yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-26 16:55:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Replace ITS specific types with more generic PSA storage types

Browse Source 
PSA spec now defines more generic PSA storage types instead of the ITS
specific ones. This is necessary in order to integrate with
the newer implementation of PSA ITS landing in Mbed OS soon.
Changes include the following:
- psa_status_t replaces psa_its_status_t
- psa_storage_info_t replaces psa_its_info_t
- psa_storage_uid_t replaces psa_its_uid_t
This commit is contained in:
David Saada 2019-02-18 13:56:26 +02:00
parent b4ecc27629
commit a2523b2c6d
4 changed files with 36 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/psa/crypto_extra.h
View File

@ -111,7 +111,6 @@ void mbedtls_psa_crypto_free( void );
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \p seed_size is out of range.
* \retval #PSA_ERROR_STORAGE_FAILURE
* \retval `PSA_ITS_ERROR_XXX`
* There was a failure reading or writing from storage.
* \retval #PSA_ERROR_NOT_PERMITTED
* The library has already been initialized. It is no longer

46
library/psa_crypto.c
View File

@ -4391,45 +4391,11 @@ psa_status_t psa_generate_random( uint8_t *output,
#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
/* Support function for error conversion between psa_its error codes to psa crypto */
static psa_status_t its_to_psa_error( psa_its_status_t ret )
{
switch( ret )
{
case PSA_ITS_SUCCESS:
return( PSA_SUCCESS );
case PSA_ITS_ERROR_UID_NOT_FOUND:
return( PSA_ERROR_DOES_NOT_EXIST );
case PSA_ITS_ERROR_STORAGE_FAILURE:
return( PSA_ERROR_STORAGE_FAILURE );
case PSA_ITS_ERROR_INSUFFICIENT_SPACE:
return( PSA_ERROR_INSUFFICIENT_STORAGE );
case PSA_ITS_ERROR_OFFSET_INVALID:
case PSA_ITS_ERROR_INCORRECT_SIZE:
case PSA_ITS_ERROR_INVALID_ARGUMENTS:
return( PSA_ERROR_INVALID_ARGUMENT );
case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED:
return( PSA_ERROR_NOT_SUPPORTED );
case PSA_ITS_ERROR_WRITE_ONCE:
return( PSA_ERROR_ALREADY_EXISTS );
default:
return( PSA_ERROR_GENERIC_ERROR );
}
}
psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
size_t seed_size )
{
psa_status_t status;
psa_its_status_t its_status;
struct psa_its_info_t p_info;
struct psa_storage_info_t p_info;
if( global_data.initialized )
return( PSA_ERROR_NOT_PERMITTED );
@ -4438,15 +4404,13 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
return( PSA_ERROR_INVALID_ARGUMENT );
its_status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info );
status = its_to_psa_error( its_status );
status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info );
if( PSA_ITS_ERROR_UID_NOT_FOUND == its_status ) /* No seed exists */
if( PSA_ERROR_DOES_NOT_EXIST == status ) /* No seed exists */
{
its_status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 );
status = its_to_psa_error( its_status );
status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 );
}
else if( PSA_ITS_SUCCESS == its_status )
else if( PSA_SUCCESS == status )
{
/* You should not be here. Seed needs to be injected only once */
status = PSA_ERROR_NOT_PERMITTED;

86
library/psa_crypto_storage_its.c
View File

@ -36,39 +36,7 @@
#include "mbedtls/platform.h"
#endif
static psa_status_t its_to_psa_error( psa_its_status_t ret )
{
switch( ret )
{
case PSA_ITS_SUCCESS:
return( PSA_SUCCESS );
case PSA_ITS_ERROR_UID_NOT_FOUND:
return( PSA_ERROR_DOES_NOT_EXIST );
case PSA_ITS_ERROR_STORAGE_FAILURE:
return( PSA_ERROR_STORAGE_FAILURE );
case PSA_ITS_ERROR_INSUFFICIENT_SPACE:
return( PSA_ERROR_INSUFFICIENT_STORAGE );
case PSA_ITS_ERROR_OFFSET_INVALID:
case PSA_ITS_ERROR_INCORRECT_SIZE:
case PSA_ITS_ERROR_INVALID_ARGUMENTS:
return( PSA_ERROR_INVALID_ARGUMENT );
case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED:
return( PSA_ERROR_NOT_SUPPORTED );
case PSA_ITS_ERROR_WRITE_ONCE:
return( PSA_ERROR_ALREADY_EXISTS );
default:
return( PSA_ERROR_UNKNOWN_ERROR );
}
}
static psa_its_uid_t psa_its_identifier_of_slot( psa_key_id_t key )
static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_id_t key )
{
return( key );
}
@ -76,31 +44,28 @@ static psa_its_uid_t psa_its_identifier_of_slot( psa_key_id_t key )
psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data,
size_t data_size )
{
psa_its_status_t ret;
psa_status_t status;
psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key );
struct psa_its_info_t data_identifier_info;
psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
struct psa_storage_info_t data_identifier_info;
ret = psa_its_get_info( data_identifier, &data_identifier_info );
status = its_to_psa_error( ret );
if( status != PSA_SUCCESS )
status = psa_its_get_info( data_identifier, &data_identifier_info );
if( status != PSA_SUCCESS )
return( status );
ret = psa_its_get( data_identifier, 0, data_size, data );
status = its_to_psa_error( ret );
status = psa_its_get( data_identifier, 0, data_size, data );
return( status );
}
int psa_is_key_present_in_storage( const psa_key_id_t key )
{
psa_its_status_t ret;
psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key );
struct psa_its_info_t data_identifier_info;
psa_status_t ret;
psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
struct psa_storage_info_t data_identifier_info;
ret = psa_its_get_info( data_identifier, &data_identifier_info );
if( ret == PSA_ITS_ERROR_UID_NOT_FOUND )
if( ret == PSA_ERROR_DOES_NOT_EXIST )
return( 0 );
return( 1 );
}
@ -109,23 +74,20 @@ psa_status_t psa_crypto_storage_store( const psa_key_id_t key,
const uint8_t *data,
size_t data_length )
{
psa_its_status_t ret;
psa_status_t status;
psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key );
struct psa_its_info_t data_identifier_info;
psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
struct psa_storage_info_t data_identifier_info;
if( psa_is_key_present_in_storage( key ) == 1 )
return( PSA_ERROR_ALREADY_EXISTS );
ret = psa_its_set( data_identifier, data_length, data, 0 );
status = its_to_psa_error( ret );
status = psa_its_set( data_identifier, data_length, data, 0 );
if( status != PSA_SUCCESS )
{
return( PSA_ERROR_STORAGE_FAILURE );
}
ret = psa_its_get_info( data_identifier, &data_identifier_info );
status = its_to_psa_error( ret );
status = psa_its_get_info( data_identifier, &data_identifier_info );
if( status != PSA_SUCCESS )
{
goto exit;
@ -145,19 +107,19 @@ exit:
psa_status_t psa_destroy_persistent_key( const psa_key_id_t key )
{
psa_its_status_t ret;
psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key );
struct psa_its_info_t data_identifier_info;
psa_status_t ret;
psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
struct psa_storage_info_t data_identifier_info;
ret = psa_its_get_info( data_identifier, &data_identifier_info );
if( ret == PSA_ITS_ERROR_UID_NOT_FOUND )
if( ret == PSA_ERROR_DOES_NOT_EXIST )
return( PSA_SUCCESS );
if( psa_its_remove( data_identifier ) != PSA_ITS_SUCCESS )
if( psa_its_remove( data_identifier ) != PSA_SUCCESS )
return( PSA_ERROR_STORAGE_FAILURE );
ret = psa_its_get_info( data_identifier, &data_identifier_info );
if( ret != PSA_ITS_ERROR_UID_NOT_FOUND )
if( ret != PSA_ERROR_DOES_NOT_EXIST )
return( PSA_ERROR_STORAGE_FAILURE );
return( PSA_SUCCESS );
@ -166,13 +128,11 @@ psa_status_t psa_destroy_persistent_key( const psa_key_id_t key )
psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key,
size_t *data_length )
{
psa_its_status_t ret;
psa_status_t status;
psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key );
struct psa_its_info_t data_identifier_info;
psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
struct psa_storage_info_t data_identifier_info;
ret = psa_its_get_info( data_identifier, &data_identifier_info );
status = its_to_psa_error( ret );
status = psa_its_get_info( data_identifier, &data_identifier_info );
if( status != PSA_SUCCESS )
return( status );

18
tests/suites/test_suite_psa_crypto_entropy.function
View File

@ -22,7 +22,6 @@ void validate_entropy_seed_injection( int seed_length_a,
int seed_length_b,
int expected_status_b )
{
psa_its_status_t its_status;
psa_status_t status;
uint8_t output[32] = { 0 };
uint8_t zeros[32] = { 0 };
@ -43,9 +42,9 @@ void validate_entropy_seed_injection( int seed_length_a,
{
seed[i] = i;
}
its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
TEST_ASSERT( ( status == PSA_SUCCESS ) ||
( status == PSA_ERROR_DOES_NOT_EXIST ) );
status = mbedtls_psa_inject_entropy( seed, seed_length_a );
TEST_EQUAL( status, expected_status_a );
status = mbedtls_psa_inject_entropy( seed, seed_length_b );
@ -64,7 +63,6 @@ exit:
/* BEGIN_CASE */
void run_entropy_inject_with_crypto_init( )
{
psa_its_status_t its_status;
psa_status_t status;
int i;
uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 };
@ -73,13 +71,13 @@ void run_entropy_inject_with_crypto_init( )
{
seed[i] = i;
}
its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
TEST_ASSERT( ( status == PSA_SUCCESS ) ||
( status == PSA_ERROR_DOES_NOT_EXIST ) );
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
PSA_ASSERT( status );
its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
TEST_EQUAL( its_status, PSA_ITS_SUCCESS );
status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
TEST_EQUAL( status, PSA_SUCCESS );
status = psa_crypto_init( );
TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY );
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );