Merge pull request #27 from hanno-arm/crypto_submodule_update_prs_6_18_19_sibling
PSA integration sibling: Update crypto submodule (Hash clone, Key Policy Init, Key slot alloc)
This commit is contained in:
Jaeden Amero
GitHub
commit
37a8c0c144
6 changed files with 13 additions and 15 deletions
|
|
@ -308,7 +308,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
|
||||||
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
|
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
|
||||||
|
|
||||||
/* Allocate a key slot to use. */
|
/* Allocate a key slot to use. */
|
||||||
status = psa_allocate_key( key_type, key_bitlen, &cipher_psa->slot );
|
status = psa_allocate_key( &cipher_psa->slot );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
|
return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
|
||||||
|
|
||||||
|
|
@ -322,7 +322,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
|
||||||
* mbedtls_cipher_free() needs to be called in any case. */
|
* mbedtls_cipher_free() needs to be called in any case. */
|
||||||
|
|
||||||
/* Setup policy for the new key slot. */
|
/* Setup policy for the new key slot. */
|
||||||
psa_key_policy_init( &key_policy );
|
key_policy = psa_key_policy_init();
|
||||||
|
|
||||||
/* Mbed TLS' cipher layer doesn't enforce the mode of operation
|
/* Mbed TLS' cipher layer doesn't enforce the mode of operation
|
||||||
* (encrypt vs. decrypt): it is possible to setup a key for encryption
|
* (encrypt vs. decrypt): it is possible to setup a key for encryption
|
||||||
|
|
|
||||||
|
|
@ -576,11 +576,11 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
|
||||||
mbedtls_psa_parse_tls_ecc_group ( curve_id ) );
|
mbedtls_psa_parse_tls_ecc_group ( curve_id ) );
|
||||||
|
|
||||||
/* allocate a key slot */
|
/* allocate a key slot */
|
||||||
if( PSA_SUCCESS != psa_allocate_key( key_type, d_len * 8, &key ) )
|
if( PSA_SUCCESS != psa_allocate_key( &key ) )
|
||||||
return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
|
return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
|
||||||
|
|
||||||
/* set policy */
|
/* set policy */
|
||||||
psa_key_policy_init( &policy );
|
policy = psa_key_policy_init();
|
||||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN,
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN,
|
||||||
PSA_ALG_ECDSA(hash_alg) );
|
PSA_ALG_ECDSA(hash_alg) );
|
||||||
if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) )
|
if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) )
|
||||||
|
|
|
||||||
|
|
@ -577,12 +577,10 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
|
||||||
psa_sig_md = PSA_ALG_ECDSA( psa_md );
|
psa_sig_md = PSA_ALG_ECDSA( psa_md );
|
||||||
psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
|
psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
|
||||||
|
|
||||||
if( ( ret = psa_allocate_key( psa_type,
|
if( ( ret = psa_allocate_key( &key_slot ) ) != PSA_SUCCESS )
|
||||||
MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE(curve),
|
|
||||||
&key_slot ) ) != PSA_SUCCESS )
|
|
||||||
return( mbedtls_psa_err_translate_pk( ret ) );
|
return( mbedtls_psa_err_translate_pk( ret ) );
|
||||||
|
|
||||||
psa_key_policy_init( &policy );
|
policy = psa_key_policy_init();
|
||||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md );
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md );
|
||||||
if( ( ret = psa_set_key_policy( key_slot, &policy ) ) != PSA_SUCCESS )
|
if( ( ret = psa_set_key_policy( key_slot, &policy ) ) != PSA_SUCCESS )
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1594,14 +1594,14 @@ int main( int argc, char *argv[] )
|
||||||
if( opt.psk_opaque != 0 )
|
if( opt.psk_opaque != 0 )
|
||||||
{
|
{
|
||||||
/* The algorithm has already been determined earlier. */
|
/* The algorithm has already been determined earlier. */
|
||||||
status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, psk_len * 8, &slot );
|
status = psa_allocate_key( &slot );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
{
|
{
|
||||||
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
|
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
psa_key_policy_init( &policy );
|
policy = psa_key_policy_init();
|
||||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||||
|
|
||||||
status = psa_set_key_policy( slot, &policy );
|
status = psa_set_key_policy( slot, &policy );
|
||||||
|
|
|
||||||
|
|
@ -1239,7 +1239,7 @@ static psa_status_t psa_setup_psk_key_slot( psa_key_handle_t slot,
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
psa_key_policy_t policy;
|
psa_key_policy_t policy;
|
||||||
|
|
||||||
psa_key_policy_init( &policy );
|
policy = psa_key_policy_init();
|
||||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||||
|
|
||||||
status = psa_set_key_policy( slot, &policy );
|
status = psa_set_key_policy( slot, &policy );
|
||||||
|
|
@ -2667,7 +2667,7 @@ int main( int argc, char *argv[] )
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
if( opt.psk_opaque != 0 )
|
if( opt.psk_opaque != 0 )
|
||||||
{
|
{
|
||||||
status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, psk_len * 8, &psk_slot );
|
status = psa_allocate_key( &psk_slot );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
{
|
{
|
||||||
fprintf( stderr, "ALLOC FAIL\n" );
|
fprintf( stderr, "ALLOC FAIL\n" );
|
||||||
|
|
@ -2711,7 +2711,7 @@ int main( int argc, char *argv[] )
|
||||||
psk_entry *cur_psk;
|
psk_entry *cur_psk;
|
||||||
for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next )
|
for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next )
|
||||||
{
|
{
|
||||||
status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, cur_psk->key_len * 8, &cur_psk->slot );
|
status = psa_allocate_key( &cur_psk->slot );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
{
|
{
|
||||||
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
|
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
|
||||||
|
|
|
||||||
|
|
@ -84,11 +84,11 @@ psa_key_handle_t pk_psa_genkey( void )
|
||||||
psa_key_policy_t policy;
|
psa_key_policy_t policy;
|
||||||
|
|
||||||
/* Allocate a key slot */
|
/* Allocate a key slot */
|
||||||
if( PSA_SUCCESS != psa_allocate_key( type, bits, &key ) )
|
if( PSA_SUCCESS != psa_allocate_key( &key ) )
|
||||||
return( PK_PSA_INVALID_SLOT );
|
return( PK_PSA_INVALID_SLOT );
|
||||||
|
|
||||||
/* set up policy on key slot */
|
/* set up policy on key slot */
|
||||||
psa_key_policy_init( &policy );
|
policy = psa_key_policy_init();
|
||||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN,
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN,
|
||||||
PSA_ALG_ECDSA(PSA_ALG_SHA_256) );
|
PSA_ALG_ECDSA(PSA_ALG_SHA_256) );
|
||||||
if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) )
|
if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) )
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue