt: Add key slot access counter Add key slot access counter to be able to state if a key slot containing the description of a permanent key can be reset or reset and re-used. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 243 ++++++++++++++++++++------- library/psa_crypto_core.h | 41 +++++ library/psa_crypto_slot_management.c | 49 +++++- library/psa_crypto_slot_management.h | 39 ++++- 4 files changed, 307 insertions(+), 65 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2c4878d64d0e..a510e3c7856e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1189,20 +1189,25 @@ static psa_status_t psa_restrict_key_policy( /** Retrieve a slot which must contain a key. The key must have allow all the * usage flags set in \p usage. If \p alg is nonzero, the key must allow - * operations with this algorithm. */ + * operations with this algorithm. + * + * On success, the access counter of the returned key slot is incremented by + * one. It is the responsibility of the caller to call + * psa_decrement_key_slot_access_count() when it does not access the key slot + * anymore. + */ static psa_status_t psa_get_key_from_slot( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot, psa_key_usage_t usage, psa_algorithm_t alg ) { - psa_status_t status; - psa_key_slot_t *slot = NULL; - - *p_slot = NULL; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot; - status = psa_get_key_slot( key, &slot ); + status = psa_get_key_slot( key, p_slot ); if( status != PSA_SUCCESS ) return( status ); + slot = *p_slot; /* Enforce that usage policy for the key slot contains all the flags * required by the usage parameter. There is one exception: public @@ -1210,15 +1215,22 @@ static psa_status_t psa_get_key_from_slot( mbedtls_svc_key_id_t key, * if they had the export flag. */ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) ) usage &= ~PSA_KEY_USAGE_EXPORT; + + status = PSA_ERROR_NOT_PERMITTED; if( ( slot->attr.policy.usage & usage ) != usage ) - return( PSA_ERROR_NOT_PERMITTED ); + goto error; /* Enforce that the usage policy permits the requested algortihm. */ if( alg != 0 && ! psa_key_policy_permits( &slot->attr.policy, alg ) ) - return( PSA_ERROR_NOT_PERMITTED ); + goto error; - *p_slot = slot; return( PSA_SUCCESS ); + +error: + *p_slot = NULL; + psa_decrement_key_slot_access_count( slot ); + + return( status ); } /** Retrieve a slot which must contain a transparent key. @@ -1228,6 +1240,11 @@ static psa_status_t psa_get_key_from_slot( mbedtls_svc_key_id_t key, * * This is a temporary function to use instead of psa_get_key_from_slot() * until secure element support is fully implemented. + * + * On success, the access counter of the returned key slot is incremented by + * one. It is the responsibility of the caller to call + * psa_decrement_key_slot_access_count() when it does not access the key slot + * anymore. */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) static psa_status_t psa_get_transparent_key( mbedtls_svc_key_id_t key, @@ -1238,11 +1255,14 @@ static psa_status_t psa_get_transparent_key( mbedtls_svc_key_id_t key, psa_status_t status = psa_get_key_from_slot( key, p_slot, usage, alg ); if( status != PSA_SUCCESS ) return( status ); + if( psa_key_slot_is_external( *p_slot ) ) { + psa_decrement_key_slot_access_count( *p_slot ); *p_slot = NULL; return( PSA_ERROR_NOT_SUPPORTED ); } + return( PSA_SUCCESS ); } #else /* MBEDTLS_PSA_CRYPTO_SE_C */ @@ -1473,8 +1493,9 @@ static psa_status_t psa_get_rsa_public_exponent( psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, psa_key_attributes_t *attributes ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - psa_status_t status; psa_reset_key_attributes( attributes ); @@ -1528,7 +1549,10 @@ psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, if( status != PSA_SUCCESS ) psa_reset_key_attributes( attributes ); - return( status ); + + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -1688,8 +1712,9 @@ psa_status_t psa_export_key( mbedtls_svc_key_id_t key, size_t data_size, size_t *data_length ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - psa_status_t status; /* Set the key to empty now, so that even when there are errors, we always * set data_length to a value between 0 and data_size. On error, setting @@ -1703,8 +1728,11 @@ psa_status_t psa_export_key( mbedtls_svc_key_id_t key, status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_EXPORT, 0 ); if( status != PSA_SUCCESS ) return( status ); - return( psa_internal_export_key( slot, data, data_size, - data_length, 0 ) ); + + status = psa_internal_export_key( slot, data, data_size, data_length, 0 ); + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, @@ -1712,8 +1740,9 @@ psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, size_t data_size, size_t *data_length ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - psa_status_t status; /* Set the key to empty now, so that even when there are errors, we always * set data_length to a value between 0 and data_size. On error, setting @@ -1725,8 +1754,11 @@ psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, status = psa_get_key_from_slot( key, &slot, 0, 0 ); if( status != PSA_SUCCESS ) return( status ); - return( psa_internal_export_key( slot, data, data_size, - data_length, 1 ) ); + + status = psa_internal_export_key( slot, data, data_size, data_length, 1 ); + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } #if defined(static_assert) @@ -1833,6 +1865,11 @@ static psa_status_t psa_validate_key_attributes( * In case of failure at any step, stop the sequence and call * psa_fail_key_creation(). * + * On success, the access counter of the returned key slot is incremented by + * one. It is the responsibility of the caller to call + * psa_decrement_key_slot_access_count() when it does not access the key slot + * anymore. + * * \param method An identification of the calling function. * \param[in] attributes Key attributes for the new key. * \param[out] key On success, identifier of the key. Note that the @@ -1943,7 +1980,6 @@ static psa_status_t psa_start_key_creation( #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ *key = slot->attr.id; - return( PSA_SUCCESS ); } @@ -2203,6 +2239,9 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, psa_fail_key_creation( slot, driver ); *key = MBEDTLS_SVC_KEY_ID_INIT; } + else + status = psa_decrement_key_slot_access_count( slot ); + return( status ); } @@ -2233,9 +2272,10 @@ psa_status_t mbedtls_psa_register_se_key( exit: if( status != PSA_SUCCESS ) - { psa_fail_key_creation( slot, driver ); - } + else + status = psa_decrement_key_slot_access_count( slot ); + /* Registration doesn't keep the key in RAM. */ psa_close_key( key ); return( status ); @@ -2261,7 +2301,8 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, const psa_key_attributes_t *specified_attributes, mbedtls_svc_key_id_t *target_key ) { - psa_status_t status; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *source_slot = NULL; psa_key_slot_t *target_slot = NULL; psa_key_attributes_t actual_attributes = *specified_attributes; @@ -2308,7 +2349,12 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, psa_fail_key_creation( target_slot, driver ); *target_key = MBEDTLS_SVC_KEY_ID_INIT; } - return( status ); + else + status = psa_decrement_key_slot_access_count( target_slot ); + + decrement_status = psa_decrement_key_slot_access_count( source_slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } @@ -3094,7 +3140,8 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, psa_algorithm_t alg, int is_sign ) { - psa_status_t status; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; size_t key_bits; psa_key_usage_t usage = @@ -3203,7 +3250,10 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, { operation->key_set = 1; } - return( status ); + + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation, @@ -3700,8 +3750,9 @@ psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, size_t signature_size, size_t *signature_length ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - psa_status_t status; *signature_length = signature_size; /* Immediately reject a zero-length signature buffer. This guarantees @@ -3807,7 +3858,10 @@ psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, memset( signature, '!', signature_size ); /* If signature_size is 0 then we have nothing to do. We must not call * memset because signature may be NULL in this case. */ - return( status ); + + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, @@ -3817,8 +3871,9 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, const uint8_t *signature, size_t signature_length ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - psa_status_t status; status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_VERIFY_HASH, alg ); @@ -3834,7 +3889,7 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, signature_length ); if( status != PSA_ERROR_NOT_SUPPORTED || psa_key_lifetime_is_external( slot->attr.lifetime ) ) - return status; + goto exit; #if defined(MBEDTLS_RSA_C) if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) @@ -3846,7 +3901,7 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, slot->data.key.bytes, &rsa ); if( status != PSA_SUCCESS ) - return( status ); + goto exit; status = psa_rsa_verify( rsa, alg, @@ -3854,7 +3909,7 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, signature, signature_length ); mbedtls_rsa_free( rsa ); mbedtls_free( rsa ); - return( status ); + goto exit; } else #endif /* defined(MBEDTLS_RSA_C) */ @@ -3870,25 +3925,31 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, slot->data.key.bytes, &ecp ); if( status != PSA_SUCCESS ) - return( status ); + goto exit; status = psa_ecdsa_verify( ecp, hash, hash_length, signature, signature_length ); mbedtls_ecp_keypair_free( ecp ); mbedtls_free( ecp ); - return( status ); + goto exit; } else #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ { - return( PSA_ERROR_INVALID_ARGUMENT ); + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; } } else #endif /* defined(MBEDTLS_ECP_C) */ { - return( PSA_ERROR_NOT_SUPPORTED ); + status = PSA_ERROR_NOT_SUPPORTED; } + +exit: + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) @@ -3912,8 +3973,9 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, size_t output_size, size_t *output_length ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - psa_status_t status; (void) input; (void) input_length; @@ -3931,7 +3993,10 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, return( status ); if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) || PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } #if defined(MBEDTLS_RSA_C) if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) @@ -3989,13 +4054,17 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, mbedtls_rsa_free( rsa ); mbedtls_free( rsa ); - return( status ); } else #endif /* defined(MBEDTLS_RSA_C) */ { - return( PSA_ERROR_NOT_SUPPORTED ); + status = PSA_ERROR_NOT_SUPPORTED; } + +exit: + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, @@ -4008,8 +4077,9 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, size_t output_size, size_t *output_length ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - psa_status_t status; (void) input; (void) input_length; @@ -4026,7 +4096,10 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, if( status != PSA_SUCCESS ) return( status ); if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } #if defined(MBEDTLS_RSA_C) if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) @@ -4037,7 +4110,7 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, slot->data.key.bytes, &rsa ); if( status != PSA_SUCCESS ) - return( status ); + goto exit; if( input_length != mbedtls_rsa_get_len( rsa ) ) { @@ -4084,13 +4157,17 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, rsa_exit: mbedtls_rsa_free( rsa ); mbedtls_free( rsa ); - return( status ); } else #endif /* defined(MBEDTLS_RSA_C) */ { - return( PSA_ERROR_NOT_SUPPORTED ); + status = PSA_ERROR_NOT_SUPPORTED; } + +exit: + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } @@ -4104,8 +4181,9 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, psa_algorithm_t alg, mbedtls_operation_t cipher_operation ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; int ret = 0; - psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_slot_t *slot; size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; @@ -4249,7 +4327,10 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, } else psa_cipher_abort( operation ); - return( status ); + + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation, @@ -4615,6 +4696,7 @@ typedef struct const mbedtls_cipher_info_t *cipher_info; union { + unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_CCM_C) mbedtls_ccm_context ccm; #endif /* MBEDTLS_CCM_C */ @@ -4630,6 +4712,8 @@ typedef struct uint8_t tag_length; } aead_operation_t; +#define AEAD_OPERATION_INIT {0, 0, {0}, 0, 0, 0} + static void psa_aead_abort_internal( aead_operation_t *operation ) { switch( operation->core_alg ) @@ -4645,6 +4729,8 @@ static void psa_aead_abort_internal( aead_operation_t *operation ) break; #endif /* MBEDTLS_GCM_C */ } + + psa_decrement_key_slot_access_count( operation->slot ); } static psa_status_t psa_aead_setup( aead_operation_t *operation, @@ -4666,7 +4752,10 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, mbedtls_cipher_info_from_psa( alg, operation->slot->attr.type, key_bits, &cipher_id ); if( operation->cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + { + status = PSA_ERROR_NOT_SUPPORTED; + goto cleanup; + } switch( PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 ) ) { @@ -4678,7 +4767,10 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, * The call to mbedtls_ccm_encrypt_and_tag or * mbedtls_ccm_auth_decrypt will validate the tag length. */ if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto cleanup; + } mbedtls_ccm_init( &operation->ctx.ccm ); status = mbedtls_to_psa_error( mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id, @@ -4697,7 +4789,10 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, * The call to mbedtls_gcm_crypt_and_tag or * mbedtls_gcm_auth_decrypt will validate the tag length. */ if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto cleanup; + } mbedtls_gcm_init( &operation->ctx.gcm ); status = mbedtls_to_psa_error( mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id, @@ -4714,7 +4809,10 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, operation->full_tag_length = 16; /* We only support the default tag length. */ if( alg != PSA_ALG_CHACHA20_POLY1305 ) - return( PSA_ERROR_NOT_SUPPORTED ); + { + status = PSA_ERROR_NOT_SUPPORTED; + goto cleanup; + } mbedtls_chachapoly_init( &operation->ctx.chachapoly ); status = mbedtls_to_psa_error( mbedtls_chachapoly_setkey( &operation->ctx.chachapoly, @@ -4725,7 +4823,8 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, #endif /* MBEDTLS_CHACHAPOLY_C */ default: - return( PSA_ERROR_NOT_SUPPORTED ); + status = PSA_ERROR_NOT_SUPPORTED; + goto cleanup; } if( PSA_AEAD_TAG_LENGTH( alg ) > operation->full_tag_length ) @@ -4755,7 +4854,7 @@ psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key, size_t *ciphertext_length ) { psa_status_t status; - aead_operation_t operation; + aead_operation_t operation = AEAD_OPERATION_INIT; uint8_t *tag; *ciphertext_length = 0; @@ -4869,7 +4968,7 @@ psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key, size_t *plaintext_length ) { psa_status_t status; - aead_operation_t operation; + aead_operation_t operation = AEAD_OPERATION_INIT; const uint8_t *tag = NULL; *plaintext_length = 0; @@ -5409,6 +5508,9 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut psa_fail_key_creation( slot, driver ); *key = MBEDTLS_SVC_KEY_ID_INIT; } + else + status = psa_decrement_key_slot_access_count( slot ); + return( status ); } @@ -5772,8 +5874,9 @@ psa_status_t psa_key_derivation_input_key( psa_key_derivation_step_t step, mbedtls_svc_key_id_t key ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - psa_status_t status; status = psa_get_transparent_key( key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg ); @@ -5788,10 +5891,14 @@ psa_status_t psa_key_derivation_input_key( if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) operation->can_output_key = 1; - return( psa_key_derivation_input_internal( operation, - step, slot->attr.type, - slot->data.key.data, - slot->data.key.bytes ) ); + status = psa_key_derivation_input_internal( operation, + step, slot->attr.type, + slot->data.key.data, + slot->data.key.bytes ); + + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } @@ -5939,8 +6046,10 @@ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *o const uint8_t *peer_key, size_t peer_key_length ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - psa_status_t status; + if( ! PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_transparent_key( private_key, &slot, @@ -5959,7 +6068,10 @@ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *o if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) operation->can_output_key = 1; } - return( status ); + + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, @@ -5970,8 +6082,9 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, size_t output_size, size_t *output_length ) { - psa_key_slot_t *slot; - psa_status_t status; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot = NULL; if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ) { @@ -6001,7 +6114,10 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, psa_generate_random( output, output_size ); *output_length = output_size; } - return( status ); + + decrement_status = psa_decrement_key_slot_access_count( slot ); + + return( ( status == PSA_SUCCESS ) ? decrement_status : status ); } @@ -6250,6 +6366,9 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_fail_key_creation( slot, driver ); *key = MBEDTLS_SVC_KEY_ID_INIT; } + else + status = psa_decrement_key_slot_access_count( slot ); + return( status ); } diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 86d804bd4356..32d1d6077bd8 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -36,6 +36,33 @@ typedef struct { psa_core_key_attributes_t attr; + + /* + * Number of on-going accesses, read and/or write, to the key slot by the + * library. + * + * This counter is incremented by one each time a library function + * retrieves through one of the dedicated internal API a pointer to the + * key slot. + * + * This counter is decremented by one each time a library function stops + * accessing to the key slot and states it by calling the + * psa_decrement_key_slot_access_count() API. + * + * This counter is used to prevent resetting the key slot while the library + * may access it. For example, such control is needed in the following + * scenarios: + * . In case of key slot starvation, all key slots contain the description + * of a key, and the library asks for the description of a permanent + * key not present in the key slots, the key slots currently accessed by + * the library cannot be reclaimed to free a key slot to load the + * permanent key. + * . In case of a multi-threaded application where one thread asks to close + * or purge or destroy a key while it is in used by the library through + * another thread. + */ + size_t access_count; + union { /* Dynamically allocated key data buffer. @@ -74,6 +101,20 @@ static inline int psa_is_key_slot_occupied( const psa_key_slot_t *slot ) return( slot->attr.type != 0 ); } +/** Test whether a key slot is accessed. + * + * A key slot is accessed iff its access counter is strickly greater than + * 0. + * + * \param[in] slot The key slot to test. + * + * \return 1 if the slot is accessed, 0 otherwise. + */ +static inline int psa_is_key_slot_accessed( const psa_key_slot_t *slot ) +{ + return( slot->access_count > 0 ); +} + /** Retrieve flags from psa_key_slot_t::attr::core::flags. * * \param[in] slot The key slot to query. diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 7308f6fccdb9..e2074774da54 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -88,6 +88,11 @@ psa_status_t psa_validate_key_id( * key with identifier key_id can only be stored in slot of index * ( key_id - #PSA_KEY_ID_VOLATILE_MIN ). * + * On success, the access counter of the returned key slot is incremented by + * one. It is the responsibility of the caller to call + * psa_decrement_key_slot_access_count() when it does not access the key slot + * anymore. + * * \param key Key identifier to query. * \param[out] p_slot On success, `*p_slot` contains a pointer to the * key slot containing the description of the key @@ -135,7 +140,10 @@ static psa_status_t psa_search_key_in_slots( } if( status == PSA_SUCCESS ) + { *p_slot = slot; + psa_increment_key_slot_access_count( slot ); + } return( status ); } @@ -177,9 +185,12 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + ( (psa_key_id_t)slot_idx ) - 1; + psa_increment_key_slot_access_count( *p_slot ); + return( PSA_SUCCESS ); } } + *p_slot = NULL; return( PSA_ERROR_INSUFFICIENT_MEMORY ); } @@ -232,6 +243,10 @@ psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, if( ! global_data.key_slots_initialized ) return( PSA_ERROR_BAD_STATE ); + /* + * On success, the pointer to the slot is passed directly to the caller + * thus no need to decrement the key slot access counter here. + */ status = psa_search_key_in_slots( key, p_slot ); if( status != PSA_ERROR_DOES_NOT_EXIST ) return( status ); @@ -257,6 +272,36 @@ psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, } +psa_status_t psa_decrement_key_slot_access_count( psa_key_slot_t *slot ) +{ + if( slot == NULL ) + return( PSA_SUCCESS ); + + if( slot->access_count > 0 ) + { + slot->access_count--; + return( PSA_SUCCESS ); + } + + /* + * As the return error code may not be handled in case of multiple errors, + * do our best to report if the access counter is equal to zero: if + * available call MBEDTLS_PARAM_FAILED that may terminate execution (if + * called as part of the execution of a unit test suite this will stop the + * test suite execution) and if MBEDTLS_PARAM_FAILED does not terminate + * execution ouput an error message on standard error output. + */ +#ifdef MBEDTLS_CHECK_PARAMS + MBEDTLS_PARAM_FAILED( slot->access_count > 0 ); +#endif +#ifdef MBEDTLS_PLATFORM_C + mbedtls_fprintf( stderr, + "\nFATAL psa_decrement_key_slot_access_count Decrementing a zero access counter.\n" ); +#endif + + return( PSA_ERROR_CORRUPTION_DETECTED ); +} + psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, psa_se_drv_table_entry_t **p_drv ) { @@ -315,7 +360,7 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) *handle = key; - return( PSA_SUCCESS ); + return( psa_decrement_key_slot_access_count( slot ) ); #else /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ (void) key; @@ -349,7 +394,7 @@ psa_status_t psa_purge_key( mbedtls_svc_key_id_t key ) return( status ); if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) - return PSA_SUCCESS; + return( psa_decrement_key_slot_access_count( slot ) ); return( psa_wipe_key_slot( slot ) ); } diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 2b90ce87b453..d22e343bc0f5 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -70,6 +70,11 @@ static inline int psa_key_id_is_volatile( psa_key_id_t key_id ) * In case of a persistent key, the function loads the description of the key * into a key slot if not already done. * + * On success, the access counter of the returned key slot is incremented by + * one. It is the responsibility of the caller to call + * psa_decrement_key_slot_access_count() when it does not access the slot + * anymore. + * * \param key Key identifier to query. * \param[out] p_slot On success, `*p_slot` contains a pointer to the * key slot containing the description of the key @@ -110,7 +115,10 @@ void psa_wipe_all_key_slots( void ); /** Find a free key slot. * * This function returns a key slot that is available for use and is in its - * ground state (all-bits-zero). + * ground state (all-bits-zero). On success, the access counter of the + * returned key slot is incremented by one. It is the responsibility of the + * caller to call psa_decrement_key_slot_access_count() when it does not access + * the key slot anymore. * * \param[out] volatile_key_id On success, volatile key identifier * associated to the returned slot. @@ -123,6 +131,35 @@ void psa_wipe_all_key_slots( void ); psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, psa_key_slot_t **p_slot ); +/** Increment slot access counter. + * + * This function increments the slot access counter by one. + * + * \param[in] slot The key slot. + */ +static inline void psa_increment_key_slot_access_count( psa_key_slot_t *slot ) +{ + slot->access_count++; +} + +/** Decrement slot access counter. + * + * This function decrements the slot access counter by one. + * + * \note To ease the handling of errors in retrieving a key slot + * a NULL input pointer is valid, and the function returns + * successfully without doing anything in that case. + * + * \param[in] slot The key slot. + * \retval #PSA_SUCCESS + * \p slot is NULL or the key slot access pointer has been + * decremented successfully. + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * The access counter was equal to 0. + * + */ +psa_status_t psa_decrement_key_slot_access_count( psa_key_slot_t *slot ); + /** Test whether a lifetime designates a key in an external cryptoprocessor. * * \param lifetime The lifetime to test. From 0c3752a46beda8be9ddb6134ae4d12cb2f4b6b15 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 30 Oct 2020 11:54:03 +0100 Subject: [PATCH 34/55] psa: slot mgmt: Add unaccessed slots counter in stats Add a counter of unaccessed slots and use it in tests to check that at the end of PSA tests all key slot are unaccessed. Signed-off-by: Ronald Cron --- include/psa/crypto_extra.h | 2 ++ library/psa_crypto_slot_management.c | 4 ++++ tests/include/test/psa_crypto_helpers.h | 5 +++++ 3 files changed, 11 insertions(+) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 71adb9355b20..7986eb23b743 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -231,6 +231,8 @@ typedef struct mbedtls_psa_stats_s size_t cache_slots; /** Number of slots that are not used for anything. */ size_t empty_slots; + /** Number of slots that are not accessed. */ + size_t unaccessed_slots; /** Largest key id value among open keys in internal persistent storage. */ psa_key_id_t max_open_internal_key_id; /** Largest key id value among open keys in secure elements. */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index e2074774da54..2fa0a0d54520 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -408,6 +408,10 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ ) { const psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; + if( ! psa_is_key_slot_accessed( slot ) ) + { + ++stats->unaccessed_slots; + } if( ! psa_is_key_slot_occupied( slot ) ) { ++stats->empty_slots; diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index c8013a1a8fa3..214ee87f3b71 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -24,6 +24,7 @@ #include "test/psa_helpers.h" #include +#include static int test_helper_is_psa_pristine( int line, const char *file ) { @@ -40,6 +41,10 @@ static int test_helper_is_psa_pristine( int line, const char *file ) msg = "An external slot has not been closed properly."; else if( stats.half_filled_slots != 0 ) msg = "A half-filled slot has not been cleared properly."; + else if( stats.unaccessed_slots != PSA_KEY_SLOT_COUNT ) + { + msg = "Some slots are still marked as accessed."; + } /* If the test has already failed, don't overwrite the failure * information. Do keep the stats lookup above, because it can be From ddd3d058034d5a2f808a568cedcf19ed23a9dbc2 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 30 Oct 2020 14:07:07 +0100 Subject: [PATCH 35/55] psa: Add access counter check in slot wipe Signed-off-by: Ronald Cron --- library/psa_crypto.c | 21 +++++++++++++++++++++ library/psa_crypto_slot_management.c | 1 + 2 files changed, 22 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a510e3c7856e..04a6514d5ddf 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1299,6 +1299,27 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) { psa_status_t status = psa_remove_key_data_from_memory( slot ); + + /* + * As the return error code may not be handled in case of multiple errors, + * do our best to report an unexpected access counter: if available + * call MBEDTLS_PARAM_FAILED that may terminate execution (if called as + * part of the execution of a test suite this will stop the test suite + * execution) and if MBEDTLS_PARAM_FAILED does not terminate execution + * ouput an error message on standard error output. + */ + if( slot->access_count != 1 ) + { +#ifdef MBEDTLS_CHECK_PARAMS + MBEDTLS_PARAM_FAILED( slot->access_count == 1 ); +#endif +#ifdef MBEDTLS_PLATFORM_C + mbedtls_fprintf( stderr, + "\nFATAL psa_wipe_key_slot Unexpected access counter value\n."); +#endif + status = PSA_ERROR_CORRUPTION_DETECTED; + } + /* Multipart operations may still be using the key. This is safe * because all multipart operation objects are independent from * the key slot: if they need to access the key after the setup diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 2fa0a0d54520..7bfcc4d37402 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -164,6 +164,7 @@ void psa_wipe_all_key_slots( void ) for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ ) { psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; + slot->access_count = 1; (void) psa_wipe_key_slot( slot ); } global_data.key_slots_initialized = 0; From f291111007cb6dd6962e190aae340052c308622d Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 29 Oct 2020 17:51:10 +0100 Subject: [PATCH 36/55] psa: Do not reset a key slot under access When psa_close/destroy/purge_key is called, do not reset a key slot containing the description of a persistent key if it is currently accessed. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 20 ++++++++++++++++++++ library/psa_crypto_slot_management.c | 12 ++++++++---- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 04a6514d5ddf..1f69b55e1ad5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1344,10 +1344,30 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) if( mbedtls_svc_key_id_is_null( key ) ) return( PSA_SUCCESS ); + /* + * Get the description of the key in a key slot. In case of a permanent + * key, this will load the key description from persistent memory if not + * done yet. We cannot avoid this loading as without it we don't know if + * the key is operated by an SE or not and this information is needed by + * the current implementation. + */ status = psa_get_key_slot( key, &slot ); if( status != PSA_SUCCESS ) return( status ); + /* + * If the key slot containing the key description is under access by the + * library (apart from the present access), the key cannot be destroyed + * yet. For the time being, just return in error. Eventually (to be + * implemented), the key should be destroyed when all accesses have + * stopped. + */ + if( slot->access_count > 1 ) + { + psa_decrement_key_slot_access_count( slot ); + return( PSA_ERROR_GENERIC_ERROR ); + } + #if defined(MBEDTLS_PSA_CRYPTO_SE_C) driver = psa_get_se_driver_entry( slot->attr.lifetime ); if( driver != NULL ) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 7bfcc4d37402..9271e14511b3 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -382,7 +382,10 @@ psa_status_t psa_close_key( psa_key_handle_t handle ) if( status != PSA_SUCCESS ) return( status ); - return( psa_wipe_key_slot( slot ) ); + if( slot->access_count <= 1 ) + return( psa_wipe_key_slot( slot ) ); + else + return( psa_decrement_key_slot_access_count( slot ) ); } psa_status_t psa_purge_key( mbedtls_svc_key_id_t key ) @@ -394,10 +397,11 @@ psa_status_t psa_purge_key( mbedtls_svc_key_id_t key ) if( status != PSA_SUCCESS ) return( status ); - if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) + if( ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) && + ( slot->access_count <= 1 ) ) + return( psa_wipe_key_slot( slot ) ); + else return( psa_decrement_key_slot_access_count( slot ) ); - - return( psa_wipe_key_slot( slot ) ); } void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) From a5b894f7e21e116ce3822441bcbbab58b84a0d7a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 21 Oct 2020 09:04:34 +0200 Subject: [PATCH 37/55] psa: mgmt: Add key slot reuse When looking for an empty key slot to store the description of a key, if all key slots are in use, reuse the first encountered and unaccessed key slot containing the description of a permanent key. Signed-off-by: Ronald Cron --- library/psa_crypto_slot_management.c | 55 +++++- ...test_suite_psa_crypto_slot_management.data | 20 ++ ..._suite_psa_crypto_slot_management.function | 186 ++++++++++++++++++ 3 files changed, 251 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 9271e14511b3..5a1fc741fa73 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -173,27 +173,62 @@ void psa_wipe_all_key_slots( void ) psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, psa_key_slot_t **p_slot ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t slot_idx; + psa_key_slot_t *selected_slot, *unaccessed_permanent_key_slot; if( ! global_data.key_slots_initialized ) - return( PSA_ERROR_BAD_STATE ); + { + status = PSA_ERROR_BAD_STATE; + goto error; + } - for( slot_idx = PSA_KEY_SLOT_COUNT; slot_idx > 0; slot_idx-- ) + selected_slot = unaccessed_permanent_key_slot = NULL; + for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ ) { - *p_slot = &global_data.key_slots[ slot_idx - 1 ]; - if( ! psa_is_key_slot_occupied( *p_slot ) ) + psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; + if( ! psa_is_key_slot_occupied( slot ) ) { - *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + - ( (psa_key_id_t)slot_idx ) - 1; + selected_slot = slot; + break; + } - psa_increment_key_slot_access_count( *p_slot ); + if( ( unaccessed_permanent_key_slot == NULL ) && + ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) && + ( ! psa_is_key_slot_accessed( slot ) ) ) + unaccessed_permanent_key_slot = slot; + } - return( PSA_SUCCESS ); - } + /* + * If there is no unused key slot and there is at least one unaccessed key + * slot containing the description of a permament key, recycle the first + * such key slot we encountered. If we need later on to operate on the + * permanent key we evict now, we will reload its description from storage. + */ + if( ( selected_slot == NULL ) && + ( unaccessed_permanent_key_slot != NULL ) ) + { + selected_slot = unaccessed_permanent_key_slot; + selected_slot->access_count = 1; + psa_wipe_key_slot( selected_slot ); + } + + if( selected_slot != NULL ) + { + *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + + ( (psa_key_id_t)( selected_slot - global_data.key_slots ) ); + *p_slot = selected_slot; + psa_increment_key_slot_access_count( selected_slot ); + + return( PSA_SUCCESS ); } + status = PSA_ERROR_INSUFFICIENT_MEMORY; +error: *p_slot = NULL; - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + *volatile_key_id = 0; + + return( status ); } #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 25334255981f..d2d6c01b9a74 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -186,3 +186,23 @@ invalid_handle:INVALID_HANDLE_HUGE:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HA Open many transient keys many_transient_keys:42 + +# Eviction from a key slot to be able to import a new permanent key. +Key slot eviction to import a new permanent key +key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_PERSISTENT + +# Eviction from a key slot to be able to import a new volatile key. +Key slot eviction to import a new volatile key +key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_VOLATILE + +# Check that non reusable key slots are not deleted/overwritten in case of key +# slot starvation: +# . An attempt to access a permanent key while all RAM key slots are occupied +# by volatile keys fails and does not lead to volatile key data to be +# spoiled. +# . With all key slot in use with one containing a permanent key, an attempt +# to copy the permanent key fails (the permanent key slot cannot be reclaimed +# as it is accessed by the copy process) without the permament key data and +# volatile key data being spoiled. +Non reusable key slots integrity in case of key slot starvation +non_reusable_key_slots_integrity_in_case_of_key_slot_starvation diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 66bf0a46e5f8..94bcade12fc5 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -877,3 +877,189 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ +void key_slot_eviction_to_import_new_key( int lifetime_arg ) +{ + psa_key_lifetime_t lifetime = (psa_key_lifetime_t)lifetime_arg; + size_t i; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t exported[sizeof( size_t )]; + size_t exported_length; + mbedtls_svc_key_id_t key, returned_key_id; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &attributes, 0 ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + + /* + * Create PSA_KEY_SLOT_COUNT persistent keys. + */ + for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ ) + { + key = mbedtls_svc_key_id_make( i, i + 1 ); + psa_set_key_id( &attributes, key ); + PSA_ASSERT( psa_import_key( &attributes, + (uint8_t *) &i, sizeof( i ), + &returned_key_id ) ); + TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key ) ); + } + + /* + * Create a new persistent or volatile key. When creating the key, + * one of the description of the previously created persistent key + * is removed from the RAM key slots. This makes room to store its + * description in RAM. + */ + i = PSA_KEY_SLOT_COUNT; + key = mbedtls_svc_key_id_make( i, i + 1 ); + psa_set_key_id( &attributes, key ); + + if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) + psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE ); + + PSA_ASSERT( psa_import_key( &attributes, + (uint8_t *) &i, sizeof( i ), + &returned_key_id ) ); + if( lifetime != PSA_KEY_LIFETIME_VOLATILE ) + TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key ) ); + + /* + * Check that we can export all ( PSA_KEY_SLOT_COUNT + 1 ) keys, + * that they have the expected value and destroy them. In that process, + * the description of the persistent key that was evicted from the RAM + * slots when creating the last key is restored in a RAM slot to export + * its value. + */ + for( i = 0; i <= PSA_KEY_SLOT_COUNT; i++ ) + { + if( i < PSA_KEY_SLOT_COUNT ) + key = mbedtls_svc_key_id_make( i, i + 1 ); + else + key = returned_key_id; + + PSA_ASSERT( psa_export_key( key, + exported, sizeof( exported ), + &exported_length ) ); + ASSERT_COMPARE( exported, exported_length, + (uint8_t *) &i, sizeof( i ) ); + PSA_ASSERT( psa_destroy_key( key ) ); + } + +exit: + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ +void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( ) +{ + psa_status_t status; + size_t i; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t exported[sizeof( size_t )]; + size_t exported_length; + mbedtls_svc_key_id_t permanent_key = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t permanent_key2 = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t *keys = NULL; + + TEST_ASSERT( PSA_KEY_SLOT_COUNT >= 1 ); + + ASSERT_ALLOC( keys, PSA_KEY_SLOT_COUNT ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY ); + psa_set_key_algorithm( &attributes, 0 ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + + /* + * Create a permanent key + */ + permanent_key = mbedtls_svc_key_id_make( 0x100, 0x205 ); + psa_set_key_id( &attributes, permanent_key ); + PSA_ASSERT( psa_import_key( &attributes, + (uint8_t *) &permanent_key, + sizeof( permanent_key ), + &returned_key_id ) ); + TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, permanent_key ) ); + + /* + * Create PSA_KEY_SLOT_COUNT volatile keys + */ + psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE ); + for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ ) + { + PSA_ASSERT( psa_import_key( &attributes, + (uint8_t *) &i, sizeof( i ), + &keys[i]) ); + } + psa_reset_key_attributes( &attributes ); + + /* + * Check that we cannot access the persistent key as all slots are + * occupied by volatile keys and the implementation needs to load the + * persistent key description in a slot to be able to access it. + */ + status = psa_get_key_attributes( permanent_key, &attributes ); + TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY ); + + /* + * Check we can export the volatile key created last and that it has the + * expected value. Then, destroy it. + */ + PSA_ASSERT( psa_export_key( keys[PSA_KEY_SLOT_COUNT - 1], + exported, sizeof( exported ), + &exported_length ) ); + i = PSA_KEY_SLOT_COUNT - 1; + ASSERT_COMPARE( exported, exported_length, (uint8_t *) &i, sizeof( i ) ); + PSA_ASSERT( psa_destroy_key( keys[PSA_KEY_SLOT_COUNT - 1] ) ); + + /* + * Check that we can now access the persistent key again. + */ + PSA_ASSERT( psa_get_key_attributes( permanent_key, &attributes ) ); + TEST_ASSERT( mbedtls_svc_key_id_equal( attributes.core.id, + permanent_key ) ); + + /* + * Check that we cannot copy the persistent key as all slots are occupied + * by the permanent key and the volatile keys and the slot containing the + * permanent key cannot be reclaimed as it contains the key to copy. + */ + permanent_key2 = mbedtls_svc_key_id_make( 0x100, 0x204 ); + psa_set_key_id( &attributes, permanent_key2 ); + status = psa_copy_key( permanent_key, &attributes, &returned_key_id ); + TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY ); + + /* + * Check we can export the remaining volatile keys and that they have the + * expected values. + */ + for( i = 0; i < ( PSA_KEY_SLOT_COUNT - 1 ); i++ ) + { + PSA_ASSERT( psa_export_key( keys[i], + exported, sizeof( exported ), + &exported_length ) ); + ASSERT_COMPARE( exported, exported_length, + (uint8_t *) &i, sizeof( i ) ); + PSA_ASSERT( psa_destroy_key( keys[i] ) ); + } + + /* + * Check we can export the persistent key and that it have the expected + * value. + */ + + PSA_ASSERT( psa_export_key( permanent_key, exported, sizeof( exported ), + &exported_length ) ); + ASSERT_COMPARE( exported, exported_length, + (uint8_t *) &permanent_key, sizeof( permanent_key ) ); +exit: + psa_destroy_key( permanent_key ); + PSA_DONE( ); + mbedtls_free( keys ); +} +/* END_CASE */ From 77c89f5ad64ee8e7e1de611e6fde539907008a09 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 10 Nov 2020 17:45:56 +0100 Subject: [PATCH 38/55] Fix several typos Signed-off-by: Ronald Cron --- include/mbedtls/config.h | 2 +- programs/psa/key_ladder_demo.c | 2 +- tests/suites/test_suite_psa_crypto_slot_management.function | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index c930a8ff3c15..a85b0a45f84e 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1266,7 +1266,7 @@ * which is currently hard-coded to be int32_t. * * Note that this option is meant for internal use only and may be removed - * without notice. It is incompatible with PSA_USE_PSA_CRYPTO. + * without notice. It is incompatible with MBEDTLS_USE_PSA_CRYPTO. */ //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index c36b67faff08..47d5de6425f0 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -574,7 +574,7 @@ static psa_status_t run( enum program_mode mode, exit: /* Destroy any remaining key. Deinitializing the crypto library would do * this anyway since they are volatile keys, but explicitly destroying - * keys makes the code easier. */ + * keys makes the code easier to reuse. */ (void) psa_destroy_key( derivation_key ); (void) psa_destroy_key( wrapping_key ); /* Deinitialize the PSA crypto library. */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 94bcade12fc5..321ce4f3361c 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -106,7 +106,7 @@ static int invalidate_key( invalidate_method_t invalidate_method, case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN: PSA_ASSERT( psa_destroy_key( key ) ); break; - /* Purging the key just purge RAM data of persitent keys. */ + /* Purging the key just purges RAM data of persistent keys. */ case INVALIDATE_BY_PURGING: case INVALIDATE_BY_PURGING_WITH_SHUTDOWN: PSA_ASSERT( psa_purge_key( key ) ); From 19daca9b2e46c4f9fa16af9091b1dea3014ef1fa Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 10 Nov 2020 18:08:03 +0100 Subject: [PATCH 39/55] Prefer persistent over permanent For consistency across the code base, prefer persistent over permanent to qualify a key stored in persistent storage. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 2 +- library/psa_crypto_core.h | 4 +- library/psa_crypto_slot_management.c | 15 +++---- ...test_suite_psa_crypto_slot_management.data | 14 +++---- ..._suite_psa_crypto_slot_management.function | 40 +++++++++---------- 5 files changed, 38 insertions(+), 37 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1f69b55e1ad5..3e174f9c2e5c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1345,7 +1345,7 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) return( PSA_SUCCESS ); /* - * Get the description of the key in a key slot. In case of a permanent + * Get the description of the key in a key slot. In case of a persistent * key, this will load the key description from persistent memory if not * done yet. We cannot avoid this loading as without it we don't know if * the key is operated by an SE or not and this information is needed by diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 32d1d6077bd8..489be31e2fbe 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -53,10 +53,10 @@ typedef struct * may access it. For example, such control is needed in the following * scenarios: * . In case of key slot starvation, all key slots contain the description - * of a key, and the library asks for the description of a permanent + * of a key, and the library asks for the description of a persistent * key not present in the key slots, the key slots currently accessed by * the library cannot be reclaimed to free a key slot to load the - * permanent key. + * persistent key. * . In case of a multi-threaded application where one thread asks to close * or purge or destroy a key while it is in used by the library through * another thread. diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 5a1fc741fa73..a114eecdbf62 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -175,7 +175,7 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t slot_idx; - psa_key_slot_t *selected_slot, *unaccessed_permanent_key_slot; + psa_key_slot_t *selected_slot, *unaccessed_persistent_key_slot; if( ! global_data.key_slots_initialized ) { @@ -183,7 +183,7 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, goto error; } - selected_slot = unaccessed_permanent_key_slot = NULL; + selected_slot = unaccessed_persistent_key_slot = NULL; for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ ) { psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; @@ -193,22 +193,23 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, break; } - if( ( unaccessed_permanent_key_slot == NULL ) && + if( ( unaccessed_persistent_key_slot == NULL ) && ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) && ( ! psa_is_key_slot_accessed( slot ) ) ) - unaccessed_permanent_key_slot = slot; + unaccessed_persistent_key_slot = slot; } /* * If there is no unused key slot and there is at least one unaccessed key * slot containing the description of a permament key, recycle the first * such key slot we encountered. If we need later on to operate on the - * permanent key we evict now, we will reload its description from storage. + * persistent key we evict now, we will reload its description from + * storage. */ if( ( selected_slot == NULL ) && - ( unaccessed_permanent_key_slot != NULL ) ) + ( unaccessed_persistent_key_slot != NULL ) ) { - selected_slot = unaccessed_permanent_key_slot; + selected_slot = unaccessed_persistent_key_slot; selected_slot->access_count = 1; psa_wipe_key_slot( selected_slot ); } diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index d2d6c01b9a74..396cdfb531ba 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -187,8 +187,8 @@ invalid_handle:INVALID_HANDLE_HUGE:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HA Open many transient keys many_transient_keys:42 -# Eviction from a key slot to be able to import a new permanent key. -Key slot eviction to import a new permanent key +# Eviction from a key slot to be able to import a new persistent key. +Key slot eviction to import a new persistent key key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_PERSISTENT # Eviction from a key slot to be able to import a new volatile key. @@ -197,12 +197,12 @@ key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_VOLATILE # Check that non reusable key slots are not deleted/overwritten in case of key # slot starvation: -# . An attempt to access a permanent key while all RAM key slots are occupied +# . An attempt to access a persistent key while all RAM key slots are occupied # by volatile keys fails and does not lead to volatile key data to be # spoiled. -# . With all key slot in use with one containing a permanent key, an attempt -# to copy the permanent key fails (the permanent key slot cannot be reclaimed -# as it is accessed by the copy process) without the permament key data and -# volatile key data being spoiled. +# . With all key slot in use with one containing a persistent key, an attempt +# to copy the persistent key fails (the persistent key slot cannot be +# reclaimed as it is accessed by the copy process) without the persistent key +# data and volatile key data being spoiled. Non reusable key slots integrity in case of key slot starvation non_reusable_key_slots_integrity_in_case_of_key_slot_starvation diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 321ce4f3361c..ac2e6f7fc56c 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -97,7 +97,7 @@ static int invalidate_key( invalidate_method_t invalidate_method, { switch( invalidate_method ) { - /* Closing the key invalidate only volatile keys, not permanent ones. */ + /* Closing the key invalidate only volatile keys, not persistent ones. */ case INVALIDATE_BY_CLOSING: case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: PSA_ASSERT( psa_close_key( key ) ); @@ -960,8 +960,8 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( ) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t exported[sizeof( size_t )]; size_t exported_length; - mbedtls_svc_key_id_t permanent_key = MBEDTLS_SVC_KEY_ID_INIT; - mbedtls_svc_key_id_t permanent_key2 = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t persistent_key = MBEDTLS_SVC_KEY_ID_INIT; + mbedtls_svc_key_id_t persistent_key2 = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t *keys = NULL; @@ -976,15 +976,15 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( ) psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); /* - * Create a permanent key + * Create a persistent key */ - permanent_key = mbedtls_svc_key_id_make( 0x100, 0x205 ); - psa_set_key_id( &attributes, permanent_key ); + persistent_key = mbedtls_svc_key_id_make( 0x100, 0x205 ); + psa_set_key_id( &attributes, persistent_key ); PSA_ASSERT( psa_import_key( &attributes, - (uint8_t *) &permanent_key, - sizeof( permanent_key ), + (uint8_t *) &persistent_key, + sizeof( persistent_key ), &returned_key_id ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, permanent_key ) ); + TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, persistent_key ) ); /* * Create PSA_KEY_SLOT_COUNT volatile keys @@ -1003,7 +1003,7 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( ) * occupied by volatile keys and the implementation needs to load the * persistent key description in a slot to be able to access it. */ - status = psa_get_key_attributes( permanent_key, &attributes ); + status = psa_get_key_attributes( persistent_key, &attributes ); TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY ); /* @@ -1020,18 +1020,18 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( ) /* * Check that we can now access the persistent key again. */ - PSA_ASSERT( psa_get_key_attributes( permanent_key, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( persistent_key, &attributes ) ); TEST_ASSERT( mbedtls_svc_key_id_equal( attributes.core.id, - permanent_key ) ); + persistent_key ) ); /* * Check that we cannot copy the persistent key as all slots are occupied - * by the permanent key and the volatile keys and the slot containing the - * permanent key cannot be reclaimed as it contains the key to copy. + * by the persistent key and the volatile keys and the slot containing the + * persistent key cannot be reclaimed as it contains the key to copy. */ - permanent_key2 = mbedtls_svc_key_id_make( 0x100, 0x204 ); - psa_set_key_id( &attributes, permanent_key2 ); - status = psa_copy_key( permanent_key, &attributes, &returned_key_id ); + persistent_key2 = mbedtls_svc_key_id_make( 0x100, 0x204 ); + psa_set_key_id( &attributes, persistent_key2 ); + status = psa_copy_key( persistent_key, &attributes, &returned_key_id ); TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY ); /* @@ -1053,12 +1053,12 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( ) * value. */ - PSA_ASSERT( psa_export_key( permanent_key, exported, sizeof( exported ), + PSA_ASSERT( psa_export_key( persistent_key, exported, sizeof( exported ), &exported_length ) ); ASSERT_COMPARE( exported, exported_length, - (uint8_t *) &permanent_key, sizeof( permanent_key ) ); + (uint8_t *) &persistent_key, sizeof( persistent_key ) ); exit: - psa_destroy_key( permanent_key ); + psa_destroy_key( persistent_key ); PSA_DONE( ); mbedtls_free( keys ); } From 7587ae49cb4f4fb6e1270dc376bab7110456d5ec Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 11 Nov 2020 15:04:25 +0100 Subject: [PATCH 40/55] Miscellaneous documentation improvements Signed-off-by: Ronald Cron --- library/psa_crypto.c | 3 +++ library/psa_crypto_slot_management.h | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3e174f9c2e5c..4384a43102f2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1191,6 +1191,9 @@ static psa_status_t psa_restrict_key_policy( * usage flags set in \p usage. If \p alg is nonzero, the key must allow * operations with this algorithm. * + * In case of a persistent key, the function loads the description of the key + * into a key slot if not already done. + * * On success, the access counter of the returned key slot is incremented by * one. It is the responsibility of the caller to call * psa_decrement_key_slot_access_count() when it does not access the key slot diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index d22e343bc0f5..8d3c3840a1f4 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -82,7 +82,8 @@ static inline int psa_key_id_is_volatile( psa_key_id_t key_id ) * * \retval #PSA_SUCCESS * The pointer to the key slot containing the description of the key - * identified by \p key was returned. + * identified by \p key was returned. The key slot counter was + * implemented. * \retval #PSA_ERROR_BAD_STATE * The library has not been initialized. * \retval #PSA_ERROR_INVALID_HANDLE From 7d54f661d3450ef1ad41d13891a03474826835ac Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 11 Nov 2020 15:19:20 +0100 Subject: [PATCH 41/55] Miscellaneous coding style fixes Signed-off-by: Ronald Cron --- .../test_suite_psa_crypto_slot_management.function | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index ac2e6f7fc56c..08f1f7e495cf 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -172,13 +172,13 @@ void transient_slot_lifecycle( int owner_id_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Import a key. */ - #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) +#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) mbedtls_key_owner_id_t owner_id = owner_id_arg; mbedtls_set_key_owner_id( &attributes, owner_id ); - #else +#else (void)owner_id_arg; - #endif +#endif psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); @@ -190,7 +190,7 @@ void transient_slot_lifecycle( int owner_id_arg, TEST_EQUAL( psa_get_key_type( &attributes ), type ); psa_reset_key_attributes( &attributes ); - #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) +#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) { psa_key_handle_t handle; mbedtls_svc_key_id_t key_with_invalid_owner = @@ -203,7 +203,7 @@ void transient_slot_lifecycle( int owner_id_arg, TEST_EQUAL( psa_open_key( key_with_invalid_owner, &handle ), PSA_ERROR_DOES_NOT_EXIST ); } - #endif +#endif /* * Purge the key and make sure that it is still valid, as purging a From f473d8b44b05a0cfa117e28bfd8212e55e353e24 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 12 Nov 2020 10:07:21 +0100 Subject: [PATCH 42/55] psa: slot mgmt: Improve psa_search_key_in_slots implementation In case of a volatile key identifier, no need to check first the validity of the key identifier, a volatile key identifier is valid. Move to a forward search for non-volatile key identifiers as now key slots with small index are allocated first by psa_get_empty_key_slot(). Signed-off-by: Ronald Cron --- library/psa_crypto_slot_management.c | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index a114eecdbf62..9075beb4e9b2 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -109,34 +109,31 @@ psa_status_t psa_validate_key_id( static psa_status_t psa_search_key_in_slots( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); + size_t slot_idx; psa_key_slot_t *slot = NULL; - psa_status_t status = psa_validate_key_id( key, 1, 1 ); - if( status != PSA_SUCCESS ) - return( status ); - if( psa_key_id_is_volatile( key_id ) ) { slot = &global_data.key_slots[ key_id - PSA_KEY_ID_VOLATILE_MIN ]; - - if( ! mbedtls_svc_key_id_equal( key, slot->attr.id ) ) - status = PSA_ERROR_DOES_NOT_EXIST; + status = mbedtls_svc_key_id_equal( key, slot->attr.id ) ? + PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST; } else { - status = PSA_ERROR_DOES_NOT_EXIST; - slot = &global_data.key_slots[ PSA_KEY_SLOT_COUNT ]; + status = psa_validate_key_id( key, 1, 1 ); + if( status != PSA_SUCCESS ) + return( status ); - while( slot > &global_data.key_slots[ 0 ] ) + for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ ) { - slot--; + slot = &global_data.key_slots[ slot_idx ]; if( mbedtls_svc_key_id_equal( key, slot->attr.id ) ) - { - status = PSA_SUCCESS; break; - } } + status = ( slot_idx < PSA_KEY_SLOT_COUNT ) ? + PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST; } if( status == PSA_SUCCESS ) From cbd7beab0d8ce79bf2c5d044ac7a5a86ec2b9277 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 11 Nov 2020 14:57:44 +0100 Subject: [PATCH 43/55] psa: slot mgmt: Simplify psa_validate_key_id Special handling of volatile key identifiers is not needed eventually, they can be handled just as key identifier in the vendor range. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 2 +- library/psa_crypto_slot_management.c | 11 +++-------- library/psa_crypto_slot_management.h | 5 +---- 3 files changed, 5 insertions(+), 13 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4384a43102f2..61f0ad4a4188 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1870,7 +1870,7 @@ static psa_status_t psa_validate_key_attributes( } else { - status = psa_validate_key_id( psa_get_key_id( attributes ), 0, 0 ); + status = psa_validate_key_id( psa_get_key_id( attributes ), 0 ); if( status != PSA_SUCCESS ) return( status ); } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 9075beb4e9b2..d8a3ca8ec461 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -52,7 +52,7 @@ typedef struct static psa_global_data_t global_data; psa_status_t psa_validate_key_id( - mbedtls_svc_key_id_t key, int vendor_ok, int volatile_ok ) + mbedtls_svc_key_id_t key, int vendor_ok ) { psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); @@ -62,12 +62,7 @@ psa_status_t psa_validate_key_id( if( vendor_ok && ( PSA_KEY_ID_VENDOR_MIN <= key_id ) && - ( key_id < PSA_KEY_ID_VOLATILE_MIN ) ) - return( PSA_SUCCESS ); - - if( volatile_ok && - ( PSA_KEY_ID_VOLATILE_MIN <= key_id ) && - ( key_id <= PSA_KEY_ID_VOLATILE_MAX ) ) + ( key_id <= PSA_KEY_ID_VENDOR_MAX ) ) return( PSA_SUCCESS ); return( PSA_ERROR_INVALID_HANDLE ); @@ -122,7 +117,7 @@ static psa_status_t psa_search_key_in_slots( } else { - status = psa_validate_key_id( key, 1, 1 ); + status = psa_validate_key_id( key, 1 ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 8d3c3840a1f4..75ce0ac6cfb3 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -212,13 +212,10 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ); * \param[in] vendor_ok Non-zero to indicate that key identifiers in the * vendor range are allowed, volatile key identifiers * excepted \c 0 otherwise. - * \param[in] volatile_ok Non-zero to indicate that volatile key identifiers - * are allowed \c 0 otherwise. * * \retval #PSA_SUCCESS The identifier is valid. * \retval #PSA_ERROR_INVALID_ARGUMENT The key identifier is not valid. */ -psa_status_t psa_validate_key_id( - mbedtls_svc_key_id_t key, int vendor_ok, int volatile_ok ); +psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ); #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ From 9e12f8f425a9b38ec47f67868b1411b4756755ab Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 13 Nov 2020 09:46:44 +0100 Subject: [PATCH 44/55] tests: psa crypto: Fix lifetime_is_secure_element() Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto.function | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 82797681ef94..b03df3d4b1be 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -108,12 +108,10 @@ static const size_t INVALID_EXPORT_LENGTH = ~0U; #endif #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -int lifetime_is_secure_element( psa_key_lifetime_t lifetime ) +int lifetime_is_dynamic_secure_element( psa_key_lifetime_t lifetime ) { - /* At the moment, anything that isn't a built-in lifetime is either - * a secure element or unassigned. */ - return( ( ! PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) && - lifetime != PSA_KEY_LIFETIME_PERSISTENT ); + return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) != + PSA_KEY_LOCATION_LOCAL_STORAGE ); } #else int lifetime_is_secure_element( psa_key_lifetime_t lifetime ) @@ -263,7 +261,7 @@ int check_key_attributes_sanity( mbedtls_svc_key_id_t key ) /* randomly-generated 64-bit constant, should never appear in test data */ psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21; psa_status_t status = psa_get_key_slot_number( &attributes, &slot_number ); - if( lifetime_is_secure_element( lifetime ) ) + if( lifetime_is_dynamic_secure_element( lifetime ) ) { /* Mbed Crypto currently always exposes the slot number to * applications. This is not mandated by the PSA specification From c9851141a2e16fe98793f687e4e919cf76b072b6 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 13 Nov 2020 10:08:52 +0100 Subject: [PATCH 45/55] programs: ssl: Fix printf parameter type cast Signed-off-by: Ronald Cron --- programs/ssl/ssl_client2.c | 2 +- programs/ssl/ssl_server2.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index f92a73e4b630..fc69061172dd 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -3580,7 +3580,7 @@ int main( int argc, char *argv[] ) ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) { mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (int) slot, (int) status ); + (unsigned) slot, (int) status ); if( ret == 0 ) ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index c5ff30354ebf..ceeb2245ee00 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -4521,7 +4521,7 @@ int main( int argc, char *argv[] ) ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) { mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (int) psk_slot, (int) status ); + (unsigned) psk_slot, (int) status ); } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED && From 4640c15deb49c98ec4e697b2e5e53a6f06f6770e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 13 Nov 2020 10:11:01 +0100 Subject: [PATCH 46/55] psa: Remove error message output Remove error message output in case of unexpected access counter as Signed-off-by: Ronald Cron --- library/psa_crypto.c | 7 +------ library/psa_crypto_slot_management.c | 7 +------ 2 files changed, 2 insertions(+), 12 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 61f0ad4a4188..6b2b500c7ab4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1308,17 +1308,12 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) * do our best to report an unexpected access counter: if available * call MBEDTLS_PARAM_FAILED that may terminate execution (if called as * part of the execution of a test suite this will stop the test suite - * execution) and if MBEDTLS_PARAM_FAILED does not terminate execution - * ouput an error message on standard error output. + * execution). */ if( slot->access_count != 1 ) { #ifdef MBEDTLS_CHECK_PARAMS MBEDTLS_PARAM_FAILED( slot->access_count == 1 ); -#endif -#ifdef MBEDTLS_PLATFORM_C - mbedtls_fprintf( stderr, - "\nFATAL psa_wipe_key_slot Unexpected access counter value\n."); #endif status = PSA_ERROR_CORRUPTION_DETECTED; } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index d8a3ca8ec461..5d20532e8b52 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -317,16 +317,11 @@ psa_status_t psa_decrement_key_slot_access_count( psa_key_slot_t *slot ) * do our best to report if the access counter is equal to zero: if * available call MBEDTLS_PARAM_FAILED that may terminate execution (if * called as part of the execution of a unit test suite this will stop the - * test suite execution) and if MBEDTLS_PARAM_FAILED does not terminate - * execution ouput an error message on standard error output. + * test suite execution). */ #ifdef MBEDTLS_CHECK_PARAMS MBEDTLS_PARAM_FAILED( slot->access_count > 0 ); #endif -#ifdef MBEDTLS_PLATFORM_C - mbedtls_fprintf( stderr, - "\nFATAL psa_decrement_key_slot_access_count Decrementing a zero access counter.\n" ); -#endif return( PSA_ERROR_CORRUPTION_DETECTED ); } From cbf6a1d651a07726c527a2b7d7355fecee35ae23 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 13 Nov 2020 15:59:59 +0100 Subject: [PATCH 47/55] psa: slot mgmt: Add access counter overflow check It adds a bit a code for not much but that way we are such that a count overflow cannot occur. Signed-off-by: Ronald Cron --- library/psa_crypto_slot_management.c | 10 +++++++--- library/psa_crypto_slot_management.h | 13 ++++++++++++- 2 files changed, 19 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 5d20532e8b52..943923f5dba0 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -133,8 +133,9 @@ static psa_status_t psa_search_key_in_slots( if( status == PSA_SUCCESS ) { - *p_slot = slot; - psa_increment_key_slot_access_count( slot ); + status = psa_increment_key_slot_access_count( slot ); + if( status == PSA_SUCCESS ) + *p_slot = slot; } return( status ); @@ -208,10 +209,13 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, if( selected_slot != NULL ) { + status = psa_increment_key_slot_access_count( selected_slot ); + if( status != PSA_SUCCESS ) + goto error; + *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + ( (psa_key_id_t)( selected_slot - global_data.key_slots ) ); *p_slot = selected_slot; - psa_increment_key_slot_access_count( selected_slot ); return( PSA_SUCCESS ); } diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 75ce0ac6cfb3..db5acba3bbd5 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -137,10 +137,21 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, * This function increments the slot access counter by one. * * \param[in] slot The key slot. + * + * \retval #PSA_SUCCESS + The access count was incremented. + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * The access count already reached its maximum value and was not + * increased. */ -static inline void psa_increment_key_slot_access_count( psa_key_slot_t *slot ) +static inline psa_status_t psa_increment_key_slot_access_count( psa_key_slot_t *slot ) { + if( slot->access_count >= SIZE_MAX ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + slot->access_count++; + + return( PSA_SUCCESS ); } /** Decrement slot access counter. From 5097294be9f0327fdfae5c578bfea003d6c9d1ff Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 14 Nov 2020 11:28:25 +0100 Subject: [PATCH 48/55] psa: Decrement slot access count when finalizing key creation Decrement the slot access count in psa_finish_key_creation() when the finalization succeeds instead of in functions calling psa_finish_key_creation(). That way the decrementation cannot be forgotten and it reduces the code size. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6b2b500c7ab4..ac525d538dbf 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2030,6 +2030,10 @@ static psa_status_t psa_start_key_creation( * See the documentation of psa_start_key_creation() for the intended use * of this function. * + * If the finalization succeeds, the function decreases the slot access + * counter (that was incremented as part of psa_start_key_creation()) and the + * slot cannot be accessed anymore as part of the key creation process. + * * \param[in,out] slot Pointer to the slot with key material. * \param[in] driver The secure element driver for the key, * or NULL for a transparent key. @@ -2093,11 +2097,12 @@ static psa_status_t psa_finish_key_creation( return( status ); } status = psa_crypto_stop_transaction( ); - if( status != PSA_SUCCESS ) - return( status ); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + if( status == PSA_SUCCESS ) + status = psa_decrement_key_slot_access_count( slot ); + return( status ); } @@ -2278,8 +2283,6 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, psa_fail_key_creation( slot, driver ); *key = MBEDTLS_SVC_KEY_ID_INIT; } - else - status = psa_decrement_key_slot_access_count( slot ); return( status ); } @@ -2312,8 +2315,6 @@ psa_status_t mbedtls_psa_register_se_key( exit: if( status != PSA_SUCCESS ) psa_fail_key_creation( slot, driver ); - else - status = psa_decrement_key_slot_access_count( slot ); /* Registration doesn't keep the key in RAM. */ psa_close_key( key ); @@ -2388,8 +2389,6 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, psa_fail_key_creation( target_slot, driver ); *target_key = MBEDTLS_SVC_KEY_ID_INIT; } - else - status = psa_decrement_key_slot_access_count( target_slot ); decrement_status = psa_decrement_key_slot_access_count( source_slot ); @@ -5547,8 +5546,6 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut psa_fail_key_creation( slot, driver ); *key = MBEDTLS_SVC_KEY_ID_INIT; } - else - status = psa_decrement_key_slot_access_count( slot ); return( status ); } @@ -6405,8 +6402,6 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_fail_key_creation( slot, driver ); *key = MBEDTLS_SVC_KEY_ID_INIT; } - else - status = psa_decrement_key_slot_access_count( slot ); return( status ); } From 81709fc78ebe4eee999972a82f4b2108c80fb153 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 14 Nov 2020 12:10:32 +0100 Subject: [PATCH 49/55] psa: Move key identifier return to psa_finish_key_creation() Move the return of the identifier of a created key from psa_start_key_creation() to psa_finish_key_creation(). That way in case of creation error, it is less likely to return the identifier that was temporarily assigned to the key while trying to create it. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 62 +++++++++++++++++++++----------------------- 1 file changed, 30 insertions(+), 32 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ac525d538dbf..41a2263ee8f8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1911,9 +1911,6 @@ static psa_status_t psa_validate_key_attributes( * * \param method An identification of the calling function. * \param[in] attributes Key attributes for the new key. - * \param[out] key On success, identifier of the key. Note that the - * key identifier is also stored in the prepared - * slot. * \param[out] p_slot On success, a pointer to the prepared slot. * \param[out] p_drv On any return, the driver for the key, if any. * NULL for a transparent key. @@ -1926,7 +1923,6 @@ static psa_status_t psa_validate_key_attributes( static psa_status_t psa_start_key_creation( psa_key_creation_method_t method, const psa_key_attributes_t *attributes, - mbedtls_svc_key_id_t *key, psa_key_slot_t **p_slot, psa_se_drv_table_entry_t **p_drv ) { @@ -2018,7 +2014,6 @@ static psa_status_t psa_start_key_creation( } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - *key = slot->attr.id; return( PSA_SUCCESS ); } @@ -2037,6 +2032,8 @@ static psa_status_t psa_start_key_creation( * \param[in,out] slot Pointer to the slot with key material. * \param[in] driver The secure element driver for the key, * or NULL for a transparent key. + * \param[out] key On success, identifier of the key. Note that the + * key identifier is also stored in the key slot. * * \retval #PSA_SUCCESS * The key was successfully created. @@ -2045,7 +2042,8 @@ static psa_status_t psa_start_key_creation( */ static psa_status_t psa_finish_key_creation( psa_key_slot_t *slot, - psa_se_drv_table_entry_t *driver ) + psa_se_drv_table_entry_t *driver, + mbedtls_svc_key_id_t *key) { psa_status_t status = PSA_SUCCESS; (void) slot; @@ -2101,7 +2099,12 @@ static psa_status_t psa_finish_key_creation( #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ if( status == PSA_SUCCESS ) + { + *key = slot->attr.id; status = psa_decrement_key_slot_access_count( slot ); + if( status != PSA_SUCCESS ) + *key = MBEDTLS_SVC_KEY_ID_INIT; + } return( status ); } @@ -2228,6 +2231,8 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; + *key = MBEDTLS_SVC_KEY_ID_INIT; + /* Reject zero-length symmetric keys (including raw data key objects). * This also rejects any key which might be encoded as an empty string, * which is never valid. */ @@ -2235,7 +2240,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes, - key, &slot, &driver ); + &slot, &driver ); if( status != PSA_SUCCESS ) goto exit; @@ -2276,13 +2281,10 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) goto exit; - status = psa_finish_key_creation( slot, driver ); + status = psa_finish_key_creation( slot, driver, key ); exit: if( status != PSA_SUCCESS ) - { psa_fail_key_creation( slot, driver ); - *key = MBEDTLS_SVC_KEY_ID_INIT; - } return( status ); } @@ -2306,11 +2308,11 @@ psa_status_t mbedtls_psa_register_se_key( return( PSA_ERROR_NOT_SUPPORTED ); status = psa_start_key_creation( PSA_KEY_CREATION_REGISTER, attributes, - &key, &slot, &driver ); + &slot, &driver ); if( status != PSA_SUCCESS ) goto exit; - status = psa_finish_key_creation( slot, driver ); + status = psa_finish_key_creation( slot, driver, &key ); exit: if( status != PSA_SUCCESS ) @@ -2348,6 +2350,8 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, psa_key_attributes_t actual_attributes = *specified_attributes; psa_se_drv_table_entry_t *driver = NULL; + *target_key = MBEDTLS_SVC_KEY_ID_INIT; + status = psa_get_transparent_key( source_key, &source_slot, PSA_KEY_USAGE_COPY, 0 ); if( status != PSA_SUCCESS ) @@ -2363,9 +2367,8 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, if( status != PSA_SUCCESS ) goto exit; - status = psa_start_key_creation( PSA_KEY_CREATION_COPY, - &actual_attributes, - target_key, &target_slot, &driver ); + status = psa_start_key_creation( PSA_KEY_CREATION_COPY, &actual_attributes, + &target_slot, &driver ); if( status != PSA_SUCCESS ) goto exit; @@ -2382,13 +2385,10 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, if( status != PSA_SUCCESS ) goto exit; - status = psa_finish_key_creation( target_slot, driver ); + status = psa_finish_key_creation( target_slot, driver, target_key ); exit: if( status != PSA_SUCCESS ) - { psa_fail_key_creation( target_slot, driver ); - *target_key = MBEDTLS_SVC_KEY_ID_INIT; - } decrement_status = psa_decrement_key_slot_access_count( source_slot ); @@ -5516,6 +5516,8 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; + *key = MBEDTLS_SVC_KEY_ID_INIT; + /* Reject any attempt to create a zero-length key so that we don't * risk tripping up later, e.g. on a malloc(0) that returns NULL. */ if( psa_get_key_bits( attributes ) == 0 ) @@ -5524,8 +5526,8 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut if( ! operation->can_output_key ) return( PSA_ERROR_NOT_PERMITTED ); - status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE, - attributes, key, &slot, &driver ); + status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE, attributes, + &slot, &driver ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) { @@ -5540,12 +5542,9 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut operation ); } if( status == PSA_SUCCESS ) - status = psa_finish_key_creation( slot, driver ); + status = psa_finish_key_creation( slot, driver, key ); if( status != PSA_SUCCESS ) - { psa_fail_key_creation( slot, driver ); - *key = MBEDTLS_SVC_KEY_ID_INIT; - } return( status ); } @@ -6374,13 +6373,15 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; + *key = MBEDTLS_SVC_KEY_ID_INIT; + /* Reject any attempt to create a zero-length key so that we don't * risk tripping up later, e.g. on a malloc(0) that returns NULL. */ if( psa_get_key_bits( attributes ) == 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE, - attributes, key, &slot, &driver ); + status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE, attributes, + &slot, &driver ); if( status != PSA_SUCCESS ) goto exit; @@ -6396,12 +6397,9 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, exit: if( status == PSA_SUCCESS ) - status = psa_finish_key_creation( slot, driver ); + status = psa_finish_key_creation( slot, driver, key ); if( status != PSA_SUCCESS ) - { psa_fail_key_creation( slot, driver ); - *key = MBEDTLS_SVC_KEY_ID_INIT; - } return( status ); } From ab79bd27b6fe7c91a77246138f1c26c2d77f396f Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 14 Nov 2020 14:19:11 +0100 Subject: [PATCH 50/55] tests: slot mgmt: Improve key_slot_eviction_to_import_new_key test Signed-off-by: Ronald Cron --- .../suites/test_suite_psa_crypto_slot_management.function | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 08f1f7e495cf..474fbe7c9d91 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -915,15 +915,16 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg ) i = PSA_KEY_SLOT_COUNT; key = mbedtls_svc_key_id_make( i, i + 1 ); psa_set_key_id( &attributes, key ); - - if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) - psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE ); + psa_set_key_lifetime( &attributes, lifetime ); PSA_ASSERT( psa_import_key( &attributes, (uint8_t *) &i, sizeof( i ), &returned_key_id ) ); if( lifetime != PSA_KEY_LIFETIME_VOLATILE ) TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key ) ); + else + TEST_ASSERT( psa_key_id_is_volatile( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( returned_key_id ) ) ); /* * Check that we can export all ( PSA_KEY_SLOT_COUNT + 1 ) keys, From 5c522920ba90522550de5007b3f77d5712100701 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 14 Nov 2020 16:35:34 +0100 Subject: [PATCH 51/55] psa: Rename functions to get a key slot Rename functions to get a key slot: . to make their naming more consistent . to emphasize that those functions set a lock on the key slot they return to protect it from being wiped out and re-used while some part of the library is accessing it. Signed-off-by: Ronald Cron --- include/psa/crypto_extra.h | 4 +- library/psa_crypto.c | 219 ++++++++++++------------ library/psa_crypto_core.h | 18 +- library/psa_crypto_slot_management.c | 92 +++++----- library/psa_crypto_slot_management.h | 53 +++--- tests/include/test/psa_crypto_helpers.h | 4 +- 6 files changed, 196 insertions(+), 194 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 7986eb23b743..0c90cb2d1369 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -231,8 +231,8 @@ typedef struct mbedtls_psa_stats_s size_t cache_slots; /** Number of slots that are not used for anything. */ size_t empty_slots; - /** Number of slots that are not accessed. */ - size_t unaccessed_slots; + /** Number of slots that are not locked. */ + size_t unlocked_slots; /** Largest key id value among open keys in internal persistent storage. */ psa_key_id_t max_open_internal_key_id; /** Largest key id value among open keys in secure elements. */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 41a2263ee8f8..6a07cbd0b3b5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1187,27 +1187,28 @@ static psa_status_t psa_restrict_key_policy( return( PSA_SUCCESS ); } -/** Retrieve a slot which must contain a key. The key must have allow all the - * usage flags set in \p usage. If \p alg is nonzero, the key must allow - * operations with this algorithm. +/** Get the description of a key given its identifier and policy constraints + * and lock it. * - * In case of a persistent key, the function loads the description of the key - * into a key slot if not already done. + * The key must have allow all the usage flags set in \p usage. If \p alg is + * nonzero, the key must allow operations with this algorithm. * - * On success, the access counter of the returned key slot is incremented by - * one. It is the responsibility of the caller to call - * psa_decrement_key_slot_access_count() when it does not access the key slot - * anymore. + * In case of a persistent key, the function loads the description of the key + * into a key slot if not already done. + * + * On success, the returned key slot is locked. It is the responsibility of + * the caller to unlock the key slot when it does not access it anymore. */ -static psa_status_t psa_get_key_from_slot( mbedtls_svc_key_id_t key, - psa_key_slot_t **p_slot, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static psa_status_t psa_get_and_lock_key_slot_with_policy( + mbedtls_svc_key_id_t key, + psa_key_slot_t **p_slot, + psa_key_usage_t usage, + psa_algorithm_t alg ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - status = psa_get_key_slot( key, p_slot ); + status = psa_get_and_lock_key_slot( key, p_slot ); if( status != PSA_SUCCESS ) return( status ); slot = *p_slot; @@ -1231,37 +1232,38 @@ static psa_status_t psa_get_key_from_slot( mbedtls_svc_key_id_t key, error: *p_slot = NULL; - psa_decrement_key_slot_access_count( slot ); + psa_unlock_key_slot( slot ); return( status ); } -/** Retrieve a slot which must contain a transparent key. +/** Get a key slot containing a transparent key and lock it. * * A transparent key is a key for which the key material is directly * available, as opposed to a key in a secure element. * - * This is a temporary function to use instead of psa_get_key_from_slot() - * until secure element support is fully implemented. + * This is a temporary function to use instead of + * psa_get_and_lock_key_slot_with_policy() until secure element support is + * fully implemented. * - * On success, the access counter of the returned key slot is incremented by - * one. It is the responsibility of the caller to call - * psa_decrement_key_slot_access_count() when it does not access the key slot - * anymore. + * On success, the returned key slot is locked. It is the responsibility of the + * caller to unlock the key slot when it does not access it anymore. */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -static psa_status_t psa_get_transparent_key( mbedtls_svc_key_id_t key, - psa_key_slot_t **p_slot, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( + mbedtls_svc_key_id_t key, + psa_key_slot_t **p_slot, + psa_key_usage_t usage, + psa_algorithm_t alg ) { - psa_status_t status = psa_get_key_from_slot( key, p_slot, usage, alg ); + psa_status_t status = psa_get_and_lock_key_slot_with_policy( key, p_slot, + usage, alg ); if( status != PSA_SUCCESS ) return( status ); if( psa_key_slot_is_external( *p_slot ) ) { - psa_decrement_key_slot_access_count( *p_slot ); + psa_unlock_key_slot( *p_slot ); *p_slot = NULL; return( PSA_ERROR_NOT_SUPPORTED ); } @@ -1270,8 +1272,8 @@ static psa_status_t psa_get_transparent_key( mbedtls_svc_key_id_t key, } #else /* MBEDTLS_PSA_CRYPTO_SE_C */ /* With no secure element support, all keys are transparent. */ -#define psa_get_transparent_key( key, p_slot, usage, alg ) \ - psa_get_key_from_slot( key, p_slot, usage, alg ) +#define psa_get_and_lock_transparent_key_slot_with_policy( key, p_slot, usage, alg ) \ + psa_get_and_lock_key_slot_with_policy( key, p_slot, usage, alg ) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ /** Wipe key data from a slot. Preserve metadata such as the policy. */ @@ -1305,15 +1307,15 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) /* * As the return error code may not be handled in case of multiple errors, - * do our best to report an unexpected access counter: if available + * do our best to report an unexpected lock counter: if available * call MBEDTLS_PARAM_FAILED that may terminate execution (if called as * part of the execution of a test suite this will stop the test suite * execution). */ - if( slot->access_count != 1 ) + if( slot->lock_count != 1 ) { #ifdef MBEDTLS_CHECK_PARAMS - MBEDTLS_PARAM_FAILED( slot->access_count == 1 ); + MBEDTLS_PARAM_FAILED( slot->lock_count == 1 ); #endif status = PSA_ERROR_CORRUPTION_DETECTED; } @@ -1349,7 +1351,7 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) * the key is operated by an SE or not and this information is needed by * the current implementation. */ - status = psa_get_key_slot( key, &slot ); + status = psa_get_and_lock_key_slot( key, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -1360,9 +1362,9 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) * implemented), the key should be destroyed when all accesses have * stopped. */ - if( slot->access_count > 1 ) + if( slot->lock_count > 1 ) { - psa_decrement_key_slot_access_count( slot ); + psa_unlock_key_slot( slot ); return( PSA_ERROR_GENERIC_ERROR ); } @@ -1533,12 +1535,12 @@ psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, psa_key_attributes_t *attributes ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; psa_reset_key_attributes( attributes ); - status = psa_get_key_from_slot( key, &slot, 0, 0 ); + status = psa_get_and_lock_key_slot_with_policy( key, &slot, 0, 0 ); if( status != PSA_SUCCESS ) return( status ); @@ -1589,9 +1591,9 @@ psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, if( status != PSA_SUCCESS ) psa_reset_key_attributes( attributes ); - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -1752,7 +1754,7 @@ psa_status_t psa_export_key( mbedtls_svc_key_id_t key, size_t *data_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; /* Set the key to empty now, so that even when there are errors, we always @@ -1762,16 +1764,18 @@ psa_status_t psa_export_key( mbedtls_svc_key_id_t key, *data_length = 0; /* Export requires the EXPORT flag. There is an exception for public keys, - * which don't require any flag, but psa_get_key_from_slot takes - * care of this. */ - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_EXPORT, 0 ); + * which don't require any flag, but + * psa_get_and_lock_key_slot_with_policy() takes care of this. + */ + status = psa_get_and_lock_key_slot_with_policy( key, &slot, + PSA_KEY_USAGE_EXPORT, 0 ); if( status != PSA_SUCCESS ) return( status ); status = psa_internal_export_key( slot, data, data_size, data_length, 0 ); - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, @@ -1780,7 +1784,7 @@ psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, size_t *data_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; /* Set the key to empty now, so that even when there are errors, we always @@ -1790,14 +1794,14 @@ psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, *data_length = 0; /* Exporting a public key doesn't require a usage flag. */ - status = psa_get_key_from_slot( key, &slot, 0, 0 ); + status = psa_get_and_lock_key_slot_with_policy( key, &slot, 0, 0 ); if( status != PSA_SUCCESS ) return( status ); status = psa_internal_export_key( slot, data, data_size, data_length, 1 ); - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } #if defined(static_assert) @@ -1904,10 +1908,8 @@ static psa_status_t psa_validate_key_attributes( * In case of failure at any step, stop the sequence and call * psa_fail_key_creation(). * - * On success, the access counter of the returned key slot is incremented by - * one. It is the responsibility of the caller to call - * psa_decrement_key_slot_access_count() when it does not access the key slot - * anymore. + * On success, the key slot is locked. It is the responsibility of the caller + * to unlock the key slot when it does not access it anymore. * * \param method An identification of the calling function. * \param[in] attributes Key attributes for the new key. @@ -2025,9 +2027,9 @@ static psa_status_t psa_start_key_creation( * See the documentation of psa_start_key_creation() for the intended use * of this function. * - * If the finalization succeeds, the function decreases the slot access - * counter (that was incremented as part of psa_start_key_creation()) and the - * slot cannot be accessed anymore as part of the key creation process. + * If the finalization succeeds, the function unlocks the key slot (it was + * locked by psa_start_key_creation()) and the key slot cannot be accessed + * anymore as part of the key creation process. * * \param[in,out] slot Pointer to the slot with key material. * \param[in] driver The secure element driver for the key, @@ -2101,7 +2103,7 @@ static psa_status_t psa_finish_key_creation( if( status == PSA_SUCCESS ) { *key = slot->attr.id; - status = psa_decrement_key_slot_access_count( slot ); + status = psa_unlock_key_slot( slot ); if( status != PSA_SUCCESS ) *key = MBEDTLS_SVC_KEY_ID_INIT; } @@ -2344,7 +2346,7 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, mbedtls_svc_key_id_t *target_key ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *source_slot = NULL; psa_key_slot_t *target_slot = NULL; psa_key_attributes_t actual_attributes = *specified_attributes; @@ -2352,8 +2354,8 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, *target_key = MBEDTLS_SVC_KEY_ID_INIT; - status = psa_get_transparent_key( source_key, &source_slot, - PSA_KEY_USAGE_COPY, 0 ); + status = psa_get_and_lock_transparent_key_slot_with_policy( + source_key, &source_slot, PSA_KEY_USAGE_COPY, 0 ); if( status != PSA_SUCCESS ) goto exit; @@ -2390,9 +2392,9 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, if( status != PSA_SUCCESS ) psa_fail_key_creation( target_slot, driver ); - decrement_status = psa_decrement_key_slot_access_count( source_slot ); + unlock_status = psa_unlock_key_slot( source_slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } @@ -3179,7 +3181,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, int is_sign ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; size_t key_bits; psa_key_usage_t usage = @@ -3199,7 +3201,8 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, if( is_sign ) operation->is_sign = 1; - status = psa_get_transparent_key( key, &slot, usage, alg ); + status = psa_get_and_lock_transparent_key_slot_with_policy( + key, &slot, usage, alg ); if( status != PSA_SUCCESS ) goto exit; key_bits = psa_get_key_slot_bits( slot ); @@ -3289,9 +3292,9 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, operation->key_set = 1; } - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation, @@ -3789,7 +3792,7 @@ psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, size_t *signature_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; *signature_length = signature_size; @@ -3800,7 +3803,9 @@ psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, if( signature_size == 0 ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_SIGN_HASH, alg ); + status = psa_get_and_lock_key_slot_with_policy( key, &slot, + PSA_KEY_USAGE_SIGN_HASH, + alg ); if( status != PSA_SUCCESS ) goto exit; if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) @@ -3897,9 +3902,9 @@ psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, /* If signature_size is 0 then we have nothing to do. We must not call * memset because signature may be NULL in this case. */ - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, @@ -3910,11 +3915,12 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, size_t signature_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - status = psa_get_key_from_slot( key, &slot, - PSA_KEY_USAGE_VERIFY_HASH, alg ); + status = psa_get_and_lock_key_slot_with_policy( key, &slot, + PSA_KEY_USAGE_VERIFY_HASH, + alg ); if( status != PSA_SUCCESS ) return( status ); @@ -3985,9 +3991,9 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, } exit: - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) @@ -4012,7 +4018,7 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; (void) input; @@ -4026,7 +4032,8 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_transparent_key( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); + status = psa_get_and_lock_transparent_key_slot_with_policy( + key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) || @@ -4100,9 +4107,9 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, } exit: - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, @@ -4116,7 +4123,7 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; (void) input; @@ -4130,7 +4137,8 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_transparent_key( key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); + status = psa_get_and_lock_transparent_key_slot_with_policy( + key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) @@ -4203,9 +4211,9 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, } exit: - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } @@ -4220,7 +4228,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, mbedtls_operation_t cipher_operation ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; int ret = 0; psa_key_slot_t *slot; size_t key_bits; @@ -4238,7 +4246,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, return( PSA_ERROR_INVALID_ARGUMENT ); /* Fetch key material from key storage. */ - status = psa_get_key_from_slot( key, &slot, usage, alg ); + status = psa_get_and_lock_key_slot_with_policy( key, &slot, usage, alg ); if( status != PSA_SUCCESS ) goto exit; @@ -4366,9 +4374,9 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, else psa_cipher_abort( operation ); - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation, @@ -4768,7 +4776,7 @@ static void psa_aead_abort_internal( aead_operation_t *operation ) #endif /* MBEDTLS_GCM_C */ } - psa_decrement_key_slot_access_count( operation->slot ); + psa_unlock_key_slot( operation->slot ); } static psa_status_t psa_aead_setup( aead_operation_t *operation, @@ -4780,7 +4788,8 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, size_t key_bits; mbedtls_cipher_id_t cipher_id; - status = psa_get_transparent_key( key, &operation->slot, usage, alg ); + status = psa_get_and_lock_transparent_key_slot_with_policy( + key, &operation->slot, usage, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -5910,11 +5919,11 @@ psa_status_t psa_key_derivation_input_key( mbedtls_svc_key_id_t key ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - status = psa_get_transparent_key( key, &slot, - PSA_KEY_USAGE_DERIVE, operation->alg ); + status = psa_get_and_lock_transparent_key_slot_with_policy( + key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg ); if( status != PSA_SUCCESS ) { psa_key_derivation_abort( operation ); @@ -5931,9 +5940,9 @@ psa_status_t psa_key_derivation_input_key( slot->data.key.data, slot->data.key.bytes ); - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } @@ -6082,13 +6091,13 @@ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *o size_t peer_key_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; if( ! PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_transparent_key( private_key, &slot, - PSA_KEY_USAGE_DERIVE, operation->alg ); + status = psa_get_and_lock_transparent_key_slot_with_policy( + private_key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg ); if( status != PSA_SUCCESS ) return( status ); status = psa_key_agreement_internal( operation, step, @@ -6104,9 +6113,9 @@ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *o operation->can_output_key = 1; } - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, @@ -6118,7 +6127,7 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t decrement_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot = NULL; if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ) @@ -6126,8 +6135,8 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_get_transparent_key( private_key, &slot, - PSA_KEY_USAGE_DERIVE, alg ); + status = psa_get_and_lock_transparent_key_slot_with_policy( + private_key, &slot, PSA_KEY_USAGE_DERIVE, alg ); if( status != PSA_SUCCESS ) goto exit; @@ -6150,9 +6159,9 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, *output_length = output_size; } - decrement_status = psa_decrement_key_slot_access_count( slot ); + unlock_status = psa_unlock_key_slot( slot ); - return( ( status == PSA_SUCCESS ) ? decrement_status : status ); + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 489be31e2fbe..1492d194360d 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -38,8 +38,7 @@ typedef struct psa_core_key_attributes_t attr; /* - * Number of on-going accesses, read and/or write, to the key slot by the - * library. + * Number of locks, read and/or write, to the key slot by the library. * * This counter is incremented by one each time a library function * retrieves through one of the dedicated internal API a pointer to the @@ -47,7 +46,7 @@ typedef struct * * This counter is decremented by one each time a library function stops * accessing to the key slot and states it by calling the - * psa_decrement_key_slot_access_count() API. + * psa_unlock_key_slot() API. * * This counter is used to prevent resetting the key slot while the library * may access it. For example, such control is needed in the following @@ -61,7 +60,7 @@ typedef struct * or purge or destroy a key while it is in used by the library through * another thread. */ - size_t access_count; + size_t lock_count; union { @@ -101,18 +100,17 @@ static inline int psa_is_key_slot_occupied( const psa_key_slot_t *slot ) return( slot->attr.type != 0 ); } -/** Test whether a key slot is accessed. +/** Test whether a key slot is locked. * - * A key slot is accessed iff its access counter is strickly greater than - * 0. + * A key slot is locked iff its lock counter is strickly greater than 0. * * \param[in] slot The key slot to test. * - * \return 1 if the slot is accessed, 0 otherwise. + * \return 1 if the slot is locked, 0 otherwise. */ -static inline int psa_is_key_slot_accessed( const psa_key_slot_t *slot ) +static inline int psa_is_key_slot_locked( const psa_key_slot_t *slot ) { - return( slot->access_count > 0 ); + return( slot->lock_count > 0 ); } /** Retrieve flags from psa_key_slot_t::attr::core::flags. diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 943923f5dba0..3e186687155d 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -68,25 +68,23 @@ psa_status_t psa_validate_key_id( return( PSA_ERROR_INVALID_HANDLE ); } -/** Search for the description of a key given its identifier. +/** Get the description in memory of a key given its identifier and lock it. * - * The descriptions of volatile keys and loaded persistent keys are - * stored in key slots. This function returns a pointer to the key slot - * containing the description of a key given its identifier. + * The descriptions of volatile keys and loaded persistent keys are + * stored in key slots. This function returns a pointer to the key slot + * containing the description of a key given its identifier. * - * The function searches the key slots containing the description of the key - * with \p key identifier. The function does only read accesses to the key - * slots. The function does not load any persistent key thus does not access - * any storage. + * The function searches the key slots containing the description of the key + * with \p key identifier. The function does only read accesses to the key + * slots. The function does not load any persistent key thus does not access + * any storage. * - * For volatile key identifiers, only one key slot is queried as a volatile - * key with identifier key_id can only be stored in slot of index - * ( key_id - #PSA_KEY_ID_VOLATILE_MIN ). + * For volatile key identifiers, only one key slot is queried as a volatile + * key with identifier key_id can only be stored in slot of index + * ( key_id - #PSA_KEY_ID_VOLATILE_MIN ). * - * On success, the access counter of the returned key slot is incremented by - * one. It is the responsibility of the caller to call - * psa_decrement_key_slot_access_count() when it does not access the key slot - * anymore. + * On success, the function locks the key slot. It is the responsibility of + * the caller to unlock the key slot when it does not access it anymore. * * \param key Key identifier to query. * \param[out] p_slot On success, `*p_slot` contains a pointer to the @@ -101,7 +99,7 @@ psa_status_t psa_validate_key_id( * \retval #PSA_ERROR_DOES_NOT_EXIST * There is no key with key identifier \p key in the key slots. */ -static psa_status_t psa_search_key_in_slots( +static psa_status_t psa_get_and_lock_key_slot_in_memory( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; @@ -133,7 +131,7 @@ static psa_status_t psa_search_key_in_slots( if( status == PSA_SUCCESS ) { - status = psa_increment_key_slot_access_count( slot ); + status = psa_lock_key_slot( slot ); if( status == PSA_SUCCESS ) *p_slot = slot; } @@ -157,7 +155,7 @@ void psa_wipe_all_key_slots( void ) for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ ) { psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; - slot->access_count = 1; + slot->lock_count = 1; (void) psa_wipe_key_slot( slot ); } global_data.key_slots_initialized = 0; @@ -168,7 +166,7 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t slot_idx; - psa_key_slot_t *selected_slot, *unaccessed_persistent_key_slot; + psa_key_slot_t *selected_slot, *unlocked_persistent_key_slot; if( ! global_data.key_slots_initialized ) { @@ -176,7 +174,7 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, goto error; } - selected_slot = unaccessed_persistent_key_slot = NULL; + selected_slot = unlocked_persistent_key_slot = NULL; for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ ) { psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; @@ -186,30 +184,30 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, break; } - if( ( unaccessed_persistent_key_slot == NULL ) && + if( ( unlocked_persistent_key_slot == NULL ) && ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) && - ( ! psa_is_key_slot_accessed( slot ) ) ) - unaccessed_persistent_key_slot = slot; + ( ! psa_is_key_slot_locked( slot ) ) ) + unlocked_persistent_key_slot = slot; } /* - * If there is no unused key slot and there is at least one unaccessed key + * If there is no unused key slot and there is at least one unlocked key * slot containing the description of a permament key, recycle the first * such key slot we encountered. If we need later on to operate on the * persistent key we evict now, we will reload its description from * storage. */ if( ( selected_slot == NULL ) && - ( unaccessed_persistent_key_slot != NULL ) ) + ( unlocked_persistent_key_slot != NULL ) ) { - selected_slot = unaccessed_persistent_key_slot; - selected_slot->access_count = 1; + selected_slot = unlocked_persistent_key_slot; + selected_slot->lock_count = 1; psa_wipe_key_slot( selected_slot ); } if( selected_slot != NULL ) { - status = psa_increment_key_slot_access_count( selected_slot ); + status = psa_lock_key_slot( selected_slot ); if( status != PSA_SUCCESS ) goto error; @@ -267,8 +265,8 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *slot ) } #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, - psa_key_slot_t **p_slot ) +psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, + psa_key_slot_t **p_slot ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; @@ -278,9 +276,9 @@ psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, /* * On success, the pointer to the slot is passed directly to the caller - * thus no need to decrement the key slot access counter here. + * thus no need to unlock the key slot here. */ - status = psa_search_key_in_slots( key, p_slot ); + status = psa_get_and_lock_key_slot_in_memory( key, p_slot ); if( status != PSA_ERROR_DOES_NOT_EXIST ) return( status ); @@ -305,26 +303,26 @@ psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, } -psa_status_t psa_decrement_key_slot_access_count( psa_key_slot_t *slot ) +psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) { if( slot == NULL ) return( PSA_SUCCESS ); - if( slot->access_count > 0 ) + if( slot->lock_count > 0 ) { - slot->access_count--; + slot->lock_count--; return( PSA_SUCCESS ); } /* * As the return error code may not be handled in case of multiple errors, - * do our best to report if the access counter is equal to zero: if + * do our best to report if the lock counter is equal to zero: if * available call MBEDTLS_PARAM_FAILED that may terminate execution (if * called as part of the execution of a unit test suite this will stop the * test suite execution). */ #ifdef MBEDTLS_CHECK_PARAMS - MBEDTLS_PARAM_FAILED( slot->access_count > 0 ); + MBEDTLS_PARAM_FAILED( slot->lock_count > 0 ); #endif return( PSA_ERROR_CORRUPTION_DETECTED ); @@ -379,7 +377,7 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) psa_status_t status; psa_key_slot_t *slot; - status = psa_get_key_slot( key, &slot ); + status = psa_get_and_lock_key_slot( key, &slot ); if( status != PSA_SUCCESS ) { *handle = PSA_KEY_HANDLE_INIT; @@ -388,7 +386,7 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) *handle = key; - return( psa_decrement_key_slot_access_count( slot ) ); + return( psa_unlock_key_slot( slot ) ); #else /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ (void) key; @@ -405,14 +403,14 @@ psa_status_t psa_close_key( psa_key_handle_t handle ) if( psa_key_handle_is_null( handle ) ) return( PSA_SUCCESS ); - status = psa_search_key_in_slots( handle, &slot ); + status = psa_get_and_lock_key_slot_in_memory( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); - if( slot->access_count <= 1 ) + if( slot->lock_count <= 1 ) return( psa_wipe_key_slot( slot ) ); else - return( psa_decrement_key_slot_access_count( slot ) ); + return( psa_unlock_key_slot( slot ) ); } psa_status_t psa_purge_key( mbedtls_svc_key_id_t key ) @@ -420,15 +418,15 @@ psa_status_t psa_purge_key( mbedtls_svc_key_id_t key ) psa_status_t status; psa_key_slot_t *slot; - status = psa_search_key_in_slots( key, &slot ); + status = psa_get_and_lock_key_slot_in_memory( key, &slot ); if( status != PSA_SUCCESS ) return( status ); if( ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) && - ( slot->access_count <= 1 ) ) + ( slot->lock_count <= 1 ) ) return( psa_wipe_key_slot( slot ) ); else - return( psa_decrement_key_slot_access_count( slot ) ); + return( psa_unlock_key_slot( slot ) ); } void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) @@ -440,9 +438,9 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ ) { const psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; - if( ! psa_is_key_slot_accessed( slot ) ) + if( ! psa_is_key_slot_locked( slot ) ) { - ++stats->unaccessed_slots; + ++stats->unlocked_slots; } if( ! psa_is_key_slot_occupied( slot ) ) { diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index db5acba3bbd5..8b9d7463ac0b 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -61,19 +61,17 @@ static inline int psa_key_id_is_volatile( psa_key_id_t key_id ) ( key_id <= PSA_KEY_ID_VOLATILE_MAX ) ); } -/** Retrieve the description of a key given its identifier. +/** Get the description of a key given its identifier and lock it. * - * The descriptions of volatile keys and loaded persistent keys are - * stored in key slots. This function returns a pointer to the key slot - * containing the description of a key given its identifier. + * The descriptions of volatile keys and loaded persistent keys are stored in + * key slots. This function returns a pointer to the key slot containing the + * description of a key given its identifier. * - * In case of a persistent key, the function loads the description of the key - * into a key slot if not already done. + * In case of a persistent key, the function loads the description of the key + * into a key slot if not already done. * - * On success, the access counter of the returned key slot is incremented by - * one. It is the responsibility of the caller to call - * psa_decrement_key_slot_access_count() when it does not access the slot - * anymore. + * On success, the returned key slot is locked. It is the responsibility of + * the caller to unlock the key slot when it does not access it anymore. * * \param key Key identifier to query. * \param[out] p_slot On success, `*p_slot` contains a pointer to the @@ -98,8 +96,8 @@ static inline int psa_key_id_is_volatile( psa_key_id_t key_id ) * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_DATA_CORRUPT */ -psa_status_t psa_get_key_slot( mbedtls_svc_key_id_t key, - psa_key_slot_t **p_slot ); +psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, + psa_key_slot_t **p_slot ); /** Initialize the key slot structures. * @@ -116,10 +114,9 @@ void psa_wipe_all_key_slots( void ); /** Find a free key slot. * * This function returns a key slot that is available for use and is in its - * ground state (all-bits-zero). On success, the access counter of the - * returned key slot is incremented by one. It is the responsibility of the - * caller to call psa_decrement_key_slot_access_count() when it does not access - * the key slot anymore. + * ground state (all-bits-zero). On success, the key slot is locked. It is + * the responsibility of the caller to unlock the key slot when it does not + * access it anymore. * * \param[out] volatile_key_id On success, volatile key identifier * associated to the returned slot. @@ -132,31 +129,31 @@ void psa_wipe_all_key_slots( void ); psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, psa_key_slot_t **p_slot ); -/** Increment slot access counter. +/** Lock a key slot. * - * This function increments the slot access counter by one. + * This function increments the key slot lock counter by one. * * \param[in] slot The key slot. * * \retval #PSA_SUCCESS - The access count was incremented. + The key slot lock counter was incremented. * \retval #PSA_ERROR_CORRUPTION_DETECTED - * The access count already reached its maximum value and was not + * The lock counter already reached its maximum value and was not * increased. */ -static inline psa_status_t psa_increment_key_slot_access_count( psa_key_slot_t *slot ) +static inline psa_status_t psa_lock_key_slot( psa_key_slot_t *slot ) { - if( slot->access_count >= SIZE_MAX ) + if( slot->lock_count >= SIZE_MAX ) return( PSA_ERROR_CORRUPTION_DETECTED ); - slot->access_count++; + slot->lock_count++; return( PSA_SUCCESS ); } -/** Decrement slot access counter. +/** Unlock a key slot. * - * This function decrements the slot access counter by one. + * This function decrements the key slot lock counter by one. * * \note To ease the handling of errors in retrieving a key slot * a NULL input pointer is valid, and the function returns @@ -164,13 +161,13 @@ static inline psa_status_t psa_increment_key_slot_access_count( psa_key_slot_t * * * \param[in] slot The key slot. * \retval #PSA_SUCCESS - * \p slot is NULL or the key slot access pointer has been + * \p slot is NULL or the key slot lock counter has been * decremented successfully. * \retval #PSA_ERROR_CORRUPTION_DETECTED - * The access counter was equal to 0. + * The lock counter was equal to 0. * */ -psa_status_t psa_decrement_key_slot_access_count( psa_key_slot_t *slot ); +psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ); /** Test whether a lifetime designates a key in an external cryptoprocessor. * diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 214ee87f3b71..09171ae767dd 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -41,9 +41,9 @@ static int test_helper_is_psa_pristine( int line, const char *file ) msg = "An external slot has not been closed properly."; else if( stats.half_filled_slots != 0 ) msg = "A half-filled slot has not been cleared properly."; - else if( stats.unaccessed_slots != PSA_KEY_SLOT_COUNT ) + else if( stats.unlocked_slots != PSA_KEY_SLOT_COUNT ) { - msg = "Some slots are still marked as accessed."; + msg = "Some slots are still marked as locked."; } /* If the test has already failed, don't overwrite the failure From 1ad1eeeaf105190961e8d9be7e5d1c3de844bc41 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sun, 15 Nov 2020 14:21:04 +0100 Subject: [PATCH 52/55] psa stats: Count locked slots instead of unlocked ones Count locked slots and not unlocked ones to align with the other statistics counters. Signed-off-by: Ronald Cron --- include/psa/crypto_extra.h | 4 ++-- library/psa_crypto_slot_management.c | 4 ++-- tests/include/test/psa_crypto_helpers.h | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 0c90cb2d1369..b25addc85ecd 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -231,8 +231,8 @@ typedef struct mbedtls_psa_stats_s size_t cache_slots; /** Number of slots that are not used for anything. */ size_t empty_slots; - /** Number of slots that are not locked. */ - size_t unlocked_slots; + /** Number of slots that are locked. */ + size_t locked_slots; /** Largest key id value among open keys in internal persistent storage. */ psa_key_id_t max_open_internal_key_id; /** Largest key id value among open keys in secure elements. */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 3e186687155d..1d2e51fec0ef 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -438,9 +438,9 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ ) { const psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; - if( ! psa_is_key_slot_locked( slot ) ) + if( psa_is_key_slot_locked( slot ) ) { - ++stats->unlocked_slots; + ++stats->locked_slots; } if( ! psa_is_key_slot_occupied( slot ) ) { diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 09171ae767dd..01b0547cf225 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -41,7 +41,7 @@ static int test_helper_is_psa_pristine( int line, const char *file ) msg = "An external slot has not been closed properly."; else if( stats.half_filled_slots != 0 ) msg = "A half-filled slot has not been cleared properly."; - else if( stats.unlocked_slots != PSA_KEY_SLOT_COUNT ) + else if( stats.locked_slots != 0 ) { msg = "Some slots are still marked as locked."; } From a3d9daca92048e7d0e39e2a4e44f3b769eaa69be Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sun, 15 Nov 2020 15:44:34 +0100 Subject: [PATCH 53/55] Add change log Signed-off-by: Ronald Cron --- ChangeLog.d/psa-openless.txt | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 ChangeLog.d/psa-openless.txt diff --git a/ChangeLog.d/psa-openless.txt b/ChangeLog.d/psa-openless.txt new file mode 100644 index 000000000000..2e40cdff8e65 --- /dev/null +++ b/ChangeLog.d/psa-openless.txt @@ -0,0 +1,17 @@ +Features + * In the PSA API, it is no longer necessary to open persistent keys: + operations now accept the key identifier. The type psa_key_handle_t is now + identical to psa_key_id_t instead of being platform-defined. This bridges + the last major gap to compliance with the PSA Cryptography specification + version 1.0.0. Opening persistent keys is still supported for backward + compatibility, but will be deprecated and later removed in future + releases. + +Bugfix + * psa_set_key_id() now also sets the lifetime to persistent for keys located + in a secure element. + * Attempting to create a volatile key with a non-zero key identifier now + fails. Previously the key identifier was just ignored when creating a + volatile key. + * Attempting to create or register a key with a key identifier in the vendor + range now fails. From 1d12d87d18d38db568b307c6971d41cc371367ef Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 18 Nov 2020 17:21:22 +0100 Subject: [PATCH 54/55] Improve/fix documentation Signed-off-by: Ronald Cron --- include/psa/crypto.h | 10 ---------- include/psa/crypto_compat.h | 2 +- library/psa_crypto_core.h | 6 +++--- library/psa_crypto_slot_management.c | 15 ++++++++++++--- library/psa_crypto_slot_management.h | 6 +++--- ...test_suite_psa_crypto_slot_management.function | 2 +- 6 files changed, 20 insertions(+), 21 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3c2324ac9de0..b41a20bfc453 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -36,16 +36,6 @@ * @{ */ -/** \brief Key handle. - * - * This type represents open handles to keys. It must be an unsigned integral - * type. The choice of type is implementation-dependent. - * - * 0 is not a valid key handle. How other handle values are assigned is - * implementation-dependent. - */ -typedef _unsigned_integral_type_ psa_key_handle_t; - /**@}*/ #endif /* __DOXYGEN_ONLY__ */ diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 642be1a55ba4..339ef270e1e6 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -35,7 +35,7 @@ extern "C" { #endif /* - * To support temporary both openless APIs and psa_open_key(), define + * To support both openless APIs and psa_open_key() temporarily, define * psa_key_handle_t to be equal to mbedtls_svc_key_id_t. Do not mark the * type and its utility macros and functions deprecated yet. This will be done * in a subsequent phase. diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 1492d194360d..f61ef9550d4a 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -38,14 +38,14 @@ typedef struct psa_core_key_attributes_t attr; /* - * Number of locks, read and/or write, to the key slot by the library. + * Number of locks on the key slot held by the library. * * This counter is incremented by one each time a library function * retrieves through one of the dedicated internal API a pointer to the * key slot. * * This counter is decremented by one each time a library function stops - * accessing to the key slot and states it by calling the + * accessing the key slot and states it by calling the * psa_unlock_key_slot() API. * * This counter is used to prevent resetting the key slot while the library @@ -102,7 +102,7 @@ static inline int psa_is_key_slot_occupied( const psa_key_slot_t *slot ) /** Test whether a key slot is locked. * - * A key slot is locked iff its lock counter is strickly greater than 0. + * A key slot is locked iff its lock counter is strictly greater than 0. * * \param[in] slot The key slot to test. * diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 1d2e51fec0ef..4c4ad0331a70 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -110,6 +110,15 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory( if( psa_key_id_is_volatile( key_id ) ) { slot = &global_data.key_slots[ key_id - PSA_KEY_ID_VOLATILE_MIN ]; + + /* + * Check if both the PSA key identifier key_id and the owner + * identifier of key match those of the key slot. + * + * Note that, if the key slot is not occupied, its PSA key identifier + * is equal to zero. This is an invalid value for a PSA key identifier + * and thus cannot be equal to the valid PSA key identifier key_id. + */ status = mbedtls_svc_key_id_equal( key, slot->attr.id ) ? PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST; } @@ -192,9 +201,9 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, /* * If there is no unused key slot and there is at least one unlocked key - * slot containing the description of a permament key, recycle the first - * such key slot we encountered. If we need later on to operate on the - * persistent key we evict now, we will reload its description from + * slot containing the description of a persistent key, recycle the first + * such key slot we encountered. If we later need to operate on the + * persistent key we are evicting now, we will reload its description from * storage. */ if( ( selected_slot == NULL ) && diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 8b9d7463ac0b..ef0814ac9e04 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -79,9 +79,9 @@ static inline int psa_key_id_is_volatile( psa_key_id_t key_id ) * identified by \p key. * * \retval #PSA_SUCCESS - * The pointer to the key slot containing the description of the key - * identified by \p key was returned. The key slot counter was - * implemented. + * \p *p_slot contains a pointer to the key slot containing the + * description of the key identified by \p key. + * The key slot counter has been incremented. * \retval #PSA_ERROR_BAD_STATE * The library has not been initialized. * \retval #PSA_ERROR_INVALID_HANDLE diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 474fbe7c9d91..edc1886fe13e 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -908,7 +908,7 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg ) /* * Create a new persistent or volatile key. When creating the key, - * one of the description of the previously created persistent key + * one of the descriptions of the previously created persistent keys * is removed from the RAM key slots. This makes room to store its * description in RAM. */ From 3a4f0e3cc4bb8a289b724f415c10dd83cd2b9ffe Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 19 Nov 2020 17:55:23 +0100 Subject: [PATCH 55/55] tests: psa: Reset key attributes where needed After a call to psa_get_key_attributes() to retrieve the attributes of a key into a psa_key_attributes_t structure, a call to psa_reset_key_attributes() is mandated to free the resources that may be referenced by the psa_key_attributes_t structure. Not calling psa_reset_key_attributes() may result in a memory leak. When a test function calls psa_get_key_parameters() the associated key attributes are systematically reset in the clean-up part of the function with a comment to emphasize the need for the reset and make it more visible. Signed-off-by: Ronald Cron --- tests/suites/test_suite_pk.function | 12 ++ tests/suites/test_suite_psa_crypto.function | 148 ++++++++++++++++-- ...t_suite_psa_crypto_persistent_key.function | 10 ++ ...st_suite_psa_crypto_se_driver_hal.function | 23 +++ ..._suite_psa_crypto_slot_management.function | 45 ++++++ 5 files changed, 226 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 9803f9051c69..98016c6526a0 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -200,6 +200,12 @@ void pk_psa_utils( ) TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &attributes ); + mbedtls_pk_free( &pk ); /* redundant except upon error */ mbedtls_pk_free( &pk2 ); PSA_DONE( ); @@ -1289,6 +1295,12 @@ void pk_psa_sign( int grpid_arg, hash, sizeof hash, sig, sig_len ) == 0 ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &attributes ); + mbedtls_pk_free( &pk ); PSA_DONE( ); } diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b03df3d4b1be..8e71610ac402 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -292,7 +292,12 @@ int check_key_attributes_sanity( mbedtls_svc_key_id_t key ) ok = 1; exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + return( ok ); } @@ -445,6 +450,7 @@ static int exercise_cipher_key( mbedtls_svc_key_id_t key, iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( psa_get_key_type( &attributes ) ); maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg ); + psa_reset_key_attributes( &attributes ); } PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_cipher_set_iv( &operation, @@ -717,8 +723,13 @@ static psa_status_t key_agreement_with_self( operation, PSA_KEY_DERIVATION_INPUT_SECRET, key, public_key, public_key_length ); exit: - mbedtls_free( public_key ); + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + + mbedtls_free( public_key ); return( status ); } @@ -754,8 +765,13 @@ static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg, public_key, public_key_length, output, sizeof( output ), &output_length ); exit: - mbedtls_free( public_key ); + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + + mbedtls_free( public_key ); return( status ); } @@ -1033,8 +1049,13 @@ static int exercise_export_key( mbedtls_svc_key_id_t key, exported, exported_length ); exit: - mbedtls_free( exported ); + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + + mbedtls_free( exported ); return( ok ); } @@ -1069,8 +1090,13 @@ static int exercise_export_public_key( mbedtls_svc_key_id_t key ) exported, exported_length ); exit: - mbedtls_free( exported ); + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + + mbedtls_free( exported ); return( ok ); } @@ -1205,7 +1231,12 @@ static int test_operations_on_invalid_key( mbedtls_svc_key_id_t key ) ok = 1; exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + return( ok ); } @@ -1479,8 +1510,13 @@ void import_with_policy( int type_arg, test_operations_on_invalid_key( key ); exit: - psa_destroy_key( key ); + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &got_attributes ); + + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -1518,8 +1554,13 @@ void import_with_data( data_t *data, int type_arg, test_operations_on_invalid_key( key ); exit: - psa_destroy_key( key ); + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &got_attributes ); + + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -1567,6 +1608,12 @@ void import_large_key( int type_arg, int byte_size_arg, } exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); PSA_DONE( ); mbedtls_free( buffer ); @@ -1696,9 +1743,14 @@ destroy: test_operations_on_invalid_key( key ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &got_attributes ); + mbedtls_free( exported ); mbedtls_free( reexported ); - psa_reset_key_attributes( &got_attributes ); PSA_DONE( ); } /* END_CASE */ @@ -1749,9 +1801,14 @@ void import_export_public_key( data_t *data, } exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &attributes ); + mbedtls_free( exported ); psa_destroy_key( key ); - psa_reset_key_attributes( &attributes ); PSA_DONE( ); } /* END_CASE */ @@ -1792,8 +1849,14 @@ void import_and_exercise_key( data_t *data, test_operations_on_invalid_key( key ); exit: - psa_destroy_key( key ); + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &got_attributes ); + + psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -1832,8 +1895,13 @@ void effective_key_attributes( int type_arg, int expected_type_arg, TEST_EQUAL( psa_get_key_algorithm( &attributes ), expected_alg ); exit: - psa_destroy_key( key ); + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + + psa_destroy_key( key ); PSA_DONE( ); } /* END_CASE */ @@ -2087,8 +2155,13 @@ void asymmetric_encryption_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_destroy_key( key ); + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + + psa_destroy_key( key ); PSA_DONE( ); mbedtls_free( buffer ); } @@ -2265,6 +2338,12 @@ void key_policy_alg2( int key_type_arg, data_t *key_data, goto exit; exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &got_attributes ); + psa_destroy_key( key ); PSA_DONE( ); } @@ -2385,8 +2464,13 @@ void copy_success( int source_usage_arg, PSA_ASSERT( psa_destroy_key( target_key ) ); exit: + /* + * Source and target key attributes may have been returned by + * psa_get_key_attributes() thus reset them as required. + */ psa_reset_key_attributes( &source_attributes ); psa_reset_key_attributes( &target_attributes ); + PSA_DONE( ); mbedtls_free( export_buffer ); } @@ -4138,7 +4222,12 @@ void sign_deterministic( int key_type_arg, data_t *key_data, #endif /* MBEDTLS_TEST_DEPRECATED */ exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); mbedtls_free( signature ); PSA_DONE( ); @@ -4259,7 +4348,12 @@ void sign_verify( int key_type_arg, data_t *key_data, } exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); mbedtls_free( signature ); PSA_DONE( ); @@ -4409,7 +4503,12 @@ void asymmetric_encrypt( int key_type_arg, } exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); mbedtls_free( output ); PSA_DONE( ); @@ -4473,7 +4572,12 @@ void asymmetric_encrypt_decrypt( int key_type_arg, output2, output2_length ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); mbedtls_free( output ); mbedtls_free( output2 ); @@ -5080,8 +5184,13 @@ void derive_key_exercise( int alg_arg, goto exit; exit: - psa_key_derivation_abort( &operation ); + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &got_attributes ); + + psa_key_derivation_abort( &operation ); psa_destroy_key( base_key ); psa_destroy_key( derived_key ); PSA_DONE( ); @@ -5511,7 +5620,12 @@ void generate_key( int type_arg, goto exit; exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &got_attributes ); + psa_destroy_key( key ); PSA_DONE( ); } @@ -5612,7 +5726,12 @@ void generate_key_rsa( int bits_arg, } exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() or + * set by psa_set_key_domain_parameters() thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); PSA_DONE( ); mbedtls_free( e_read_buffer ); @@ -5741,7 +5860,12 @@ void persistent_key_load_key_from_storage( data_t *data, goto exit; exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + mbedtls_free( first_export ); mbedtls_free( second_export ); psa_key_derivation_abort( &operation ); diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index c4c2b75f6bcf..8e10158f6c83 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -240,7 +240,12 @@ void persistent_key_import( int owner_id_arg, int key_id_arg, int type_arg, PSA_ASSERT( psa_destroy_key( key_id ) ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + psa_destroy_persistent_key( key_id ); PSA_DONE(); } @@ -308,7 +313,12 @@ void import_export_persistent_key( data_t *data, int type_arg, TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + mbedtls_free( exported ); PSA_DONE( ); psa_destroy_persistent_key( key_id ); diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 04aecb6b75e1..1add9b4a7c62 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -578,6 +578,12 @@ static int check_key_attributes( ok = 1; exit: + /* + * Actual key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &actual_attributes ); + return( ok ); } @@ -753,7 +759,12 @@ static int smoke_test_key( mbedtls_svc_key_id_t key ) ok = 1; exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ psa_reset_key_attributes( &attributes ); + return( ok ); } @@ -1080,6 +1091,12 @@ void key_creation_in_chosen_slot( int slot_arg, TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &attributes ); + PSA_DONE( ); ram_slots_reset( ); psa_purge_storage( ); @@ -1431,6 +1448,12 @@ void sign_verify( int flow, PSA_ERROR_INVALID_SIGNATURE ); exit: + /* + * Driver key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &drv_attributes ); + psa_destroy_key( id ); psa_destroy_key( sw_key ); PSA_DONE( ); diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index edc1886fe13e..57d4789828cb 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -226,6 +226,12 @@ void transient_slot_lifecycle( int owner_id_arg, TEST_EQUAL( psa_close_key( key ), PSA_ERROR_DOES_NOT_EXIST ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &attributes ); + PSA_DONE( ); } /* END_CASE */ @@ -369,6 +375,13 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, } exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes( &read_attributes ); + PSA_DONE( ); psa_purge_key_storage( ); mbedtls_free( reexported ); @@ -437,6 +450,12 @@ void create_existent( int lifetime_arg, int owner_id_arg, int id_arg, PSA_ASSERT( psa_close_key( id ) ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &attributes ); + PSA_DONE( ); psa_purge_key_storage( ); } @@ -626,6 +645,13 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, PSA_ASSERT( psa_destroy_key( returned_target_id ) ); exit: + /* + * Source and target key attributes may have been returned by + * psa_get_key_attributes() thus reset them as required. + */ + psa_reset_key_attributes( &source_attributes ); + psa_reset_key_attributes( &target_attributes ); + PSA_DONE( ); mbedtls_free( export_buffer ); #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) @@ -737,6 +763,13 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, PSA_ASSERT( psa_destroy_key( returned_target_id ) ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &attributes1 ); + psa_reset_key_attributes( &attributes2 ); + PSA_DONE( ); mbedtls_free( export_buffer ); #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) @@ -824,6 +857,12 @@ void invalid_handle( int handle_construction, PSA_ASSERT( psa_close_key( valid_handle ) ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &attributes ); + PSA_DONE( ); } /* END_CASE */ @@ -1059,6 +1098,12 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( ) ASSERT_COMPARE( exported, exported_length, (uint8_t *) &persistent_key, sizeof( persistent_key ) ); exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes( &attributes ); + psa_destroy_key( persistent_key ); PSA_DONE( ); mbedtls_free( keys );