Merge pull request #109 from gilles-peskine-arm/psa-key_attributes-set_persistent

Individual setters for persistent key attributes

tests/suites/test_suite_psa_crypto.data

@@ -4,6 +4,21 @@ static_checks:
 PSA key attributes structure
 attributes_set_get:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128
 
+PSA key attributes: id only
+persistence_attributes:0x1234:-1:-1:0x1234:PSA_KEY_LIFETIME_PERSISTENT
+
+PSA key attributes: lifetime=3 only
+persistence_attributes:-1:3:-1:0:3
+
+PSA key attributes: id then back to volatile
+persistence_attributes:0x1234:PSA_KEY_LIFETIME_VOLATILE:-1:0:PSA_KEY_LIFETIME_VOLATILE
+
+PSA key attributes: id then lifetime
+persistence_attributes:0x1234:3:-1:0x1234:3
+
+PSA key attributes: lifetime then id
+persistence_attributes:0x1234:3:0x1235:0x1235:3
+
 PSA import/export raw: 0 bytes
 import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1
 

tests/suites/test_suite_psa_crypto.function

@@ -1098,7 +1098,7 @@ static int test_operations_on_invalid_handle( psa_key_handle_t handle )
     size_t length;
     int ok = 0;
 
-    psa_make_key_persistent( &attributes, 0x6964, PSA_KEY_LIFETIME_PERSISTENT );
+    psa_set_key_id( &attributes, 0x6964 );
     psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
     psa_set_key_algorithm( &attributes, PSA_ALG_CTR );
     psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
@@ -1181,7 +1181,8 @@ void attributes_set_get( int id_arg, int lifetime_arg,
     TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
     TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
 
-    psa_make_key_persistent( &attributes, id, lifetime );
+    psa_set_key_id( &attributes, id );
+    psa_set_key_lifetime( &attributes, lifetime );
     psa_set_key_usage_flags( &attributes, usage_flags );
     psa_set_key_algorithm( &attributes, alg );
     psa_set_key_type( &attributes, type );
@@ -1205,6 +1206,29 @@ void attributes_set_get( int id_arg, int lifetime_arg,
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void persistence_attributes( int id1_arg, int lifetime_arg, int id2_arg,
+                             int expected_id_arg, int expected_lifetime_arg )
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_id_t id1 = id1_arg;
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    psa_key_id_t id2 = id2_arg;
+    psa_key_id_t expected_id = expected_id_arg;
+    psa_key_lifetime_t expected_lifetime = expected_lifetime_arg;
+
+    if( id1_arg != -1 )
+        psa_set_key_id( &attributes, id1 );
+    if( lifetime_arg != -1 )
+        psa_set_key_lifetime( &attributes, lifetime );
+    if( id2_arg != -1 )
+        psa_set_key_id( &attributes, id2 );
+
+    TEST_EQUAL( psa_get_key_id( &attributes ), expected_id );
+    TEST_EQUAL( psa_get_key_lifetime( &attributes ), expected_lifetime );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void import( data_t *data, int type_arg,
              int attr_bits_arg,
@@ -4877,7 +4901,7 @@ void persistent_key_load_key_from_storage( data_t *data,
 
     PSA_ASSERT( psa_crypto_init() );
 
-    psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT );
+    psa_set_key_id( &attributes, key_id );
     psa_set_key_usage_flags( &attributes, usage_flags );
     psa_set_key_algorithm( &attributes, alg );
     psa_set_key_type( &attributes, type );

tests/suites/test_suite_psa_crypto_persistent_key.function

@@ -96,7 +96,7 @@ void save_large_persistent_key( int data_too_large, int expected_status )
 
     PSA_ASSERT( psa_crypto_init() );
 
-    psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT );
+    psa_set_key_id( &attributes, key_id );
     psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
 
     TEST_EQUAL( psa_import_key( &attributes, data, data_length, &handle ),
@@ -122,7 +122,7 @@ void persistent_key_destroy( int key_id_arg, int restart,
 
     PSA_ASSERT( psa_crypto_init() );
 
-    psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT );
+    psa_set_key_id( &attributes, key_id );
     psa_set_key_type( &attributes, first_type );
 
     PSA_ASSERT( psa_import_key( &attributes, first_data->x, first_data->len,
@@ -150,7 +150,7 @@ void persistent_key_destroy( int key_id_arg, int restart,
     PSA_ASSERT( psa_crypto_init() );
 
     /* Create another key in the same slot */
-    psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT );
+    psa_set_key_id( &attributes, key_id );
     psa_set_key_type( &attributes, second_type );
     PSA_ASSERT( psa_import_key( &attributes, second_data->x, second_data->len,
                                 &handle ) );
@@ -172,7 +172,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data,
 
     PSA_ASSERT( psa_crypto_init() );
 
-    psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT );
+    psa_set_key_id( &attributes, key_id );
     psa_set_key_type( &attributes, type );
     TEST_EQUAL( psa_import_key( &attributes, data->x, data->len, &handle ),
                 expected_status );
@@ -224,7 +224,7 @@ void import_export_persistent_key( data_t *data, int type_arg,
 
     PSA_ASSERT( psa_crypto_init( ) );
 
-    psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT );
+    psa_set_key_id( &attributes, key_id );
     psa_set_key_type( &attributes, type );
     psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
 

tests/suites/test_suite_psa_crypto_slot_management.function

@@ -143,7 +143,8 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
     PSA_ASSERT( psa_crypto_init( ) );
 
     /* Get a handle and import a key. */
-    psa_make_key_persistent( &attributes, id, lifetime );
+    psa_set_key_id( &attributes, id );
+    psa_set_key_lifetime( &attributes, lifetime );
     psa_set_key_type( &attributes, type );
     psa_set_key_usage_flags( &attributes, usage_flags );
     psa_set_key_algorithm( &attributes, alg );
@@ -221,7 +222,8 @@ void create_existent( int lifetime_arg, int id_arg,
     PSA_ASSERT( psa_crypto_init( ) );
 
     /* Create a key. */
-    psa_make_key_persistent( &attributes, id, lifetime );
+    psa_set_key_id( &attributes, id );
+    psa_set_key_lifetime( &attributes, lifetime );
     psa_set_key_type( &attributes, type1 );
     psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
     psa_set_key_algorithm( &attributes, 0 );
@@ -298,7 +300,8 @@ void create_fail( int lifetime_arg, int id_arg,
 
     PSA_ASSERT( psa_crypto_init( ) );
 
-    psa_make_key_persistent( &attributes, id, lifetime );
+    psa_set_key_id( &attributes, id );
+    psa_set_key_lifetime( &attributes, lifetime );
     psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
     TEST_EQUAL( psa_import_key( &attributes, material, sizeof( material ),
                                 &handle ),
@@ -345,8 +348,10 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg,
 
     /* Populate the source slot. */
     if( source_lifetime != PSA_KEY_LIFETIME_VOLATILE )
-        psa_make_key_persistent( &source_attributes,
-                                 source_id, source_lifetime );
+    {
+        psa_set_key_id( &source_attributes, source_id );
+        psa_set_key_lifetime( &source_attributes, source_lifetime );
+    }
     psa_set_key_type( &source_attributes, source_type );
     psa_set_key_usage_flags( &source_attributes, source_usage );
     psa_set_key_algorithm( &source_attributes, source_alg );
@@ -358,8 +363,10 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg,
 
     /* Prepare the target slot. */
     if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE )
-        psa_make_key_persistent( &target_attributes,
-                                 target_id, target_lifetime );
+    {
+        psa_set_key_id( &target_attributes, target_id );
+        psa_set_key_lifetime( &target_attributes, target_lifetime );
+    }
     psa_set_key_usage_flags( &target_attributes, target_usage );
     psa_set_key_algorithm( &target_attributes, target_alg );
 
@@ -449,8 +456,10 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg,
 
     /* Populate the source slot. */
     if( source_lifetime != PSA_KEY_LIFETIME_VOLATILE )
-        psa_make_key_persistent( &attributes,
-                                 source_id, source_lifetime );
+    {
+        psa_set_key_id( &attributes, source_id );
+        psa_set_key_lifetime( &attributes, source_lifetime );
+    }
     psa_set_key_type( &attributes, source_type );
     psa_set_key_usage_flags( &attributes, source_usage );
     psa_set_key_algorithm( &attributes, source_alg );
@@ -465,7 +474,8 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg,
     }
     else
     {
-        psa_make_key_persistent( &attributes1, target_id, target_lifetime );
+        psa_set_key_id( &attributes1, target_id );
+        psa_set_key_lifetime( &attributes1, target_lifetime );
         psa_set_key_type( &attributes1, target_type );
         psa_set_key_usage_flags( &attributes1, target_usage );
         psa_set_key_algorithm( &attributes1, target_alg );
@@ -476,7 +486,8 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg,
     PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes1 ) );
 
     /* Make a copy attempt. */
-    psa_make_key_persistent( &attributes, target_id, target_lifetime );
+    psa_set_key_id( &attributes, target_id );
+    psa_set_key_lifetime( &attributes, target_lifetime );
     TEST_EQUAL( psa_copy_key( source_handle,
                               &attributes, &new_handle ),
                 PSA_ERROR_ALREADY_EXISTS );