Make the key_policy test function more flexible

This commit is contained in:
Gilles Peskine 2019-11-26 17:12:21 +01:00
parent 4151094a52
commit 1a96049e30
2 changed files with 19 additions and 8 deletions

View file

@ -342,8 +342,17 @@ PSA import RSA public key: maximum size exceeded
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED
PSA key policy set and get
key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING
PSA key policy: AES
depends_on:MBEDTLS_AES_C
check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING
PSA key policy: ECC SECP256R1, sign
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY
PSA key policy: ECC SECP256R1, sign+verify
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY
Key attributes initializers zero properly
key_attributes_init:

View file

@ -1635,27 +1635,29 @@ exit:
/* END_CASE */
/* BEGIN_CASE */
void key_policy( int usage_arg, int alg_arg )
void check_key_policy( int type_arg, int bits_arg,
int usage_arg, int alg_arg )
{
psa_key_handle_t handle = 0;
psa_key_type_t key_type = type_arg;
size_t bits = bits_arg;
psa_algorithm_t alg = alg_arg;
psa_key_usage_t usage = usage_arg;
psa_key_type_t key_type = PSA_KEY_TYPE_AES;
unsigned char key[32] = {0};
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
memset( key, 0x2a, sizeof( key ) );
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, usage );
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
psa_set_key_bits( &attributes, bits );
PSA_ASSERT( psa_import_key( &attributes, key, sizeof( key ), &handle ) );
PSA_ASSERT( psa_generate_key( &attributes, &handle ) );
psa_reset_key_attributes( &attributes );
PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
TEST_EQUAL( psa_get_key_type( &attributes ), key_type );
TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );