mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 03:15:43 +01:00
SE keys: implement and test psa_get_key_attributes
This commit is contained in:
parent
424f89453b
commit
dc5bfe9784
@ -1145,10 +1145,10 @@ exit:
|
||||
}
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
|
||||
/** Retrieve the readily-accessible attributes of a key in a slot.
|
||||
/** Retrieve the generic attributes of a key in a slot.
|
||||
*
|
||||
* This function does not compute attributes that are not directly
|
||||
* stored in the slot, such as the bit size of a transparent key.
|
||||
* This function does not retrieve domain parameters, which require
|
||||
* additional memory management.
|
||||
*/
|
||||
static void psa_get_key_slot_attributes( psa_key_slot_t *slot,
|
||||
psa_key_attributes_t *attributes )
|
||||
@ -1157,6 +1157,7 @@ static void psa_get_key_slot_attributes( psa_key_slot_t *slot,
|
||||
attributes->lifetime = slot->lifetime;
|
||||
attributes->policy = slot->policy;
|
||||
attributes->type = slot->type;
|
||||
attributes->bits = psa_get_key_slot_bits( slot );
|
||||
}
|
||||
|
||||
/** Retrieve all the publicly-accessible attributes of a key.
|
||||
@ -1169,21 +1170,26 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle,
|
||||
|
||||
psa_reset_key_attributes( attributes );
|
||||
|
||||
status = psa_get_transparent_key( handle, &slot, 0, 0 );
|
||||
status = psa_get_key_from_slot( handle, &slot, 0, 0 );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
psa_get_key_slot_attributes( slot, attributes );
|
||||
attributes->bits = psa_get_key_slot_bits( slot );
|
||||
|
||||
switch( slot->type )
|
||||
{
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
case PSA_KEY_TYPE_RSA_KEY_PAIR:
|
||||
case PSA_KEY_TYPE_RSA_PUBLIC_KEY:
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||
/* TOnogrepDO: reporting the public exponent for opaque keys
|
||||
* is not yet implemented. */
|
||||
if( psa_get_se_driver( slot->lifetime, NULL, NULL ) )
|
||||
break;
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||
status = psa_get_rsa_public_exponent( slot->data.rsa, attributes );
|
||||
break;
|
||||
#endif
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
default:
|
||||
/* Nothing else to do. */
|
||||
break;
|
||||
|
@ -178,6 +178,41 @@ static psa_status_t ram_allocate( psa_drv_se_context_t *context,
|
||||
/* Other test helper functions */
|
||||
/****************************************************************/
|
||||
|
||||
/* Check that the attributes of a key reported by psa_get_key_attributes()
|
||||
* are consistent with the attributes used when creating the key. */
|
||||
static int check_key_attributes(
|
||||
psa_key_handle_t handle,
|
||||
const psa_key_attributes_t *reference_attributes )
|
||||
{
|
||||
int ok = 0;
|
||||
psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
|
||||
PSA_ASSERT( psa_get_key_attributes( handle, &actual_attributes ) );
|
||||
|
||||
TEST_EQUAL( psa_get_key_id( &actual_attributes ),
|
||||
psa_get_key_id( reference_attributes ) );
|
||||
TEST_EQUAL( psa_get_key_lifetime( &actual_attributes ),
|
||||
psa_get_key_lifetime( reference_attributes ) );
|
||||
TEST_EQUAL( psa_get_key_type( &actual_attributes ),
|
||||
psa_get_key_type( reference_attributes ) );
|
||||
TEST_EQUAL( psa_get_key_usage_flags( &actual_attributes ),
|
||||
psa_get_key_usage_flags( reference_attributes ) );
|
||||
TEST_EQUAL( psa_get_key_algorithm( &actual_attributes ),
|
||||
psa_get_key_algorithm( reference_attributes ) );
|
||||
TEST_EQUAL( psa_get_key_enrollment_algorithm( &actual_attributes ),
|
||||
psa_get_key_enrollment_algorithm( reference_attributes ) );
|
||||
if( psa_get_key_bits( reference_attributes ) != 0 )
|
||||
{
|
||||
TEST_EQUAL( psa_get_key_bits( &actual_attributes ),
|
||||
psa_get_key_bits( reference_attributes ) );
|
||||
}
|
||||
|
||||
ok = 1;
|
||||
|
||||
exit:
|
||||
return( ok );
|
||||
}
|
||||
|
||||
/* Check that a function's return status is "smoke-free", i.e. that
|
||||
* it's an acceptable error code when calling an API function that operates
|
||||
* on a key with potentially bogus parameters. */
|
||||
@ -445,6 +480,9 @@ void key_creation_import_export( int min_slot, int restart )
|
||||
/* Test that the key was created in the expected slot. */
|
||||
TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA );
|
||||
|
||||
/* Test the key attributes and the key data. */
|
||||
if( ! check_key_attributes( handle, &attributes ) )
|
||||
goto exit;
|
||||
PSA_ASSERT( psa_export_key( handle,
|
||||
exported, sizeof( exported ),
|
||||
&exported_length ) );
|
||||
|
Loading…
Reference in New Issue
Block a user