diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6a7bce880..564dd872b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -93,6 +93,24 @@ psa_status_t psa_crypto_init(void); /**@}*/ +/** \defgroup attributes Key attributes + * @{ + */ + +/** The type of a structure containing key attributes. + * + * This is an opaque structure that can represent the metadata of a key + * object, including the key type and size, domain parameters, usage policies, + * location in storage, and any other similar information. + * + * The actual key material is not considered an attribute of a key. + * Key attributes do not contain information that is generally considered + * highly confidential. + */ +typedef struct psa_key_attributes_s psa_key_attributes_t; + +/**@}*/ + /** \defgroup policy Key policies * @{ */ @@ -231,26 +249,6 @@ psa_status_t psa_get_key_policy(psa_key_handle_t handle, * @{ */ -/** \brief Retrieve the lifetime of an open key. - * - * \param handle Handle to query. - * \param[out] lifetime On success, the lifetime value. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_lifetime(psa_key_handle_t handle, - psa_key_lifetime_t *lifetime); - - /** Allocate a key slot for a transient key, i.e. a key which is only stored * in volatile memory. * @@ -302,43 +300,6 @@ psa_status_t psa_open_key(psa_key_lifetime_t lifetime, psa_key_id_t id, psa_key_handle_t *handle); -/** Create a new persistent key slot. - * - * Create a new persistent key slot and return a handle to it. The handle - * remains valid until the application calls psa_close_key() or terminates. - * The application can open the key again with psa_open_key() until it - * removes the key by calling psa_destroy_key(). - * - * \param lifetime The lifetime of the key. This designates a storage - * area where the key material is stored. This must not - * be #PSA_KEY_LIFETIME_VOLATILE. - * \param id The persistent identifier of the key. - * \param[out] handle On success, a handle to the newly created key slot. - * When key material is later created in this key slot, - * it will be saved to the specified persistent location. - * - * \retval #PSA_SUCCESS - * Success. The application can now use the value of `*handle` - * to access the newly allocated key slot. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_ALREADY_EXISTS - * There is already a key with the identifier \p id in the storage - * area designated by \p lifetime. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p id is invalid for the specified lifetime. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p lifetime is not supported. - * \retval #PSA_ERROR_NOT_PERMITTED - * \p lifetime is valid, but the application does not have the - * permission to create a key there. - */ -psa_status_t psa_create_key(psa_key_lifetime_t lifetime, - psa_key_id_t id, - psa_key_handle_t *handle); - /** Close a key handle. * * If the handle designates a volatile key, destroy the key material and @@ -417,7 +378,8 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_import_key(psa_key_handle_t handle, +psa_status_t psa_import_key(const psa_key_attributes_t *attributes, + psa_key_handle_t *handle, psa_key_type_t type, const uint8_t *data, size_t data_length); @@ -809,8 +771,8 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_copy_key(psa_key_handle_t source_handle, - psa_key_handle_t target_handle, - const psa_key_policy_t *constraint); + const psa_key_attributes_t *attributes, + psa_key_handle_t *target_handle); /**@}*/ @@ -3006,7 +2968,8 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generator_import_key(psa_key_handle_t handle, +psa_status_t psa_generator_import_key(const psa_key_attributes_t *attributes, + psa_key_handle_t *handle, psa_key_type_t type, size_t bits, psa_crypto_generator_t *generator); @@ -3398,7 +3361,8 @@ typedef struct { * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_key(psa_key_handle_t handle, +psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, + psa_key_handle_t *handle, psa_key_type_t type, size_t bits, const void *extra, diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 093355d3c..efd1b76da 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -202,6 +202,93 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, /* FIXME Deprecated. Remove this as soon as all the tests are updated. */ #define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001) +/** \defgroup to_handle Key creation to allocated handle + * @{ + * + * The functions in this section are legacy interfaces where the properties + * of a key object are set after allocating a handle, in constrast with the + * preferred interface where key objects are created atomically from + * a structure that represents the properties. + */ + +/** Create a new persistent key slot. + * + * Create a new persistent key slot and return a handle to it. The handle + * remains valid until the application calls psa_close_key() or terminates. + * The application can open the key again with psa_open_key() until it + * removes the key by calling psa_destroy_key(). + * + * \param lifetime The lifetime of the key. This designates a storage + * area where the key material is stored. This must not + * be #PSA_KEY_LIFETIME_VOLATILE. + * \param id The persistent identifier of the key. + * \param[out] handle On success, a handle to the newly created key slot. + * When key material is later created in this key slot, + * it will be saved to the specified persistent location. + * + * \retval #PSA_SUCCESS + * Success. The application can now use the value of `*handle` + * to access the newly allocated key slot. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_ALREADY_EXISTS + * There is already a key with the identifier \p id in the storage + * area designated by \p lifetime. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p id is invalid for the specified lifetime. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p lifetime is not supported. + * \retval #PSA_ERROR_NOT_PERMITTED + * \p lifetime is valid, but the application does not have the + * permission to create a key there. + */ +psa_status_t psa_create_key(psa_key_lifetime_t lifetime, + psa_key_id_t id, + psa_key_handle_t *handle); + +/** \brief Retrieve the lifetime of an open key. + * + * \param handle Handle to query. + * \param[out] lifetime On success, the lifetime value. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_get_key_lifetime_from_handle(psa_key_handle_t handle, + psa_key_lifetime_t *lifetime); + +psa_status_t psa_import_key_to_handle(psa_key_handle_t handle, + psa_key_type_t type, + const uint8_t *data, + size_t data_length); + +psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, + psa_key_handle_t target_handle, + const psa_key_policy_t *constraint); + +psa_status_t psa_generator_import_key_to_handle(psa_key_handle_t handle, + psa_key_type_t type, + size_t bits, + psa_crypto_generator_t *generator); + +psa_status_t psa_generate_key_to_handle(psa_key_handle_t handle, + psa_key_type_t type, + size_t bits, + const void *extra, + size_t extra_size); + +/**@}*/ + #ifdef __cplusplus } #endif diff --git a/library/cipher.c b/library/cipher.c index e854cf669..11f6f8e3a 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -338,7 +338,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); /* Populate new key slot. */ - status = psa_import_key( cipher_psa->slot, + status = psa_import_key_to_handle( cipher_psa->slot, key_type, key, key_bytelen ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); diff --git a/library/pk.c b/library/pk.c index a1e278e73..6bbfdd1dd 100644 --- a/library/pk.c +++ b/library/pk.c @@ -629,7 +629,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); /* import private key in slot */ - if( PSA_SUCCESS != psa_import_key( key, key_type, d, d_len ) ) + if( PSA_SUCCESS != psa_import_key_to_handle( key, key_type, d, d_len ) ) return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); /* remember slot number to be destroyed later by caller */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index c7f879ab5..0c7482571 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -589,7 +589,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, goto cleanup; } - if( psa_import_key( key_slot, psa_type, buf + sizeof( buf ) - key_len, key_len ) + if( psa_import_key_to_handle( key_slot, psa_type, buf + sizeof( buf ) - key_len, key_len ) != PSA_SUCCESS ) { ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3ecab01b5..2fab91cc2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -903,7 +903,7 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) return( status ); } -psa_status_t psa_import_key( psa_key_handle_t handle, +psa_status_t psa_import_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, const uint8_t *data, size_t data_length ) @@ -1228,7 +1228,7 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 ); if( status != PSA_SUCCESS ) goto exit; - status = psa_import_key( target, source->type, buffer, length ); + status = psa_import_key_to_handle( target, source->type, buffer, length ); exit: if( buffer_size != 0 ) @@ -1237,7 +1237,7 @@ exit: return( status ); } -psa_status_t psa_copy_key(psa_key_handle_t source_handle, +psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, psa_key_handle_t target_handle, const psa_key_policy_t *constraint) { @@ -3277,7 +3277,7 @@ psa_status_t psa_get_key_policy( psa_key_handle_t handle, /* Key Lifetime */ /****************************************************************/ -psa_status_t psa_get_key_lifetime( psa_key_handle_t handle, +psa_status_t psa_get_key_lifetime_from_handle( psa_key_handle_t handle, psa_key_lifetime_t *lifetime ) { psa_key_slot_t *slot; @@ -3996,7 +3996,7 @@ static void psa_des_set_key_parity( uint8_t *data, size_t data_size ) } #endif /* MBEDTLS_DES_C */ -psa_status_t psa_generator_import_key( psa_key_handle_t handle, +psa_status_t psa_generator_import_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, size_t bits, psa_crypto_generator_t *generator ) @@ -4020,7 +4020,7 @@ psa_status_t psa_generator_import_key( psa_key_handle_t handle, if( type == PSA_KEY_TYPE_DES ) psa_des_set_key_parity( data, bytes ); #endif /* MBEDTLS_DES_C */ - status = psa_import_key( handle, type, data, bytes ); + status = psa_import_key_to_handle( handle, type, data, bytes ); exit: mbedtls_free( data ); @@ -4749,7 +4749,7 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, } #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ -psa_status_t psa_generate_key( psa_key_handle_t handle, +psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, size_t bits, const void *extra, diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 4e5b3a602..65bc64cb7 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3148,7 +3148,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); /* Generate ECDH private key. */ - status = psa_generate_key( handshake->ecdh_psa_privkey, + status = psa_generate_key_to_handle( handshake->ecdh_psa_privkey, PSA_KEY_TYPE_ECC_KEYPAIR( handshake->ecdh_psa_curve ), MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( handshake->ecdh_psa_curve ), NULL, 0 ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 660d548e4..26814429e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -544,7 +544,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - status = psa_import_key( master_slot, PSA_KEY_TYPE_DERIVE, secret, slen ); + status = psa_import_key_to_handle( master_slot, PSA_KEY_TYPE_DERIVE, secret, slen ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 2f7c4453d..90cc0006a 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -179,7 +179,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) alg ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -229,7 +229,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) alg ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -277,7 +277,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) alg ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 23c234753..1c3d92195 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -208,7 +208,7 @@ static psa_status_t generate( const char *key_file_name ) KDF_ALG ); PSA_CHECK( psa_set_key_policy( key_handle, &policy ) ); - PSA_CHECK( psa_generate_key( key_handle, + PSA_CHECK( psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), NULL, 0 ) ); @@ -255,7 +255,7 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, PSA_CHECK( psa_allocate_key( master_key_handle ) ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) ); - PSA_CHECK( psa_import_key( *master_key_handle, + PSA_CHECK( psa_import_key_to_handle( *master_key_handle, PSA_KEY_TYPE_DERIVE, key_data, key_size ) ); exit: @@ -309,7 +309,7 @@ static psa_status_t derive_key_ladder( const char *ladder[], PSA_CHECK( psa_set_key_policy( *key_handle, &policy ) ); /* Use the generator obtained from the parent key to create * the next intermediate key. */ - PSA_CHECK( psa_generator_import_key( + PSA_CHECK( psa_generator_import_key_to_handle( *key_handle, PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), @@ -348,7 +348,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH, NULL, 0, PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) ); - PSA_CHECK( psa_generator_import_key( + PSA_CHECK( psa_generator_import_key_to_handle( *wrapping_key_handle, PSA_KEY_TYPE_AES, WRAPPING_KEY_BITS, diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index d85d9ed3d..7415b63a9 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -97,7 +97,7 @@ psa_key_handle_t pk_psa_genkey( void ) return( PK_PSA_INVALID_SLOT ); /* generate key */ - if( PSA_SUCCESS != psa_generate_key( key, type, bits, NULL, 0 ) ) + if( PSA_SUCCESS != psa_generate_key_to_handle( key, type, bits, NULL, 0 ) ) return( PK_PSA_INVALID_SLOT ); return( key ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e01736434..7972597be 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -216,7 +216,7 @@ int exercise_mac_setup( psa_key_type_t key_type, PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) ); + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_bytes, key_length ) ); *status = psa_mac_sign_setup( operation, handle, alg ); /* Whether setup succeeded or failed, abort must succeed. */ @@ -250,7 +250,7 @@ int exercise_cipher_setup( psa_key_type_t key_type, PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) ); + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_bytes, key_length ) ); *status = psa_cipher_encrypt_setup( operation, handle, alg ); /* Whether setup succeeded or failed, abort must succeed. */ @@ -1118,7 +1118,7 @@ void import( data_t *data, int type, int expected_status_arg ) PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( &handle ) ); - status = psa_import_key( handle, type, data->x, data->len ); + status = psa_import_key_to_handle( handle, type, data->x, data->len ); TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) PSA_ASSERT( psa_destroy_key( handle ) ); @@ -1151,9 +1151,9 @@ void import_twice( int alg_arg, int usage_arg, psa_key_policy_set_usage( &policy, usage, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - status = psa_import_key( handle, type1, data1->x, data1->len ); + status = psa_import_key_to_handle( handle, type1, data1->x, data1->len ); TEST_EQUAL( status, expected_import1_status ); - status = psa_import_key( handle, type2, data2->x, data2->len ); + status = psa_import_key_to_handle( handle, type2, data2->x, data2->len ); TEST_EQUAL( status, expected_import2_status ); if( expected_import1_status == PSA_SUCCESS || @@ -1193,7 +1193,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) /* Try importing the key */ PSA_ASSERT( psa_allocate_key( &handle ) ); - status = psa_import_key( handle, type, p, length ); + status = psa_import_key_to_handle( handle, type, p, length ); TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) PSA_ASSERT( psa_destroy_key( handle ) ); @@ -1242,7 +1242,7 @@ void import_export( data_t *data, PSA_ERROR_DOES_NOT_EXIST ); /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data->x, data->len ) ); /* Test the key information */ @@ -1283,7 +1283,7 @@ void import_export( data_t *data, PSA_ASSERT( psa_allocate_key( &handle2 ) ); PSA_ASSERT( psa_set_key_policy( handle2, &policy ) ); - PSA_ASSERT( psa_import_key( handle2, type, + PSA_ASSERT( psa_import_key_to_handle( handle2, type, exported, exported_length ) ); PSA_ASSERT( psa_export_key( handle2, @@ -1321,11 +1321,11 @@ void import_key_nonempty_slot( ) PSA_ASSERT( psa_allocate_key( &handle ) ); /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data, sizeof( data ) ) ); /* Import the key again */ - status = psa_import_key( handle, type, data, sizeof( data ) ); + status = psa_import_key_to_handle( handle, type, data, sizeof( data ) ); TEST_EQUAL( status, PSA_ERROR_ALREADY_EXISTS ); exit: @@ -1424,7 +1424,7 @@ void export_after_import_failure( data_t *data, int type_arg, PSA_ASSERT( psa_allocate_key( &handle ) ); /* Import the key - expect failure */ - status = psa_import_key( handle, type, + status = psa_import_key_to_handle( handle, type, data->x, data->len ); TEST_EQUAL( status, expected_import_status ); @@ -1455,7 +1455,7 @@ void cipher_after_import_failure( data_t *data, int type_arg, PSA_ASSERT( psa_allocate_key( &handle ) ); /* Import the key - expect failure */ - status = psa_import_key( handle, type, + status = psa_import_key_to_handle( handle, type, data->x, data->len ); TEST_EQUAL( status, expected_import_status ); @@ -1489,7 +1489,7 @@ void export_after_destroy_key( data_t *data, int type_arg ) ASSERT_ALLOC( exported, export_size ); /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data->x, data->len ) ); PSA_ASSERT( psa_export_key( handle, exported, export_size, @@ -1534,7 +1534,7 @@ void import_export_public_key( data_t *data, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data->x, data->len ) ); /* Export the public key */ @@ -1584,7 +1584,7 @@ void import_and_exercise_key( data_t *data, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Import the key */ - status = psa_import_key( handle, type, data->x, data->len ); + status = psa_import_key_to_handle( handle, type, data->x, data->len ); PSA_ASSERT( status ); /* Test the key information */ @@ -1626,7 +1626,7 @@ void key_policy( int usage_arg, int alg_arg ) TEST_EQUAL( psa_key_policy_get_algorithm( &policy_set ), alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key, sizeof( key ) ) ); PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) ); @@ -1684,7 +1684,7 @@ void mac_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = psa_mac_sign_setup( &operation, handle, exercise_alg ); @@ -1728,7 +1728,7 @@ void cipher_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); @@ -1780,7 +1780,7 @@ void aead_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = psa_aead_encrypt( handle, exercise_alg, @@ -1835,7 +1835,7 @@ void asymmetric_encryption_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, @@ -1903,7 +1903,7 @@ void asymmetric_signature_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = psa_asymmetric_sign( handle, exercise_alg, @@ -1948,7 +1948,7 @@ void derive_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = psa_key_derivation( &generator, handle, @@ -1988,7 +1988,7 @@ void agreement_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, exercise_alg ) ); @@ -2026,7 +2026,7 @@ void raw_agreement_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = raw_key_agreement_with_self( exercise_alg, handle ); @@ -2084,7 +2084,7 @@ void copy_key_policy( int source_usage_arg, int source_alg_arg, PSA_ASSERT( psa_allocate_key( &source_handle ) ); psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key( source_handle, source_type, + PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, material->x, material->len ) ); PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); @@ -2095,7 +2095,7 @@ void copy_key_policy( int source_usage_arg, int source_alg_arg, target_policy = psa_key_policy_init(); /* Copy the key. */ - PSA_ASSERT( psa_copy_key( source_handle, target_handle, p_constraint ) ); + PSA_ASSERT( psa_copy_key_to_handle( source_handle, target_handle, p_constraint ) ); /* Destroy the source to ensure that this doesn't affect the target. */ PSA_ASSERT( psa_destroy_key( source_handle ) ); @@ -2170,7 +2170,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg, PSA_ASSERT( psa_allocate_key( &source_handle ) ); psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key( source_handle, source_type, + PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, material->x, material->len ) ); PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); @@ -2181,7 +2181,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg, target_policy = psa_key_policy_init(); /* Copy the key. */ - TEST_EQUAL( psa_copy_key( source_handle, target_handle, p_constraint ), + TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, p_constraint ), expected_status ); /* Test that the target slot is unaffected. */ @@ -2588,7 +2588,7 @@ void mac_bad_order( ) alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key, sizeof(key) ) ); /* Call update without calling setup beforehand. */ @@ -2715,7 +2715,7 @@ void mac_sign( int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); /* Calculate the MAC. */ @@ -2762,7 +2762,7 @@ void mac_verify( int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_mac_verify_setup( &operation, @@ -2882,7 +2882,7 @@ void cipher_bad_order( ) PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key, sizeof(key) ) ); @@ -3040,7 +3040,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, @@ -3110,7 +3110,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, @@ -3186,7 +3186,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, @@ -3260,7 +3260,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, @@ -3327,7 +3327,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, @@ -3413,7 +3413,7 @@ void cipher_verify_output_multipart( int alg_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, @@ -3517,7 +3517,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); TEST_EQUAL( psa_aead_encrypt( handle, alg, @@ -3580,7 +3580,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3629,7 +3629,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3688,7 +3688,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, @@ -3742,7 +3742,7 @@ void sign_fail( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3785,7 +3785,7 @@ void sign_verify( int key_type_arg, data_t *key_data, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, @@ -3852,7 +3852,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3885,7 +3885,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3929,7 +3929,7 @@ void asymmetric_encrypt( int key_type_arg, PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3999,7 +3999,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -4065,7 +4065,7 @@ void asymmetric_decrypt( int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -4129,7 +4129,7 @@ void asymmetric_decrypt_fail( int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -4216,7 +4216,7 @@ void derive_setup( int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -4253,7 +4253,7 @@ void test_derive_invalid_generator_state( ) psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data, sizeof( key_data ) ) ); @@ -4348,7 +4348,7 @@ void derive_output( int alg_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key_to_handle( handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) ); @@ -4445,7 +4445,7 @@ void derive_full( int alg_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key_to_handle( handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) ); @@ -4533,7 +4533,7 @@ void derive_key_exercise( int alg_arg, PSA_ASSERT( psa_allocate_key( &base_handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); - PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key_to_handle( base_handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) ); @@ -4545,7 +4545,7 @@ void derive_key_exercise( int alg_arg, PSA_ASSERT( psa_allocate_key( &derived_handle ) ); psa_key_policy_set_usage( &policy, derived_usage, derived_alg ); PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); - PSA_ASSERT( psa_generator_import_key( derived_handle, + PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle, derived_type, derived_bits, &generator ) ); @@ -4597,7 +4597,7 @@ void derive_key_export( int alg_arg, PSA_ASSERT( psa_allocate_key( &base_handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); - PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key_to_handle( base_handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) ); @@ -4619,7 +4619,7 @@ void derive_key_export( int alg_arg, PSA_ASSERT( psa_allocate_key( &derived_handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); - PSA_ASSERT( psa_generator_import_key( derived_handle, + PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle, PSA_KEY_TYPE_RAW_DATA, derived_bits, &generator ) ); @@ -4630,7 +4630,7 @@ void derive_key_export( int alg_arg, PSA_ASSERT( psa_destroy_key( derived_handle ) ); PSA_ASSERT( psa_allocate_key( &derived_handle ) ); PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); - PSA_ASSERT( psa_generator_import_key( derived_handle, + PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle, PSA_KEY_TYPE_RAW_DATA, PSA_BYTES_TO_BITS( bytes2 ), &generator ) ); @@ -4672,7 +4672,7 @@ void key_agreement_setup( int alg_arg, PSA_ASSERT( psa_allocate_key( &our_key ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key( our_key, our_key_type, + PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, our_key_data->x, our_key_data->len ) ); @@ -4719,7 +4719,7 @@ void raw_key_agreement( int alg_arg, PSA_ASSERT( psa_allocate_key( &our_key ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key( our_key, our_key_type, + PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, our_key_data->x, our_key_data->len ) ); @@ -4756,7 +4756,7 @@ void key_agreement_capacity( int alg_arg, PSA_ASSERT( psa_allocate_key( &our_key ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key( our_key, our_key_type, + PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, our_key_data->x, our_key_data->len ) ); @@ -4817,7 +4817,7 @@ void key_agreement_output( int alg_arg, PSA_ASSERT( psa_allocate_key( &our_key ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key( our_key, our_key_type, + PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, our_key_data->x, our_key_data->len ) ); @@ -4932,7 +4932,7 @@ void generate_key( int type_arg, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Generate a key */ - TEST_EQUAL( psa_generate_key( handle, type, bits, NULL, 0 ), + TEST_EQUAL( psa_generate_key_to_handle( handle, type, bits, NULL, 0 ), expected_status ); /* Test the key information */ @@ -4992,13 +4992,13 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, { case IMPORT_KEY: /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data->x, data->len ) ); break; case GENERATE_KEY: /* Generate a key */ - PSA_ASSERT( psa_generate_key( handle, type, bits, + PSA_ASSERT( psa_generate_key_to_handle( handle, type, bits, NULL, 0 ) ); break; @@ -5009,14 +5009,14 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, base_policy_alg ); PSA_ASSERT( psa_set_key_policy( base_key, &base_policy_set ) ); - PSA_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key_to_handle( base_key, PSA_KEY_TYPE_DERIVE, data->x, data->len ) ); /* Derive a key. */ PSA_ASSERT( psa_key_derivation( &generator, base_key, base_policy_alg, NULL, 0, NULL, 0, export_size ) ); - PSA_ASSERT( psa_generator_import_key( + PSA_ASSERT( psa_generator_import_key_to_handle( handle, PSA_KEY_TYPE_RAW_DATA, bits, &generator ) ); break; diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index c8f6e1b0a..9f464ac3f 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -189,7 +189,7 @@ void validate_module_init_key_based( int count ) PSA_ASSERT( status ); mbedtls_psa_crypto_free( ); } - status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) ); + status = psa_import_key_to_handle( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 90e10f66b..245eeef26 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -98,7 +98,7 @@ void save_large_persistent_key( int data_too_large, int expected_status ) PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ) ); - TEST_EQUAL( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA, + TEST_EQUAL( psa_import_key_to_handle( handle, PSA_KEY_TYPE_RAW_DATA, data, data_length ), expected_status ); @@ -126,7 +126,7 @@ void persistent_key_destroy( int key_id_arg, int should_store, if( should_store == 1 ) { - PSA_ASSERT( psa_import_key( + PSA_ASSERT( psa_import_key_to_handle( handle, first_type, first_data->x, first_data->len ) ); } @@ -147,7 +147,7 @@ void persistent_key_destroy( int key_id_arg, int should_store, /* Create another key in the same slot */ PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ) ); - PSA_ASSERT( psa_import_key( + PSA_ASSERT( psa_import_key_to_handle( handle, second_type, second_data->x, second_data->len ) ); @@ -170,7 +170,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ) ); - TEST_EQUAL( psa_import_key( handle, type, data->x, data->len ), + TEST_EQUAL( psa_import_key_to_handle( handle, type, data->x, data->len ), expected_status ); if( expected_status != PSA_SUCCESS ) @@ -179,7 +179,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, goto exit; } - PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime ) ); + PSA_ASSERT( psa_get_key_lifetime_from_handle( handle, &lifetime ) ); TEST_EQUAL( lifetime, PSA_KEY_LIFETIME_PERSISTENT ); exit: @@ -215,10 +215,10 @@ void import_export_persistent_key( data_t *data, int type_arg, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data->x, data->len ) ); - PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) ); + PSA_ASSERT( psa_get_key_lifetime_from_handle( handle, &lifetime_get ) ); TEST_EQUAL( lifetime_get, PSA_KEY_LIFETIME_PERSISTENT ); /* Test the key information */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 0278b880d..e39374344 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -84,7 +84,7 @@ void transient_slot_lifecycle( int alg_arg, int usage_arg, TEST_ASSERT( handle != 0 ); psa_key_policy_set_usage( &policy, usage_flags, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key_to_handle( handle, type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); TEST_EQUAL( read_type, type ); @@ -137,7 +137,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, TEST_ASSERT( handle != 0 ); psa_key_policy_set_usage( &policy, usage_flags, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key_to_handle( handle, type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); TEST_EQUAL( read_type, type ); @@ -215,7 +215,7 @@ void create_existent( int lifetime_arg, int id_arg, TEST_ASSERT( handle1 != 0 ); psa_key_policy_set_usage( &policy1, PSA_KEY_USAGE_EXPORT, 0 ); PSA_ASSERT( psa_set_key_policy( handle1, &policy1 ) ); - PSA_ASSERT( psa_import_key( handle1, type1, + PSA_ASSERT( psa_import_key_to_handle( handle1, type1, material1, sizeof( material1 ) ) ); if( reopen_policy == CLOSE_BEFORE ) @@ -334,7 +334,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, &source_handle ) ); psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key( source_handle, source_type, + PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, material->x, material->len ) ); PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); @@ -349,7 +349,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, target_policy = psa_key_policy_init(); /* Copy the key. */ - PSA_ASSERT( psa_copy_key( source_handle, target_handle, NULL ) ); + PSA_ASSERT( psa_copy_key_to_handle( source_handle, target_handle, NULL ) ); /* Destroy the source to ensure that this doesn't affect the target. */ PSA_ASSERT( psa_destroy_key( source_handle ) ); @@ -435,7 +435,7 @@ void copy_from_empty( int source_lifetime_arg, int source_id_arg, PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); /* Copy the key. */ - TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ), + TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, NULL ), PSA_ERROR_DOES_NOT_EXIST ); /* Test that the slots are unaffected. */ @@ -496,7 +496,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, &source_handle ) ); psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key( source_handle, source_type, + PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, source_material->x, source_material->len ) ); PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); @@ -508,12 +508,12 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, &target_handle ) ); psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); - PSA_ASSERT( psa_import_key( target_handle, target_type, + PSA_ASSERT( psa_import_key_to_handle( target_handle, target_type, target_material->x, target_material->len ) ); PSA_ASSERT( psa_get_key_information( target_handle, NULL, &target_bits ) ); /* Copy the key. */ - TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ), + TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, NULL ), PSA_ERROR_ALREADY_EXISTS ); /* Test that the target slot is unaffected. */ @@ -573,12 +573,12 @@ void copy_to_same( int lifetime_arg, int id_arg, &handle ) ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, material->x, material->len ) ); PSA_ASSERT( psa_get_key_information( handle, NULL, &bits ) ); /* Copy the key. */ - TEST_EQUAL( psa_copy_key( handle, handle, NULL ), + TEST_EQUAL( psa_copy_key_to_handle( handle, handle, NULL ), PSA_ERROR_ALREADY_EXISTS ); /* Test that the slot is unaffected. */ @@ -624,7 +624,7 @@ void invalid_handle( ) TEST_ASSERT( handle1 != 0 ); psa_key_policy_set_usage( &policy, 0, 0 ); PSA_ASSERT( psa_set_key_policy( handle1, &policy ) ); - PSA_ASSERT( psa_import_key( handle1, PSA_KEY_TYPE_RAW_DATA, + PSA_ASSERT( psa_import_key_to_handle( handle1, PSA_KEY_TYPE_RAW_DATA, material, sizeof( material ) ) ); /* Attempt to close and destroy some invalid handles. */ @@ -671,7 +671,7 @@ void many_transient_handles( int max_handles_arg ) for( j = 0; j < i; j++ ) TEST_ASSERT( handles[i] != handles[j] ); PSA_ASSERT( psa_set_key_policy( handles[i], &policy ) ); - PSA_ASSERT( psa_import_key( handles[i], PSA_KEY_TYPE_RAW_DATA, + PSA_ASSERT( psa_import_key_to_handle( handles[i], PSA_KEY_TYPE_RAW_DATA, (uint8_t *) &i, sizeof( i ) ) ); } max_handles = i;