Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added export_key #40

Merged
merged 1 commit into from
Jul 13, 2020
Merged

Conversation

sbailey-arm
Copy link
Contributor

Added export_key() along with a simple test.

Signed-off-by: Samuel Bailey samuel.bailey@arm.com

@hug-dev hug-dev self-requested a review July 10, 2020 09:34
@egrimley-arm
Copy link
Collaborator

Are you quietly fixing a bug in export_public_key() at the same time?

@sbailey-arm
Copy link
Contributor Author

Are you quietly fixing a bug in export_public_key() at the same time?

I've been rumbled!

I'm not sure it is actually a bug. We had a discussion about it a while ago, I think the result was 'it doesn't really matter' but returning the error for closing the key handle before the error for the actual operation doesn't seem right to me. Key handles should be going away at some point anyway.

@egrimley-arm
Copy link
Collaborator

Might be good to add something like the following to the log message, then:

Also, minor improvement to export_public_key(): Return operation error in preference to close error.

Copy link
Collaborator

@egrimley-arm egrimley-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Preferably with an addition to the log message, as I suggested in a different comment.

@hug-dev hug-dev assigned sbailey-arm and unassigned egrimley-arm Jul 10, 2020
Copy link
Member

@hug-dev hug-dev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry I messed up selecting @sbailey-arm as assignee 😅

/// let size = key_management::export_public(my_key, &mut data).unwrap();
/// data.resize(size, 0);
/// ```
pub fn export_pair(key: Id, data: &mut [u8]) -> Result<usize> {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the name here should match the PSA Crypto one: export_key

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah yes, I did that before reading the description, doh. Fixed.

@sbailey-arm
Copy link
Contributor Author

Might be good to add something like the following to the log message, then:

Also, minor improvement to export_public_key(): Return operation error in preference to close error.

I've added that to the commit message.

@sbailey-arm sbailey-arm force-pushed the add-export-key branch 2 times, most recently from 37bb2d3 to 6c34628 Compare July 10, 2020 13:03
@hug-dev hug-dev requested a review from ionut-arm July 13, 2020 11:23
Copy link
Member

@ionut-arm ionut-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💯

@@ -78,9 +78,45 @@ fn import_integration_test() {
}
}

#[test]
fn export_key_pair_test() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be possible to have a test where you put a previously generated key file in the right place and export that key? It would help with more accurate testing (instead of just making sure you get something on the other side). Would also help with testing in Parsec, as we won't have to be that thorough when testing there.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess another option is to import and export a "static" key (i.e. a byte vector).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You mean like has been done in Parsec? Yes I can add that test here. I wasn't sure what kind of/how many tests are added to psa-crypto as there are only generate and import tests there currently.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I think it makes more sense to put the tests at the lowest level where they apply - then neither Parsec nor other users of the crate need to test for that

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah ok, good point. I've used the PK from Parsec's test, imported it, exported it, and verified the original an exported values match.

Also, minor improvement to export_public_key(): Return operation error in preference to close error.

Signed-off-by: Samuel Bailey <samuel.bailey@arm.com>
Copy link
Member

@ionut-arm ionut-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👌

@ionut-arm ionut-arm merged commit 49d6f75 into parallaxsecond:master Jul 13, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants