From 4a044739a8443fcfbb9cf9d89f862389b3dd3066 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 18:19:39 +0100 Subject: [PATCH] Fix the build without persistent storage Add missing guards on MBEDTLS_PSA_CRYPTO_STORAGE_C. Add test cases to test that psa_create_key and psa_open_key return NOT_SUPPORTED. --- library/psa_crypto.c | 7 +++++++ .../test_suite_psa_crypto_slot_management.data | 13 +++++++++++++ .../test_suite_psa_crypto_slot_management.function | 10 ++++++++-- 3 files changed, 28 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ce9e3e5f2..c67c8a798 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -888,6 +888,7 @@ psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ) psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, psa_key_id_t id ) { +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) key_slot_t *slot; psa_status_t status; @@ -909,6 +910,12 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, status = psa_load_persistent_key_into_slot( slot ); return( status ); + +#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ + (void) handle; + (void) id; + return( PSA_ERROR_NOT_SUPPORTED ); +#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ } psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 133f4c873..39e05abf8 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -38,20 +38,33 @@ depends_on:MBEDTLS_AES_C create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:KEEP_OPEN Open failure: non-existent identifier +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT Open failure: volatile lifetime +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT Open failure: invalid lifetime +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT Create failure: volatile lifetime +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT Create failure: invalid lifetime +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT +Open not supported +depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C +open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED + +Create not supported +depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C +create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_NOT_SUPPORTED + Close/destroy invalid handle invalid_handle: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 753a70564..754aae08d 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -29,6 +29,7 @@ typedef enum * identifier, and must call psa_purge_key_storage() in their cleanup * code. */ +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) /* There is no API to purge all keys. For this test suite, require that * all key IDs be less than a certain maximum. */ #define MAX_KEY_ID_FOR_TEST 32 @@ -43,6 +44,9 @@ void psa_purge_key_storage( void ) for( i = 0; i <= MAX_KEY_ID_FOR_TEST; i++ ) psa_destroy_persistent_key( i ); } +#else +#define TEST_MAX_KEY_ID( key_id ) ( (void) ( key_id ) ) +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ static int psa_key_policy_equal( psa_key_policy_t *p1, psa_key_policy_t *p2 ) @@ -109,7 +113,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, int type_arg, int max_bits_arg, int alg_arg, int usage_arg, @@ -188,7 +192,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void create_existent( int lifetime_arg, int id_arg, int new_type_arg, int reopen_policy_arg ) @@ -293,7 +297,9 @@ void create_fail( int lifetime_arg, int id_arg, exit: mbedtls_psa_crypto_free( ); +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_purge_key_storage( ); +#endif } /* END_CASE */