yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-26 22:15:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

SE keys: implement and test psa_get_key_attributes

Browse Source
This commit is contained in:
Gilles Peskine 2019-07-24 19:09:30 +02:00
parent 424f89453b
commit dc5bfe9784
2 changed files with 50 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
library/psa_crypto.c
View File

@ -1145,10 +1145,10 @@ exit:
} }
#endif /* MBEDTLS_RSA_C */ #endif /* MBEDTLS_RSA_C */
/** Retrieve the readily-accessible attributes of a key in a slot. /** Retrieve the generic attributes of a key in a slot.
* *
* This function does not compute attributes that are not directly * This function does not retrieve domain parameters, which require
* stored in the slot, such as the bit size of a transparent key. * additional memory management.
*/ */
static void psa_get_key_slot_attributes( psa_key_slot_t *slot, static void psa_get_key_slot_attributes( psa_key_slot_t *slot,
psa_key_attributes_t *attributes ) psa_key_attributes_t *attributes )
@ -1157,6 +1157,7 @@ static void psa_get_key_slot_attributes( psa_key_slot_t *slot,
attributes->lifetime = slot->lifetime; attributes->lifetime = slot->lifetime;
attributes->policy = slot->policy; attributes->policy = slot->policy;
attributes->type = slot->type; attributes->type = slot->type;
attributes->bits = psa_get_key_slot_bits( slot );
} }
/** Retrieve all the publicly-accessible attributes of a key. /** Retrieve all the publicly-accessible attributes of a key.
@ -1169,21 +1170,26 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle,
psa_reset_key_attributes( attributes ); psa_reset_key_attributes( attributes );
status = psa_get_transparent_key( handle, &slot, 0, 0 ); status = psa_get_key_from_slot( handle, &slot, 0, 0 );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
psa_get_key_slot_attributes( slot, attributes ); psa_get_key_slot_attributes( slot, attributes );
attributes->bits = psa_get_key_slot_bits( slot );
switch( slot->type ) switch( slot->type )
{ {
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
case PSA_KEY_TYPE_RSA_KEY_PAIR: case PSA_KEY_TYPE_RSA_KEY_PAIR:
case PSA_KEY_TYPE_RSA_PUBLIC_KEY: case PSA_KEY_TYPE_RSA_PUBLIC_KEY:
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
/* TOnogrepDO: reporting the public exponent for opaque keys
* is not yet implemented. */
if( psa_get_se_driver( slot->lifetime, NULL, NULL ) )
break;
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
status = psa_get_rsa_public_exponent( slot->data.rsa, attributes ); status = psa_get_rsa_public_exponent( slot->data.rsa, attributes );
break; break;
#endif #endif /* MBEDTLS_RSA_C */
default: default:
/* Nothing else to do. */ /* Nothing else to do. */
break; break;

38
tests/suites/test_suite_psa_crypto_se_driver_hal.function
View File

@ -178,6 +178,41 @@ static psa_status_t ram_allocate( psa_drv_se_context_t *context,
/* Other test helper functions */ /* Other test helper functions */
/****************************************************************/ /****************************************************************/
/* Check that the attributes of a key reported by psa_get_key_attributes()
* are consistent with the attributes used when creating the key. */
static int check_key_attributes(
psa_key_handle_t handle,
const psa_key_attributes_t *reference_attributes )
{
int ok = 0;
psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT;
PSA_ASSERT( psa_get_key_attributes( handle, &actual_attributes ) );
TEST_EQUAL( psa_get_key_id( &actual_attributes ),
psa_get_key_id( reference_attributes ) );
TEST_EQUAL( psa_get_key_lifetime( &actual_attributes ),
psa_get_key_lifetime( reference_attributes ) );
TEST_EQUAL( psa_get_key_type( &actual_attributes ),
psa_get_key_type( reference_attributes ) );
TEST_EQUAL( psa_get_key_usage_flags( &actual_attributes ),
psa_get_key_usage_flags( reference_attributes ) );
TEST_EQUAL( psa_get_key_algorithm( &actual_attributes ),
psa_get_key_algorithm( reference_attributes ) );
TEST_EQUAL( psa_get_key_enrollment_algorithm( &actual_attributes ),
psa_get_key_enrollment_algorithm( reference_attributes ) );
if( psa_get_key_bits( reference_attributes ) != 0 )
{
TEST_EQUAL( psa_get_key_bits( &actual_attributes ),
psa_get_key_bits( reference_attributes ) );
}
ok = 1;
exit:
return( ok );
}
/* Check that a function's return status is "smoke-free", i.e. that /* Check that a function's return status is "smoke-free", i.e. that
* it's an acceptable error code when calling an API function that operates * it's an acceptable error code when calling an API function that operates
* on a key with potentially bogus parameters. */ * on a key with potentially bogus parameters. */
@ -445,6 +480,9 @@ void key_creation_import_export( int min_slot, int restart )
/* Test that the key was created in the expected slot. */ /* Test that the key was created in the expected slot. */
TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA ); TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA );
/* Test the key attributes and the key data. */
if( ! check_key_attributes( handle, &attributes ) )
goto exit;
PSA_ASSERT( psa_export_key( handle, PSA_ASSERT( psa_export_key( handle,
exported, sizeof( exported ), exported, sizeof( exported ),
&exported_length ) ); &exported_length ) );