mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-29 11:41:15 +03:00
Merge pull request #3527 from ronald-cron-arm/key-extended-id
PSA key identifiers rework
This commit is contained in:
Gilles Peskine
GitHub
@ -2,22 +2,22 @@ PSA compile-time sanity checks
|
||||
static_checks:
|
||||
|
||||
PSA key attributes structure
|
||||
attributes_set_get:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128
|
||||
attributes_set_get:0xffff1234:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128
|
||||
|
||||
PSA key attributes: id only
|
||||
persistence_attributes:0x1234:-1:-1:0x1234:PSA_KEY_LIFETIME_PERSISTENT
|
||||
persistence_attributes:0x1234:0x5678:-1:-1:0:0x1234:0x5678:PSA_KEY_LIFETIME_PERSISTENT
|
||||
|
||||
PSA key attributes: lifetime=3 only
|
||||
persistence_attributes:-1:3:-1:0:3
|
||||
persistence_attributes:-1:0:3:-1:0:0:0:3
|
||||
|
||||
PSA key attributes: id then back to volatile
|
||||
persistence_attributes:0x1234:PSA_KEY_LIFETIME_VOLATILE:-1:0:PSA_KEY_LIFETIME_VOLATILE
|
||||
persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_VOLATILE:-1:0:0:0x5678:PSA_KEY_LIFETIME_VOLATILE
|
||||
|
||||
PSA key attributes: id then lifetime
|
||||
persistence_attributes:0x1234:3:-1:0x1234:3
|
||||
persistence_attributes:0x1234:0x5678:3:-1:0:0x1234:0x5678:3
|
||||
|
||||
PSA key attributes: lifetime then id
|
||||
persistence_attributes:0x1234:3:0x1235:0x1235:3
|
||||
persistence_attributes:0x1234:0x5678:3:0x1235:0x5679:0x1235:0x5679:3
|
||||
|
||||
PSA key attributes: slot number
|
||||
slot_number_attribute:
|
||||
|
||||
@ -233,7 +233,7 @@ int check_key_attributes_sanity( psa_key_handle_t key )
|
||||
int ok = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_key_lifetime_t lifetime;
|
||||
psa_key_id_t id;
|
||||
mbedtls_svc_key_id_t id;
|
||||
psa_key_type_t type;
|
||||
psa_key_type_t bits;
|
||||
|
||||
@ -245,12 +245,12 @@ int check_key_attributes_sanity( psa_key_handle_t key )
|
||||
|
||||
/* Persistence */
|
||||
if( lifetime == PSA_KEY_LIFETIME_VOLATILE )
|
||||
TEST_ASSERT( id == 0 );
|
||||
TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) == 0 );
|
||||
else
|
||||
{
|
||||
TEST_ASSERT(
|
||||
( PSA_KEY_ID_USER_MIN <= id && id <= PSA_KEY_ID_USER_MAX ) ||
|
||||
( PSA_KEY_ID_USER_MIN <= id && id <= PSA_KEY_ID_USER_MAX ) );
|
||||
( PSA_KEY_ID_USER_MIN <= MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) &&
|
||||
( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <= PSA_KEY_ID_USER_MAX ) );
|
||||
}
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||
/* randomly-generated 64-bit constant, should never appear in test data */
|
||||
@ -1178,17 +1178,21 @@ static psa_key_usage_t usage_to_exercise( psa_key_type_t type,
|
||||
static int test_operations_on_invalid_handle( psa_key_handle_t handle )
|
||||
{
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 0x6964 );
|
||||
uint8_t buffer[1];
|
||||
size_t length;
|
||||
int ok = 0;
|
||||
|
||||
psa_set_key_id( &attributes, 0x6964 );
|
||||
psa_set_key_id( &attributes, key_id );
|
||||
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
|
||||
psa_set_key_algorithm( &attributes, PSA_ALG_CTR );
|
||||
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
|
||||
TEST_EQUAL( psa_get_key_attributes( handle, &attributes ),
|
||||
PSA_ERROR_INVALID_HANDLE );
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ), 0 );
|
||||
TEST_EQUAL(
|
||||
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
|
||||
TEST_EQUAL(
|
||||
MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
|
||||
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
|
||||
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
|
||||
@ -1321,19 +1325,22 @@ void static_checks( )
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void attributes_set_get( int id_arg, int lifetime_arg,
|
||||
void attributes_set_get( int owner_id_arg, int id_arg, int lifetime_arg,
|
||||
int usage_flags_arg, int alg_arg,
|
||||
int type_arg, int bits_arg )
|
||||
{
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_key_id_t id = id_arg;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
|
||||
psa_key_lifetime_t lifetime = lifetime_arg;
|
||||
psa_key_usage_t usage_flags = usage_flags_arg;
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
psa_key_type_t type = type_arg;
|
||||
size_t bits = bits_arg;
|
||||
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ), 0 );
|
||||
TEST_EQUAL(
|
||||
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
|
||||
TEST_EQUAL(
|
||||
MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
|
||||
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
|
||||
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
|
||||
@ -1347,7 +1354,8 @@ void attributes_set_get( int id_arg, int lifetime_arg,
|
||||
psa_set_key_type( &attributes, type );
|
||||
psa_set_key_bits( &attributes, bits );
|
||||
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ), id );
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
psa_get_key_id( &attributes ), id ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
|
||||
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
|
||||
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
|
||||
@ -1356,7 +1364,10 @@ void attributes_set_get( int id_arg, int lifetime_arg,
|
||||
|
||||
psa_reset_key_attributes( &attributes );
|
||||
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ), 0 );
|
||||
TEST_EQUAL(
|
||||
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
|
||||
TEST_EQUAL(
|
||||
MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
|
||||
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
|
||||
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
|
||||
@ -1366,14 +1377,19 @@ void attributes_set_get( int id_arg, int lifetime_arg,
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void persistence_attributes( int id1_arg, int lifetime_arg, int id2_arg,
|
||||
int expected_id_arg, int expected_lifetime_arg )
|
||||
void persistence_attributes( int id1_arg, int owner_id1_arg, int lifetime_arg,
|
||||
int id2_arg, int owner_id2_arg,
|
||||
int expected_id_arg, int expected_owner_id_arg,
|
||||
int expected_lifetime_arg )
|
||||
{
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_key_id_t id1 = id1_arg;
|
||||
mbedtls_svc_key_id_t id1 =
|
||||
mbedtls_svc_key_id_make( owner_id1_arg, id1_arg );
|
||||
psa_key_lifetime_t lifetime = lifetime_arg;
|
||||
psa_key_id_t id2 = id2_arg;
|
||||
psa_key_id_t expected_id = expected_id_arg;
|
||||
mbedtls_svc_key_id_t id2 =
|
||||
mbedtls_svc_key_id_make( owner_id2_arg, id2_arg );
|
||||
mbedtls_svc_key_id_t expected_id =
|
||||
mbedtls_svc_key_id_make( expected_owner_id_arg, expected_id_arg );
|
||||
psa_key_lifetime_t expected_lifetime = expected_lifetime_arg;
|
||||
|
||||
if( id1_arg != -1 )
|
||||
@ -1383,7 +1399,8 @@ void persistence_attributes( int id1_arg, int lifetime_arg, int id2_arg,
|
||||
if( id2_arg != -1 )
|
||||
psa_set_key_id( &attributes, id2 );
|
||||
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ), expected_id );
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
psa_get_key_id( &attributes ), expected_id ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ), expected_lifetime );
|
||||
}
|
||||
/* END_CASE */
|
||||
@ -5612,7 +5629,7 @@ void persistent_key_load_key_from_storage( data_t *data,
|
||||
int usage_flags_arg, int alg_arg,
|
||||
int generation_method )
|
||||
{
|
||||
psa_key_id_t key_id = 1;
|
||||
mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_handle_t base_key = 0;
|
||||
@ -5704,7 +5721,8 @@ void persistent_key_load_key_from_storage( data_t *data,
|
||||
/* Check key slot still contains key data */
|
||||
PSA_ASSERT( psa_open_key( key_id, &handle ) );
|
||||
PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ), key_id );
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
psa_get_key_id( &attributes ), key_id ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ),
|
||||
PSA_KEY_LIFETIME_PERSISTENT );
|
||||
TEST_EQUAL( psa_get_key_type( &attributes ), type );
|
||||
|
||||
@ -32,23 +32,23 @@ save_large_persistent_key:PSA_CRYPTO_MAX_STORAGE_SIZE + 1:PSA_ERROR_NOT_SUPPORTE
|
||||
|
||||
Persistent key destroy
|
||||
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
|
||||
persistent_key_destroy:1:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
|
||||
persistent_key_destroy:2:1:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
|
||||
|
||||
Persistent key destroy after restart
|
||||
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
|
||||
persistent_key_destroy:1:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
|
||||
persistent_key_destroy:17:1:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
|
||||
|
||||
Persistent key import (RSA)
|
||||
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
|
||||
persistent_key_import:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_SUCCESS
|
||||
persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_SUCCESS
|
||||
|
||||
Persistent key import with restart (RSA)
|
||||
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
|
||||
persistent_key_import:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS
|
||||
persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS
|
||||
|
||||
Persistent key import garbage data, should fail
|
||||
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
|
||||
persistent_key_import:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT
|
||||
persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
import/export persistent raw key: 1 byte
|
||||
import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:0
|
||||
|
||||
@ -112,7 +112,7 @@ exit:
|
||||
/* BEGIN_CASE */
|
||||
void save_large_persistent_key( int data_length_arg, int expected_status )
|
||||
{
|
||||
psa_key_id_t key_id = 42;
|
||||
mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 );
|
||||
psa_key_handle_t handle = 0;
|
||||
uint8_t *data = NULL;
|
||||
size_t data_length = data_length_arg;
|
||||
@ -139,11 +139,12 @@ exit:
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void persistent_key_destroy( int key_id_arg, int restart,
|
||||
void persistent_key_destroy( int owner_id_arg, int key_id_arg, int restart,
|
||||
int first_type_arg, data_t *first_data,
|
||||
int second_type_arg, data_t *second_data )
|
||||
{
|
||||
psa_key_id_t key_id = key_id_arg;
|
||||
mbedtls_svc_key_id_t key_id =
|
||||
mbedtls_svc_key_id_make( owner_id_arg, key_id_arg );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_type_t first_type = (psa_key_type_t) first_type_arg;
|
||||
psa_key_type_t second_type = (psa_key_type_t) second_type_arg;
|
||||
@ -193,10 +194,11 @@ exit:
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void persistent_key_import( int key_id_arg, int type_arg, data_t *data,
|
||||
int restart, int expected_status )
|
||||
void persistent_key_import( int owner_id_arg, int key_id_arg, int type_arg,
|
||||
data_t *data, int restart, int expected_status )
|
||||
{
|
||||
psa_key_id_t key_id = (psa_key_id_t) key_id_arg;
|
||||
mbedtls_svc_key_id_t key_id =
|
||||
mbedtls_svc_key_id_make( owner_id_arg, key_id_arg );
|
||||
psa_key_type_t type = (psa_key_type_t) type_arg;
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
@ -224,7 +226,8 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data,
|
||||
|
||||
psa_reset_key_attributes( &attributes );
|
||||
PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ), key_id );
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
psa_get_key_id( &attributes ), key_id ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ),
|
||||
PSA_KEY_LIFETIME_PERSISTENT );
|
||||
TEST_EQUAL( psa_get_key_type( &attributes ), type );
|
||||
@ -245,7 +248,7 @@ void import_export_persistent_key( data_t *data, int type_arg,
|
||||
int expected_bits,
|
||||
int restart, int key_not_exist )
|
||||
{
|
||||
psa_key_id_t key_id = 42;
|
||||
mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 );
|
||||
psa_key_type_t type = (psa_key_type_t) type_arg;
|
||||
psa_key_handle_t handle = 0;
|
||||
unsigned char *exported = NULL;
|
||||
@ -276,7 +279,8 @@ void import_export_persistent_key( data_t *data, int type_arg,
|
||||
/* Test the key information */
|
||||
psa_reset_key_attributes( &attributes );
|
||||
PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ), key_id );
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
psa_get_key_id( &attributes ), key_id ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ),
|
||||
PSA_KEY_LIFETIME_PERSISTENT );
|
||||
TEST_EQUAL( psa_get_key_type( &attributes ), type );
|
||||
|
||||
@ -130,28 +130,28 @@ Key generation smoke test: HMAC-SHA-256
|
||||
generate_key_smoke:PSA_KEY_TYPE_HMAC:256:PSA_ALG_HMAC( PSA_ALG_SHA_256 )
|
||||
|
||||
Key registration: smoke test
|
||||
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:1:PSA_SUCCESS
|
||||
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:1:1:PSA_SUCCESS
|
||||
|
||||
Key registration: invalid lifetime (volatile internal storage)
|
||||
register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:1:1:PSA_ERROR_INVALID_ARGUMENT
|
||||
register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:7:1:1:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Key registration: invalid lifetime (internal storage)
|
||||
register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:1:1:PSA_ERROR_INVALID_ARGUMENT
|
||||
register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:7:1:1:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Key registration: invalid lifetime (no registered driver)
|
||||
register_key_smoke_test:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION + 1 ):1:1:PSA_ERROR_INVALID_ARGUMENT
|
||||
register_key_smoke_test:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION + 1 ):7:1:1:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Key registration: rejected
|
||||
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:0:PSA_ERROR_NOT_PERMITTED
|
||||
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:1:0:PSA_ERROR_NOT_PERMITTED
|
||||
|
||||
Key registration: not supported
|
||||
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:-1:PSA_ERROR_NOT_SUPPORTED
|
||||
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:1:-1:PSA_ERROR_NOT_SUPPORTED
|
||||
|
||||
Key registration: key id out of range
|
||||
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_ARGUMENT
|
||||
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Key registration: key id in vendor range
|
||||
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:PSA_KEY_ID_VENDOR_MAX:1:PSA_SUCCESS
|
||||
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX:1:PSA_SUCCESS
|
||||
|
||||
Import-sign-verify: sign in driver, ECDSA
|
||||
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
|
||||
@ -532,8 +532,9 @@ static int check_key_attributes(
|
||||
|
||||
PSA_ASSERT( psa_get_key_attributes( handle, &actual_attributes ) );
|
||||
|
||||
TEST_EQUAL( psa_get_key_id( &actual_attributes ),
|
||||
psa_get_key_id( reference_attributes ) );
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
psa_get_key_id( &actual_attributes ),
|
||||
psa_get_key_id( reference_attributes ) ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &actual_attributes ),
|
||||
psa_get_key_lifetime( reference_attributes ) );
|
||||
TEST_EQUAL( psa_get_key_type( &actual_attributes ),
|
||||
@ -757,16 +758,41 @@ exit:
|
||||
return( ok );
|
||||
}
|
||||
|
||||
#define MAX_KEY_ID_FOR_TEST 10
|
||||
static mbedtls_svc_key_id_t key_ids_used_in_test[10];
|
||||
static size_t num_key_ids_used;
|
||||
|
||||
/* Record a key id as potentially used in a test case. */
|
||||
static int test_uses_key_id( mbedtls_svc_key_id_t key_id )
|
||||
{
|
||||
size_t i;
|
||||
|
||||
for( i = 0; i < num_key_ids_used ; i++ )
|
||||
{
|
||||
if( mbedtls_svc_key_id_equal( key_id, key_ids_used_in_test[i] ) )
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( num_key_ids_used >= ARRAY_LENGTH( key_ids_used_in_test ) )
|
||||
return( 0 );
|
||||
|
||||
key_ids_used_in_test[num_key_ids_used] = key_id;
|
||||
++num_key_ids_used;
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
#define TEST_USES_KEY_ID( key_id ) \
|
||||
TEST_ASSERT( test_uses_key_id( key_id ) )
|
||||
|
||||
static void psa_purge_storage( void )
|
||||
{
|
||||
psa_key_id_t id;
|
||||
size_t i;
|
||||
psa_key_location_t location;
|
||||
/* The tests may have potentially created key ids from 1 to
|
||||
* MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id
|
||||
* 0, which file-based storage uses as a temporary file. */
|
||||
for( id = 0; id <= MAX_KEY_ID_FOR_TEST; id++ )
|
||||
psa_destroy_persistent_key( id );
|
||||
|
||||
for( i = 0; i < num_key_ids_used; i++ )
|
||||
psa_destroy_persistent_key( key_ids_used_in_test[i] );
|
||||
num_key_ids_used = 0;
|
||||
|
||||
/* Purge the transaction file. */
|
||||
psa_crypto_stop_transaction( );
|
||||
/* Purge driver persistent data. */
|
||||
@ -853,13 +879,15 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart )
|
||||
psa_drv_se_key_management_t key_management;
|
||||
psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
|
||||
uint8_t exported[sizeof( key_material )];
|
||||
size_t exported_length;
|
||||
|
||||
TEST_USES_KEY_ID( id );
|
||||
|
||||
memset( &driver, 0, sizeof( driver ) );
|
||||
memset( &key_management, 0, sizeof( key_management ) );
|
||||
driver.hal_version = PSA_DRV_SE_HAL_VERSION;
|
||||
@ -985,11 +1013,13 @@ void key_creation_in_chosen_slot( int slot_arg,
|
||||
psa_drv_se_key_management_t key_management;
|
||||
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
|
||||
|
||||
TEST_USES_KEY_ID( id );
|
||||
|
||||
memset( &driver, 0, sizeof( driver ) );
|
||||
memset( &key_management, 0, sizeof( key_management ) );
|
||||
driver.hal_version = PSA_DRV_SE_HAL_VERSION;
|
||||
@ -1067,10 +1097,12 @@ void import_key_smoke( int type_arg, int alg_arg,
|
||||
psa_drv_se_key_management_t key_management;
|
||||
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
|
||||
TEST_USES_KEY_ID( id );
|
||||
|
||||
memset( &driver, 0, sizeof( driver ) );
|
||||
memset( &key_management, 0, sizeof( key_management ) );
|
||||
driver.hal_version = PSA_DRV_SE_HAL_VERSION;
|
||||
@ -1139,10 +1171,12 @@ void generate_key_not_supported( int type_arg, int bits_arg )
|
||||
psa_drv_se_key_management_t key_management;
|
||||
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
|
||||
TEST_USES_KEY_ID( id );
|
||||
|
||||
memset( &driver, 0, sizeof( driver ) );
|
||||
memset( &key_management, 0, sizeof( key_management ) );
|
||||
driver.hal_version = PSA_DRV_SE_HAL_VERSION;
|
||||
@ -1178,10 +1212,12 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg )
|
||||
psa_drv_se_key_management_t key_management;
|
||||
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
|
||||
TEST_USES_KEY_ID( id );
|
||||
|
||||
memset( &driver, 0, sizeof( driver ) );
|
||||
memset( &key_management, 0, sizeof( key_management ) );
|
||||
driver.hal_version = PSA_DRV_SE_HAL_VERSION;
|
||||
@ -1258,7 +1294,7 @@ void sign_verify( int flow,
|
||||
|
||||
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t drv_handle = 0; /* key managed by the driver */
|
||||
psa_key_handle_t sw_handle = 0; /* transparent key */
|
||||
psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
@ -1266,6 +1302,8 @@ void sign_verify( int flow,
|
||||
uint8_t signature[PSA_SIGNATURE_MAX_SIZE];
|
||||
size_t signature_length;
|
||||
|
||||
TEST_USES_KEY_ID( id );
|
||||
|
||||
memset( &driver, 0, sizeof( driver ) );
|
||||
memset( &key_management, 0, sizeof( key_management ) );
|
||||
memset( &asymmetric, 0, sizeof( asymmetric ) );
|
||||
@ -1410,6 +1448,7 @@ exit:
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void register_key_smoke_test( int lifetime_arg,
|
||||
int owner_id_arg,
|
||||
int id_arg,
|
||||
int validate,
|
||||
int expected_status_arg )
|
||||
@ -1420,12 +1459,14 @@ void register_key_smoke_test( int lifetime_arg,
|
||||
psa_drv_se_t driver;
|
||||
psa_drv_se_key_management_t key_management;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_key_id_t id = id_arg;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
|
||||
size_t bit_size = 48;
|
||||
psa_key_slot_number_t wanted_slot = 0x123456789;
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_status_t status;
|
||||
|
||||
TEST_USES_KEY_ID( id );
|
||||
|
||||
memset( &driver, 0, sizeof( driver ) );
|
||||
driver.hal_version = PSA_DRV_SE_HAL_VERSION;
|
||||
memset( &key_management, 0, sizeof( key_management ) );
|
||||
@ -1462,6 +1503,12 @@ void register_key_smoke_test( int lifetime_arg,
|
||||
goto exit;
|
||||
PSA_ASSERT( psa_close_key( handle ) );
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
|
||||
mbedtls_svc_key_id_t invalid_id =
|
||||
mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg );
|
||||
TEST_EQUAL( psa_open_key( invalid_id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
|
||||
#endif
|
||||
|
||||
/* Restart and try again. */
|
||||
PSA_DONE( );
|
||||
PSA_ASSERT( psa_register_se_driver( location, &driver ) );
|
||||
|
||||
@ -91,11 +91,13 @@ static void psa_purge_storage( void )
|
||||
{
|
||||
psa_key_id_t id;
|
||||
psa_key_location_t location;
|
||||
|
||||
/* The tests may have potentially created key ids from 1 to
|
||||
* MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id
|
||||
* 0, which file-based storage uses as a temporary file. */
|
||||
for( id = 0; id <= MAX_KEY_ID_FOR_TEST; id++ )
|
||||
psa_destroy_persistent_key( id );
|
||||
psa_destroy_persistent_key( mbedtls_svc_key_id_make( 1, id ) );
|
||||
|
||||
/* Purge the transaction file. */
|
||||
psa_crypto_stop_transaction( );
|
||||
/* Purge driver persistent data. */
|
||||
@ -330,7 +332,7 @@ void mock_import( int mock_alloc_return_value,
|
||||
psa_drv_se_key_management_t key_management;
|
||||
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
|
||||
@ -360,8 +362,20 @@ void mock_import( int mock_alloc_return_value,
|
||||
TEST_ASSERT( mock_allocate_data.called == 1 );
|
||||
TEST_ASSERT( mock_import_data.called ==
|
||||
( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) );
|
||||
TEST_ASSERT( mock_import_data.attributes.core.id ==
|
||||
( mock_alloc_return_value == PSA_SUCCESS? id : 0 ) );
|
||||
|
||||
if( mock_alloc_return_value == PSA_SUCCESS )
|
||||
{
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
mock_import_data.attributes.core.id, id ) );
|
||||
}
|
||||
else
|
||||
{
|
||||
TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_KEY_ID(
|
||||
mock_import_data.attributes.core.id ) == 0 );
|
||||
TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(
|
||||
mock_import_data.attributes.core.id ) == 0 );
|
||||
}
|
||||
|
||||
TEST_ASSERT( mock_import_data.attributes.core.lifetime ==
|
||||
( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) );
|
||||
TEST_ASSERT( mock_import_data.attributes.core.policy.usage ==
|
||||
@ -387,7 +401,7 @@ void mock_export( int mock_export_return_value, int expected_result )
|
||||
psa_drv_se_key_management_t key_management;
|
||||
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
|
||||
@ -441,7 +455,7 @@ void mock_generate( int mock_alloc_return_value,
|
||||
psa_drv_se_key_management_t key_management;
|
||||
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
|
||||
@ -467,8 +481,20 @@ void mock_generate( int mock_alloc_return_value,
|
||||
TEST_ASSERT( mock_allocate_data.called == 1 );
|
||||
TEST_ASSERT( mock_generate_data.called ==
|
||||
( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) );
|
||||
TEST_ASSERT( mock_generate_data.attributes.core.id ==
|
||||
( mock_alloc_return_value == PSA_SUCCESS? id : 0 ) );
|
||||
|
||||
if( mock_alloc_return_value == PSA_SUCCESS )
|
||||
{
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
mock_generate_data.attributes.core.id, id ) );
|
||||
}
|
||||
else
|
||||
{
|
||||
TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_KEY_ID(
|
||||
mock_generate_data.attributes.core.id ) == 0 );
|
||||
TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(
|
||||
mock_generate_data.attributes.core.id ) == 0 );
|
||||
}
|
||||
|
||||
TEST_ASSERT( mock_generate_data.attributes.core.lifetime ==
|
||||
( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) );
|
||||
TEST_ASSERT( mock_generate_data.attributes.core.policy.usage ==
|
||||
@ -496,7 +522,7 @@ void mock_export_public( int mock_export_public_return_value,
|
||||
psa_drv_se_key_management_t key_management;
|
||||
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
|
||||
@ -546,7 +572,7 @@ void mock_sign( int mock_sign_return_value, int expected_result )
|
||||
psa_drv_se_asymmetric_t asymmetric;
|
||||
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
|
||||
@ -607,7 +633,7 @@ void mock_verify( int mock_verify_return_value, int expected_result )
|
||||
psa_drv_se_asymmetric_t asymmetric;
|
||||
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
|
||||
psa_key_id_t id = 1;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
|
||||
psa_key_handle_t handle = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
|
||||
|
||||
@ -14,61 +14,61 @@ Transient slot, check after restart with live handles
|
||||
transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
|
||||
|
||||
Persistent slot, check after closing, id=min
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
|
||||
|
||||
Persistent slot, check after closing and restarting, id=min
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
|
||||
|
||||
Persistent slot, check after destroying, id=min
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
|
||||
|
||||
Persistent slot, check after destroying and restarting, id=min
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
|
||||
|
||||
Persistent slot, check after restart with live handle, id=min
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
|
||||
|
||||
Persistent slot, check after closing, id=max
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:129:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
|
||||
|
||||
Persistent slot, check after destroying, id=max
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:130:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
|
||||
|
||||
Persistent slot, check after restart, id=max
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:131:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
|
||||
|
||||
Persistent slot: ECP keypair (ECDSA, exportable), close
|
||||
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE
|
||||
|
||||
Persistent slot: ECP keypair (ECDSA, exportable), close+restart
|
||||
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:133:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN
|
||||
|
||||
Persistent slot: ECP keypair (ECDSA, exportable), restart
|
||||
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:134:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN
|
||||
|
||||
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close
|
||||
depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE
|
||||
|
||||
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart
|
||||
depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:136:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN
|
||||
|
||||
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart
|
||||
depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN
|
||||
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN
|
||||
|
||||
Attempt to overwrite: close before
|
||||
create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE
|
||||
create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x1736:1:CLOSE_BEFORE
|
||||
|
||||
Attempt to overwrite: close after
|
||||
create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_AFTER
|
||||
create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x7361:1:CLOSE_AFTER
|
||||
|
||||
Attempt to overwrite: keep open
|
||||
create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:KEEP_OPEN
|
||||
create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x3617:1:KEEP_OPEN
|
||||
|
||||
Open failure: invalid identifier (0)
|
||||
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
@ -118,23 +118,27 @@ depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED
|
||||
|
||||
Copy volatile to volatile
|
||||
copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
||||
copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0x10:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0x10:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
||||
|
||||
Copy volatile to persistent
|
||||
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
||||
copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0x100:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x100:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
||||
|
||||
Copy persistent to volatile
|
||||
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
||||
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x1000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0x1000:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
||||
|
||||
Copy persistent to persistent
|
||||
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
||||
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10000:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
||||
|
||||
Copy persistent to persistent, same id but different owner
|
||||
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
|
||||
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10001:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
||||
|
||||
Copy persistent to persistent with enrollment algorithm
|
||||
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
|
||||
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
|
||||
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x100000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0x100000:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
|
||||
|
||||
Copy volatile to occupied
|
||||
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
|
||||
@ -34,21 +34,22 @@ typedef enum
|
||||
* code. */
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
|
||||
static psa_key_id_t key_ids_used_in_test[9];
|
||||
static mbedtls_svc_key_id_t key_ids_used_in_test[9];
|
||||
static size_t num_key_ids_used;
|
||||
|
||||
/* Record a key id as potentially used in a test case. */
|
||||
static int test_uses_key_id( psa_key_id_t key_id )
|
||||
static int test_uses_key_id( mbedtls_svc_key_id_t key_id )
|
||||
{
|
||||
size_t i;
|
||||
if( key_id > PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
|
||||
if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key_id ) >
|
||||
PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
|
||||
{
|
||||
/* Don't touch key id values that designate non-key files. */
|
||||
return( 1 );
|
||||
}
|
||||
for( i = 0; i < num_key_ids_used ; i++ )
|
||||
{
|
||||
if( key_id == key_ids_used_in_test[i] )
|
||||
if( mbedtls_svc_key_id_equal( key_id, key_ids_used_in_test[i] ) )
|
||||
return( 1 );
|
||||
}
|
||||
if( num_key_ids_used == ARRAY_LENGTH( key_ids_used_in_test ) )
|
||||
@ -172,13 +173,13 @@ exit:
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
|
||||
void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
|
||||
void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
|
||||
int usage_arg, int alg_arg, int alg2_arg,
|
||||
int type_arg, data_t *key_data,
|
||||
int close_method_arg )
|
||||
{
|
||||
psa_key_lifetime_t lifetime = lifetime_arg;
|
||||
psa_key_id_t id = id_arg;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
psa_algorithm_t alg2 = alg2_arg;
|
||||
psa_key_usage_t usage_flags = usage_arg;
|
||||
@ -190,6 +191,12 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
|
||||
uint8_t *reexported = NULL;
|
||||
size_t reexported_length = -1;
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
|
||||
mbedtls_svc_key_id_t wrong_owner_id =
|
||||
mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg );
|
||||
psa_key_handle_t invalid_handle = 0;
|
||||
#endif
|
||||
|
||||
TEST_USES_KEY_ID( id );
|
||||
|
||||
PSA_ASSERT( psa_crypto_init( ) );
|
||||
@ -204,9 +211,16 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
|
||||
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
|
||||
&handle ) );
|
||||
TEST_ASSERT( handle != 0 );
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
|
||||
TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ),
|
||||
PSA_ERROR_DOES_NOT_EXIST );
|
||||
#endif
|
||||
|
||||
PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ), id );
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
psa_get_key_id( &attributes ), id ) );
|
||||
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
|
||||
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
|
||||
TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 );
|
||||
@ -214,10 +228,17 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
|
||||
|
||||
/* Close the key and reopen it. */
|
||||
PSA_ASSERT( psa_close_key( handle ) );
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
|
||||
TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ),
|
||||
PSA_ERROR_DOES_NOT_EXIST );
|
||||
#endif
|
||||
|
||||
PSA_ASSERT( psa_open_key( id, &handle ) );
|
||||
PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ), id );
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
psa_get_key_id( &attributes ), id ) );
|
||||
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
|
||||
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
|
||||
TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 );
|
||||
@ -247,8 +268,9 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
|
||||
PSA_ASSERT( psa_get_key_attributes( handle, &read_attributes ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ),
|
||||
psa_get_key_lifetime( &read_attributes ) );
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ),
|
||||
psa_get_key_id( &read_attributes ) );
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
psa_get_key_id( &attributes ),
|
||||
psa_get_key_id( &read_attributes ) ) );
|
||||
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
|
||||
TEST_EQUAL( psa_get_key_algorithm( &attributes ),
|
||||
psa_get_key_algorithm( &read_attributes ) );
|
||||
@ -292,11 +314,11 @@ exit:
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
|
||||
void create_existent( int lifetime_arg, int id_arg,
|
||||
void create_existent( int lifetime_arg, int owner_id_arg, int id_arg,
|
||||
int reopen_policy_arg )
|
||||
{
|
||||
psa_key_lifetime_t lifetime = lifetime_arg;
|
||||
psa_key_id_t id = id_arg;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
|
||||
psa_key_handle_t handle1 = 0, handle2 = 0;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA;
|
||||
@ -338,7 +360,8 @@ void create_existent( int lifetime_arg, int id_arg,
|
||||
/* Check that the original key hasn't changed. */
|
||||
psa_reset_key_attributes( &attributes );
|
||||
PSA_ASSERT( psa_get_key_attributes( handle1, &attributes ) );
|
||||
TEST_EQUAL( psa_get_key_id( &attributes ), id );
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
psa_get_key_id( &attributes ), id ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
|
||||
TEST_EQUAL( psa_get_key_type( &attributes ), type1 );
|
||||
TEST_EQUAL( psa_get_key_bits( &attributes ), bits1 );
|
||||
@ -363,7 +386,7 @@ exit:
|
||||
void open_fail( int id_arg,
|
||||
int expected_status_arg )
|
||||
{
|
||||
psa_key_id_t id = id_arg;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg );
|
||||
psa_status_t expected_status = expected_status_arg;
|
||||
psa_key_handle_t handle = 0xdead;
|
||||
|
||||
@ -382,7 +405,7 @@ void create_fail( int lifetime_arg, int id_arg,
|
||||
int expected_status_arg )
|
||||
{
|
||||
psa_key_lifetime_t lifetime = lifetime_arg;
|
||||
psa_key_id_t id = id_arg;
|
||||
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg );
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_status_t expected_status = expected_status_arg;
|
||||
psa_key_handle_t handle = 0xdead;
|
||||
@ -409,25 +432,27 @@ exit:
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg,
|
||||
int source_usage_arg,
|
||||
void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg,
|
||||
int source_id_arg, int source_usage_arg,
|
||||
int source_alg_arg, int source_alg2_arg,
|
||||
int type_arg, data_t *material,
|
||||
int target_lifetime_arg, int target_id_arg,
|
||||
int target_usage_arg,
|
||||
int target_lifetime_arg, int target_owner_id_arg,
|
||||
int target_id_arg, int target_usage_arg,
|
||||
int target_alg_arg, int target_alg2_arg,
|
||||
int expected_usage_arg,
|
||||
int expected_alg_arg, int expected_alg2_arg )
|
||||
{
|
||||
psa_key_lifetime_t source_lifetime = source_lifetime_arg;
|
||||
psa_key_id_t source_id = source_id_arg;
|
||||
mbedtls_svc_key_id_t source_id =
|
||||
mbedtls_svc_key_id_make( source_owner_id_arg, source_id_arg );
|
||||
psa_key_usage_t source_usage = source_usage_arg;
|
||||
psa_algorithm_t source_alg = source_alg_arg;
|
||||
psa_key_handle_t source_handle = 0;
|
||||
psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_key_type_t source_type = type_arg;
|
||||
psa_key_lifetime_t target_lifetime = target_lifetime_arg;
|
||||
psa_key_id_t target_id = target_id_arg;
|
||||
mbedtls_svc_key_id_t target_id =
|
||||
mbedtls_svc_key_id_make( target_owner_id_arg, target_id_arg );
|
||||
psa_key_usage_t target_usage = target_usage_arg;
|
||||
psa_algorithm_t target_alg = target_alg_arg;
|
||||
psa_key_handle_t target_handle = 0;
|
||||
@ -443,11 +468,9 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg,
|
||||
PSA_ASSERT( psa_crypto_init( ) );
|
||||
|
||||
/* Populate the source slot. */
|
||||
if( source_lifetime != PSA_KEY_LIFETIME_VOLATILE )
|
||||
{
|
||||
psa_set_key_id( &source_attributes, source_id );
|
||||
psa_set_key_lifetime( &source_attributes, source_lifetime );
|
||||
}
|
||||
psa_set_key_id( &source_attributes, source_id );
|
||||
psa_set_key_lifetime( &source_attributes, source_lifetime );
|
||||
|
||||
psa_set_key_type( &source_attributes, source_type );
|
||||
psa_set_key_usage_flags( &source_attributes, source_usage );
|
||||
psa_set_key_algorithm( &source_attributes, source_alg );
|
||||
@ -459,11 +482,9 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg,
|
||||
PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) );
|
||||
|
||||
/* Prepare the target slot. */
|
||||
if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE )
|
||||
{
|
||||
psa_set_key_id( &target_attributes, target_id );
|
||||
psa_set_key_lifetime( &target_attributes, target_lifetime );
|
||||
}
|
||||
psa_set_key_id( &target_attributes, target_id );
|
||||
psa_set_key_lifetime( &target_attributes, target_lifetime );
|
||||
|
||||
psa_set_key_usage_flags( &target_attributes, target_usage );
|
||||
psa_set_key_algorithm( &target_attributes, target_alg );
|
||||
psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg );
|
||||
@ -487,7 +508,21 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg,
|
||||
/* Test that the target slot has the expected content. */
|
||||
psa_reset_key_attributes( &target_attributes );
|
||||
PSA_ASSERT( psa_get_key_attributes( target_handle, &target_attributes ) );
|
||||
TEST_EQUAL( target_id, psa_get_key_id( &target_attributes ) );
|
||||
|
||||
if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE )
|
||||
{
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
target_id, psa_get_key_id( &target_attributes ) ) );
|
||||
}
|
||||
else
|
||||
{
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
|
||||
TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( target_id ),
|
||||
target_owner_id_arg );
|
||||
#endif
|
||||
TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( target_id ), 0 );
|
||||
}
|
||||
|
||||
TEST_EQUAL( target_lifetime, psa_get_key_lifetime( &target_attributes ) );
|
||||
TEST_EQUAL( source_type, psa_get_key_type( &target_attributes ) );
|
||||
TEST_EQUAL( psa_get_key_bits( &source_attributes ),
|
||||
@ -534,13 +569,15 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg,
|
||||
int target_type_arg, data_t *target_material )
|
||||
{
|
||||
psa_key_lifetime_t source_lifetime = source_lifetime_arg;
|
||||
psa_key_id_t source_id = source_id_arg;
|
||||
mbedtls_svc_key_id_t source_id =
|
||||
mbedtls_svc_key_id_make( 1, source_id_arg );
|
||||
psa_key_usage_t source_usage = source_usage_arg;
|
||||
psa_algorithm_t source_alg = source_alg_arg;
|
||||
psa_key_handle_t source_handle = 0;
|
||||
psa_key_type_t source_type = source_type_arg;
|
||||
psa_key_lifetime_t target_lifetime = target_lifetime_arg;
|
||||
psa_key_id_t target_id = target_id_arg;
|
||||
mbedtls_svc_key_id_t target_id =
|
||||
mbedtls_svc_key_id_make( 1, target_id_arg );
|
||||
psa_key_usage_t target_usage = target_usage_arg;
|
||||
psa_algorithm_t target_alg = target_alg_arg;
|
||||
psa_key_handle_t target_handle = 0;
|
||||
@ -570,7 +607,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg,
|
||||
&source_handle ) );
|
||||
|
||||
/* Populate the target slot. */
|
||||
if( target_id == source_id )
|
||||
if( mbedtls_svc_key_id_equal( target_id, source_id ) )
|
||||
{
|
||||
target_handle = source_handle;
|
||||
}
|
||||
@ -597,8 +634,9 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg,
|
||||
|
||||
/* Test that the target slot is unaffected. */
|
||||
PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes2 ) );
|
||||
TEST_EQUAL( psa_get_key_id( &attributes1 ),
|
||||
psa_get_key_id( &attributes2 ) );
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||
psa_get_key_id( &attributes1 ),
|
||||
psa_get_key_id( &attributes2 ) ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &attributes1 ),
|
||||
psa_get_key_lifetime( &attributes2 ) );
|
||||
TEST_EQUAL( psa_get_key_type( &attributes1 ),
|
||||
|
||||
Reference in New Issue
Block a user