lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Convert the PSA example programs to the new handle API

Browse Source 
Switch from the direct use of slot numbers to handles allocated by
psa_allocate_key.
This commit is contained in:
Gilles Peskine
2018-12-03 16:24:51 +01:00
parent bdf309ccdb
commit b0edfb513b
2 changed files with 121 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
programs/psa/crypto_examples.c
View File

@ -44,10 +44,7 @@ int main( void )
}
#else
/* Use key slot 1 for our cipher key. Key slot 0 is reserved as unused. */
static const psa_key_slot_t key_slot_cipher = 1;
static psa_status_t set_key_policy( psa_key_slot_t key_slot,
static psa_status_t set_key_policy( psa_key_handle_t key_handle,
psa_key_usage_t key_usage,
psa_algorithm_t alg )
{
@ -56,7 +53,7 @@ static psa_status_t set_key_policy( psa_key_slot_t key_slot,
psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, key_usage, alg );
status = psa_set_key_policy( key_slot, &policy );
status = psa_set_key_policy( key_handle, &policy );
ASSERT_STATUS( status, PSA_SUCCESS );
exit:
return( status );
@ -98,7 +95,7 @@ exit:
return( status );
}
static psa_status_t cipher_encrypt( psa_key_slot_t key_slot,
static psa_status_t cipher_encrypt( psa_key_handle_t key_handle,
psa_algorithm_t alg,
uint8_t * iv,
size_t iv_size,
@ -114,7 +111,7 @@ static psa_status_t cipher_encrypt( psa_key_slot_t key_slot,
size_t iv_len = 0;
memset( &operation, 0, sizeof( operation ) );
status = psa_cipher_encrypt_setup( &operation, key_slot, alg );
status = psa_cipher_encrypt_setup( &operation, key_handle, alg );
ASSERT_STATUS( status, PSA_SUCCESS );
status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len );
@ -129,7 +126,7 @@ exit:
return( status );
}
static psa_status_t cipher_decrypt( psa_key_slot_t key_slot,
static psa_status_t cipher_decrypt( psa_key_handle_t key_handle,
psa_algorithm_t alg,
const uint8_t * iv,
size_t iv_size,
@ -144,7 +141,7 @@ static psa_status_t cipher_decrypt( psa_key_slot_t key_slot,
psa_cipher_operation_t operation;
memset( &operation, 0, sizeof( operation ) );
status = psa_cipher_decrypt_setup( &operation, key_slot, alg );
status = psa_cipher_decrypt_setup( &operation, key_handle, alg );
ASSERT_STATUS( status, PSA_SUCCESS );
status = psa_cipher_set_iv( &operation, iv, iv_size );
@ -170,6 +167,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
const psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
psa_status_t status;
psa_key_handle_t key_handle = 0;
size_t output_len = 0;
uint8_t iv[block_size];
uint8_t input[block_size];
@ -179,21 +177,24 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
status = psa_generate_random( input, sizeof( input ) );
ASSERT_STATUS( status, PSA_SUCCESS );
status = set_key_policy( key_slot_cipher,
status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
ASSERT_STATUS( status, PSA_SUCCESS );
status = set_key_policy( key_handle,
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
alg );
ASSERT_STATUS( status, PSA_SUCCESS );
status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
NULL, 0 );
ASSERT_STATUS( status, PSA_SUCCESS );
status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ),
status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
input, sizeof( input ), part_size,
encrypt, sizeof( encrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ),
status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
encrypt, output_len, part_size,
decrypt, sizeof( decrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
@ -202,7 +203,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
ASSERT_STATUS( status, PSA_SUCCESS );
exit:
psa_destroy_key( key_slot_cipher );
psa_destroy_key( key_handle );
return( status );
}
@ -218,6 +219,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
const psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
psa_status_t status;
psa_key_handle_t key_handle = 0;
size_t output_len = 0;
uint8_t iv[block_size], input[input_size],
encrypt[input_size + block_size], decrypt[input_size + block_size];
@ -225,21 +227,24 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
status = psa_generate_random( input, sizeof( input ) );
ASSERT_STATUS( status, PSA_SUCCESS );
status = set_key_policy( key_slot_cipher,
status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
ASSERT_STATUS( status, PSA_SUCCESS );
status = set_key_policy( key_handle,
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
alg );
ASSERT_STATUS( status, PSA_SUCCESS );
status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
NULL, 0 );
ASSERT_STATUS( status, PSA_SUCCESS );
status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ),
status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
input, sizeof( input ), part_size,
encrypt, sizeof( encrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ),
status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
encrypt, output_len, part_size,
decrypt, sizeof( decrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
@ -248,7 +253,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
ASSERT_STATUS( status, PSA_SUCCESS );
exit:
psa_destroy_key( key_slot_cipher );
psa_destroy_key( key_handle );
return( status );
}
@ -263,6 +268,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
const psa_algorithm_t alg = PSA_ALG_CTR;
psa_status_t status;
psa_key_handle_t key_handle = 0;
size_t output_len = 0;
uint8_t iv[block_size], input[input_size], encrypt[input_size],
decrypt[input_size];
@ -270,21 +276,23 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
status = psa_generate_random( input, sizeof( input ) );
ASSERT_STATUS( status, PSA_SUCCESS );
status = set_key_policy( key_slot_cipher,
status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
ASSERT_STATUS( status, PSA_SUCCESS );
status = set_key_policy( key_handle,
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
alg );
ASSERT_STATUS( status, PSA_SUCCESS );
status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
NULL, 0 );
ASSERT_STATUS( status, PSA_SUCCESS );
status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ),
status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
input, sizeof( input ), part_size,
encrypt, sizeof( encrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ),
status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
encrypt, output_len, part_size,
decrypt, sizeof( decrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
@ -293,7 +301,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
ASSERT_STATUS( status, PSA_SUCCESS );
exit:
psa_destroy_key( key_slot_cipher );
psa_destroy_key( key_handle );
return( status );
}