ssl_test_lib: add function translate given opaque algoritms to psa

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-02 13:41:53 +02:00 · 2022-05-02 13:41:53 +02:00 · 01396a16da
commit 01396a16da
parent 77fc9ab1ba
2 changed files with 82 additions and 0 deletions
--- a/programs/ssl/ssl_test_lib.c
+++ b/programs/ssl/ssl_test_lib.c
@ -221,6 +221,70 @@ int key_opaque_alg_parse( const char *arg, const char **alg1, const char **alg2
    return 0;
 }

+int key_opaque_set_alg_usage( const char *alg1, const char *alg2,
+                              psa_algorithm_t *psa_alg1,
+                              psa_algorithm_t *psa_alg2,
+                              psa_key_usage_t *usage )
+{
+    if( strcmp( alg1, "rsa-sign-pkcs1" ) == 0 )
+    {
+        *psa_alg1 = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
+        *usage = PSA_KEY_USAGE_SIGN_HASH;
+    }
+    else if ( strcmp( alg1, "rsa-sign-pss" ) == 0 )
+    {
+        *psa_alg1 = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH );
+        *usage = PSA_KEY_USAGE_SIGN_HASH;
+    }
+    else if ( strcmp( alg1, "rsa-decrypt" ) == 0 )
+    {
+        *psa_alg1 = PSA_ALG_RSA_PKCS1V15_CRYPT;
+        *usage = PSA_KEY_USAGE_DECRYPT;
+    }
+    else if ( strcmp( alg1, "ecdsa-sign" ) == 0 )
+    {
+        *psa_alg1 = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
+        *usage = PSA_KEY_USAGE_SIGN_HASH;
+    }
+    else if ( strcmp( alg1, "ecdh" ) == 0 )
+    {
+        *psa_alg1 = PSA_ALG_ECDH;
+        *usage = PSA_KEY_USAGE_DERIVE;
+    }
+
+    if( strcmp( alg2, "rsa-sign-pkcs1" ) == 0 )
+    {
+        *psa_alg1 = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
+        *usage |= PSA_KEY_USAGE_SIGN_HASH;
+    }
+    else if( strcmp( alg2, "rsa-sign-pss" ) == 0 )
+    {
+        *psa_alg2 = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH );
+        *usage |= PSA_KEY_USAGE_SIGN_HASH;
+    }
+    else if( strcmp( alg2, "rsa-decrypt" ) == 0 )
+    {
+        *psa_alg2 = PSA_ALG_RSA_PKCS1V15_CRYPT;
+        *usage |= PSA_KEY_USAGE_DECRYPT;
+    }
+    else if( strcmp( alg2, "ecdsa-sign" ) == 0 )
+    {
+        *psa_alg2 = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
+        *usage |= PSA_KEY_USAGE_SIGN_HASH;
+    }
+    else if( strcmp( alg2, "ecdh" ) == 0 )
+    {
+        *psa_alg2 = PSA_ALG_ECDH;
+        *usage |= PSA_KEY_USAGE_DERIVE;
+    }
+    else if( strcmp( alg2, "none" ) == 0 )
+    {
+        *psa_alg2 = PSA_ALG_NONE;
+    }
+
+    return 0;
+}
+
 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
 int ca_callback( void *data, mbedtls_x509_crt const *child,
                 mbedtls_x509_crt **candidates )
--- a/programs/ssl/ssl_test_lib.h
+++ b/programs/ssl/ssl_test_lib.h
@ -240,6 +240,24 @@ int rng_get( void *p_rng, unsigned char *output, size_t output_len );
 */
 int key_opaque_alg_parse( const char *arg, const char **alg1, const char **alg2 );

+/** Parse given opaque key algoritms to obtain psa algs and usage
+ *  that will be passed to mbedtls_pk_wrap_as_opaque().
+ *
+ *
+ * \param alg1          input string opaque key algorithm #1
+ * \param alg1          input string opaque key algorithm #2
+ * \param psa_alg1      output PSA algorithm #1
+ * \param psa_alg2      output PSA algorithm #2
+ * \param usage         output key usage
+ *
+ * \return              \c 0 on success.
+ * \return              \c 1 on parse failure.
+ */
+int key_opaque_set_alg_usage( const char *alg1, const char *alg2,
+                              psa_algorithm_t *psa_alg1,
+                              psa_algorithm_t *psa_alg2,
+                              psa_key_usage_t *usage );
+
 #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
 /* The test implementation of the PSA external RNG is insecure. When
 * MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto