Remove psa_crypto_storage_file
Now that we have ITS over files, we no longer need a direct backend for key storage over files. Remove psa_crypto_storage_file and its tests. Switch MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C and MBEDTLS_PSA_ITS_FILE_C on by default. This preserves functionality and test coverage in the default configuration, but forgets any key previously stored using the file backend.
This commit is contained in:
parent
23793482ac
commit
e435f23019
14 changed files with 30 additions and 489 deletions
|
@ -2719,26 +2719,11 @@
|
|||
*
|
||||
* Module: library/psa_crypto_storage.c
|
||||
*
|
||||
* Requires: MBEDTLS_PSA_CRYPTO_C and one of either
|
||||
* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
* (but not both)
|
||||
* Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
*
|
||||
*/
|
||||
#define MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
|
||||
*
|
||||
* Enable persistent key storage over files for the
|
||||
* Platform Security Architecture cryptography API.
|
||||
*
|
||||
* Module: library/psa_crypto_storage_file.c
|
||||
*
|
||||
* Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO
|
||||
*
|
||||
*/
|
||||
#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
*
|
||||
|
@ -2747,10 +2732,23 @@
|
|||
*
|
||||
* Module: library/psa_crypto_storage_its.c
|
||||
*
|
||||
* Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO
|
||||
* Requires: MBEDTLS_PSA_CRYPTO_C,
|
||||
* either MBEDTLS_PSA_HAS_ITS_IO or MBEDTLS_PSA_ITS_FILE_C
|
||||
*
|
||||
*/
|
||||
//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_PSA_ITS_FILE_C
|
||||
*
|
||||
* Enable the emulation of the Platform Security Architecture
|
||||
* Internal Trusted Storage (PSA ITS) over files.
|
||||
*
|
||||
* Module: library/psa_its_file.c
|
||||
*
|
||||
* Requires: MBEDTLS_FS_IO
|
||||
*/
|
||||
#define MBEDTLS_PSA_ITS_FILE_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_RIPEMD160_C
|
||||
|
|
|
@ -525,23 +525,12 @@
|
|||
#error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) && defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
|
||||
#error "Only one of MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C can be defined"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \
|
||||
!( defined(MBEDTLS_PSA_CRYPTO_C) && \
|
||||
( defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) || \
|
||||
defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) ) )
|
||||
defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) )
|
||||
#error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) && \
|
||||
!( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \
|
||||
defined(MBEDTLS_FS_IO) )
|
||||
#error "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) && \
|
||||
! defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
|
||||
#error "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C defined, but not all prerequisites"
|
||||
|
|
|
@ -2761,26 +2761,11 @@
|
|||
*
|
||||
* Module: library/psa_crypto_storage.c
|
||||
*
|
||||
* Requires: MBEDTLS_PSA_CRYPTO_C and one of either
|
||||
* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
* (but not both)
|
||||
* Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
*
|
||||
*/
|
||||
#define MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
|
||||
*
|
||||
* Enable direct persistent key storage over files for the
|
||||
* Platform Security Architecture cryptography API.
|
||||
*
|
||||
* Module: library/psa_crypto_storage_file.c
|
||||
*
|
||||
* Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO
|
||||
*
|
||||
*/
|
||||
#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
*
|
||||
|
@ -2793,7 +2778,7 @@
|
|||
* either MBEDTLS_PSA_HAS_ITS_IO or MBEDTLS_PSA_ITS_FILE_C
|
||||
*
|
||||
*/
|
||||
//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_PSA_ITS_FILE_C
|
||||
|
|
|
@ -56,7 +56,6 @@ set(src_crypto
|
|||
psa_crypto.c
|
||||
psa_crypto_slot_management.c
|
||||
psa_crypto_storage.c
|
||||
psa_crypto_storage_file.c
|
||||
psa_crypto_storage_its.c
|
||||
psa_its_file.c
|
||||
ripemd160.c
|
||||
|
|
|
@ -85,7 +85,6 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \
|
|||
psa_crypto.o \
|
||||
psa_crypto_slot_management.o \
|
||||
psa_crypto_storage.o \
|
||||
psa_crypto_storage_file.o \
|
||||
psa_crypto_storage_its.o \
|
||||
psa_its_file.o \
|
||||
ripemd160.o rsa_internal.o rsa.o \
|
||||
|
|
|
@ -1,220 +0,0 @@
|
|||
/*
|
||||
* PSA file storage backend for persistent keys
|
||||
*/
|
||||
/* Copyright (C) 2018, ARM Limited, All Rights Reserved
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
||||
*/
|
||||
|
||||
#if defined(MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#else
|
||||
#include "mbedtls/config.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C)
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "psa/crypto.h"
|
||||
#include "psa_crypto_storage_backend.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_C)
|
||||
#include "mbedtls/platform.h"
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#define mbedtls_snprintf snprintf
|
||||
#endif
|
||||
|
||||
/* This option sets where files are to be stored. If this is left unset,
|
||||
* the files by default will be stored in the same location as the program,
|
||||
* which may not be desired or possible. */
|
||||
#if !defined(CRYPTO_STORAGE_FILE_LOCATION)
|
||||
#define CRYPTO_STORAGE_FILE_LOCATION ""
|
||||
#endif
|
||||
|
||||
enum { MAX_LOCATION_LEN = sizeof(CRYPTO_STORAGE_FILE_LOCATION) + 40 };
|
||||
|
||||
static void key_id_to_location( const psa_key_file_id_t key,
|
||||
char *location,
|
||||
size_t location_size )
|
||||
{
|
||||
mbedtls_snprintf( location, location_size,
|
||||
CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%lu",
|
||||
(unsigned long) key );
|
||||
}
|
||||
|
||||
psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data,
|
||||
size_t data_size )
|
||||
{
|
||||
psa_status_t status = PSA_SUCCESS;
|
||||
FILE *file;
|
||||
size_t num_read;
|
||||
char slot_location[MAX_LOCATION_LEN];
|
||||
|
||||
key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
file = fopen( slot_location, "rb" );
|
||||
if( file == NULL )
|
||||
{
|
||||
status = PSA_ERROR_STORAGE_FAILURE;
|
||||
goto exit;
|
||||
}
|
||||
num_read = fread( data, 1, data_size, file );
|
||||
if( num_read != data_size )
|
||||
status = PSA_ERROR_STORAGE_FAILURE;
|
||||
|
||||
exit:
|
||||
if( file != NULL )
|
||||
fclose( file );
|
||||
return( status );
|
||||
}
|
||||
|
||||
int psa_is_key_present_in_storage( const psa_key_file_id_t key )
|
||||
{
|
||||
char slot_location[MAX_LOCATION_LEN];
|
||||
FILE *file;
|
||||
|
||||
key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
|
||||
file = fopen( slot_location, "r" );
|
||||
if( file == NULL )
|
||||
{
|
||||
/* File doesn't exist */
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
fclose( file );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key,
|
||||
const uint8_t *data,
|
||||
size_t data_length )
|
||||
{
|
||||
psa_status_t status = PSA_SUCCESS;
|
||||
int ret;
|
||||
size_t num_written;
|
||||
char slot_location[MAX_LOCATION_LEN];
|
||||
FILE *file;
|
||||
/* The storage location corresponding to "key slot 0" is used as a
|
||||
* temporary location in order to make the apparition of the actual slot
|
||||
* file atomic. 0 is not a valid key slot number, so this should not
|
||||
* affect actual keys. */
|
||||
const char *temp_location = CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0";
|
||||
|
||||
key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
|
||||
if( psa_is_key_present_in_storage( key ) == 1 )
|
||||
return( PSA_ERROR_ALREADY_EXISTS );
|
||||
|
||||
file = fopen( temp_location, "wb" );
|
||||
if( file == NULL )
|
||||
{
|
||||
status = PSA_ERROR_STORAGE_FAILURE;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
num_written = fwrite( data, 1, data_length, file );
|
||||
if( num_written != data_length )
|
||||
{
|
||||
status = PSA_ERROR_STORAGE_FAILURE;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = fclose( file );
|
||||
file = NULL;
|
||||
if( ret != 0 )
|
||||
{
|
||||
status = PSA_ERROR_STORAGE_FAILURE;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( rename( temp_location, slot_location ) != 0 )
|
||||
{
|
||||
status = PSA_ERROR_STORAGE_FAILURE;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
exit:
|
||||
if( file != NULL )
|
||||
fclose( file );
|
||||
remove( temp_location );
|
||||
return( status );
|
||||
}
|
||||
|
||||
psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key )
|
||||
{
|
||||
FILE *file;
|
||||
char slot_location[MAX_LOCATION_LEN];
|
||||
|
||||
key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
|
||||
/* Only try remove the file if it exists */
|
||||
file = fopen( slot_location, "rb" );
|
||||
if( file != NULL )
|
||||
{
|
||||
fclose( file );
|
||||
|
||||
if( remove( slot_location ) != 0 )
|
||||
return( PSA_ERROR_STORAGE_FAILURE );
|
||||
}
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
||||
psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key,
|
||||
size_t *data_length )
|
||||
{
|
||||
psa_status_t status = PSA_SUCCESS;
|
||||
FILE *file;
|
||||
long file_size;
|
||||
char slot_location[MAX_LOCATION_LEN];
|
||||
|
||||
key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
|
||||
file = fopen( slot_location, "rb" );
|
||||
if( file == NULL )
|
||||
return( PSA_ERROR_DOES_NOT_EXIST );
|
||||
|
||||
if( fseek( file, 0, SEEK_END ) != 0 )
|
||||
{
|
||||
status = PSA_ERROR_STORAGE_FAILURE;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
file_size = ftell( file );
|
||||
|
||||
if( file_size < 0 )
|
||||
{
|
||||
status = PSA_ERROR_STORAGE_FAILURE;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#if LONG_MAX > SIZE_MAX
|
||||
if( (unsigned long) file_size > SIZE_MAX )
|
||||
{
|
||||
status = PSA_ERROR_STORAGE_FAILURE;
|
||||
goto exit;
|
||||
}
|
||||
#endif
|
||||
*data_length = (size_t) file_size;
|
||||
|
||||
exit:
|
||||
fclose( file );
|
||||
return( status );
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */
|
|
@ -714,9 +714,6 @@ static const char *features[] = {
|
|||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
|
||||
"MBEDTLS_PSA_CRYPTO_STORAGE_C",
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C)
|
||||
"MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C",
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
|
||||
"MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C",
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */
|
||||
|
|
|
@ -1946,14 +1946,6 @@ int query_config( const char *config )
|
|||
}
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C)
|
||||
if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C", config ) == 0 )
|
||||
{
|
||||
MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C );
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
|
||||
if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C", config ) == 0 )
|
||||
{
|
||||
|
|
|
@ -103,7 +103,6 @@ MBEDTLS_NO_64BIT_MULTIPLICATION
|
|||
MBEDTLS_PSA_CRYPTO_SPM
|
||||
MBEDTLS_PSA_HAS_ITS_IO
|
||||
MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
|
||||
MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
MBEDTLS_USE_PSA_CRYPTO
|
||||
_ALT\s*$
|
||||
);
|
||||
|
@ -125,9 +124,9 @@ MBEDTLS_MEMORY_BUFFER_ALLOC_C
|
|||
MBEDTLS_PLATFORM_TIME_ALT
|
||||
MBEDTLS_PLATFORM_FPRINTF_ALT
|
||||
MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
|
||||
MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
MBEDTLS_PSA_HAS_ITS_IO
|
||||
MBEDTLS_PSA_ITS_FILE_C
|
||||
);
|
||||
|
||||
# Things that should be enabled in "full" even if they match @excluded
|
||||
|
|
|
@ -141,7 +141,6 @@ add_test_suite(psa_crypto_init)
|
|||
add_test_suite(psa_crypto_metadata)
|
||||
add_test_suite(psa_crypto_persistent_key)
|
||||
add_test_suite(psa_crypto_slot_management)
|
||||
add_test_suite(psa_crypto_storage_file)
|
||||
add_test_suite(psa_its)
|
||||
add_test_suite(shax)
|
||||
add_test_suite(timing)
|
||||
|
|
|
@ -689,8 +689,9 @@ component_test_no_platform () {
|
|||
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
|
||||
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
|
||||
scripts/config.pl unset MBEDTLS_FS_IO
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
# Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
|
||||
# to re-enable platform integration features otherwise disabled in C99 builds
|
||||
make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -O0 -D_DEFAULT_SOURCE' lib programs
|
||||
|
@ -870,7 +871,8 @@ component_build_arm_none_eabi_gcc () {
|
|||
scripts/config.pl unset MBEDTLS_NET_C
|
||||
scripts/config.pl unset MBEDTLS_TIMING_C
|
||||
scripts/config.pl unset MBEDTLS_FS_IO
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
|
||||
scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
|
||||
|
@ -889,7 +891,8 @@ component_build_arm_none_eabi_gcc_no_udbl_division () {
|
|||
scripts/config.pl unset MBEDTLS_NET_C
|
||||
scripts/config.pl unset MBEDTLS_TIMING_C
|
||||
scripts/config.pl unset MBEDTLS_FS_IO
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
|
||||
scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
|
||||
|
@ -911,7 +914,8 @@ component_build_arm_none_eabi_gcc_no_64bit_multiplication () {
|
|||
scripts/config.pl unset MBEDTLS_NET_C
|
||||
scripts/config.pl unset MBEDTLS_TIMING_C
|
||||
scripts/config.pl unset MBEDTLS_FS_IO
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
|
||||
scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
|
||||
|
@ -933,7 +937,8 @@ component_build_armcc () {
|
|||
scripts/config.pl unset MBEDTLS_NET_C
|
||||
scripts/config.pl unset MBEDTLS_TIMING_C
|
||||
scripts/config.pl unset MBEDTLS_FS_IO
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
|
||||
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
|
||||
scripts/config.pl unset MBEDTLS_HAVE_TIME
|
||||
|
|
|
@ -1,43 +0,0 @@
|
|||
PSA Storage Load verify loaded file
|
||||
depends_on:MBEDTLS_FS_IO
|
||||
load_data_from_file:1:"deadbeef":1:4:PSA_SUCCESS
|
||||
|
||||
PSA Storage Load check slots dont share state
|
||||
depends_on:MBEDTLS_FS_IO
|
||||
load_data_from_file:2:"deadbeef":1:4:PSA_ERROR_STORAGE_FAILURE
|
||||
|
||||
PSA Storage Load zero length file
|
||||
depends_on:MBEDTLS_FS_IO
|
||||
load_data_from_file:1:"":1:1:PSA_SUCCESS
|
||||
|
||||
PSA Storage Load less than capacity of data buffer
|
||||
depends_on:MBEDTLS_FS_IO
|
||||
load_data_from_file:1:"deadbeef":1:5:PSA_SUCCESS
|
||||
|
||||
PSA Storage Load nonexistent file location, should fail
|
||||
depends_on:MBEDTLS_FS_IO
|
||||
load_data_from_file:1:"deadbeef":0:4:PSA_ERROR_STORAGE_FAILURE
|
||||
|
||||
PSA Storage Store verify stored file
|
||||
depends_on:MBEDTLS_FS_IO
|
||||
write_data_to_file:"deadbeef":PSA_SUCCESS
|
||||
|
||||
PSA Storage Store into preexisting location, should fail
|
||||
depends_on:MBEDTLS_FS_IO
|
||||
write_data_to_prexisting_file:"psa_key_slot_1":"deadbeef":PSA_ERROR_ALREADY_EXISTS
|
||||
|
||||
PSA Storage Store, preexisting temp_location file, should succeed
|
||||
depends_on:MBEDTLS_FS_IO
|
||||
write_data_to_prexisting_file:"psa_key_slot_0":"deadbeef":PSA_SUCCESS
|
||||
|
||||
PSA Storage Get data size verify data size
|
||||
depends_on:MBEDTLS_FS_IO
|
||||
get_file_size:"deadbeef":4:PSA_SUCCESS:1
|
||||
|
||||
PSA Storage Get data size verify data size zero length file
|
||||
depends_on:MBEDTLS_FS_IO
|
||||
get_file_size:"":0:PSA_SUCCESS:1
|
||||
|
||||
PSA Storage Get data size nonexistent file location, should fail
|
||||
depends_on:MBEDTLS_FS_IO
|
||||
get_file_size:"deadbeef":4:PSA_ERROR_DOES_NOT_EXIST:0
|
|
@ -1,157 +0,0 @@
|
|||
/* BEGIN_HEADER */
|
||||
#include <stdint.h>
|
||||
#include "psa/crypto.h"
|
||||
#include "psa_crypto_storage_backend.h"
|
||||
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
* depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
|
||||
* END_DEPENDENCIES
|
||||
*/
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void load_data_from_file( int id_to_load_arg,
|
||||
data_t *data, int should_make_file,
|
||||
int capacity_arg, int expected_status )
|
||||
{
|
||||
psa_key_id_t id_to_load = id_to_load_arg;
|
||||
char slot_location[] = "psa_key_slot_1";
|
||||
psa_status_t status;
|
||||
int ret;
|
||||
size_t file_size = 0;
|
||||
uint8_t *loaded_data = NULL;
|
||||
size_t capacity = (size_t) capacity_arg;
|
||||
|
||||
if( should_make_file == 1 )
|
||||
{
|
||||
/* Create a file with data contents, with mask permissions. */
|
||||
FILE *file;
|
||||
file = fopen( slot_location, "wb+" );
|
||||
TEST_ASSERT( file != NULL );
|
||||
file_size = fwrite( data->x, 1, data->len, file );
|
||||
TEST_EQUAL( file_size, data->len );
|
||||
ret = fclose( file );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
}
|
||||
|
||||
/* Read from the file with psa_crypto_storage_load. */
|
||||
ASSERT_ALLOC( loaded_data, capacity );
|
||||
status = psa_crypto_storage_load( id_to_load, loaded_data, file_size );
|
||||
|
||||
/* Check we get the expected status. */
|
||||
TEST_EQUAL( status, expected_status );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
/* Check that the file data and data length is what we expect. */
|
||||
ASSERT_COMPARE( data->x, data->len, loaded_data, file_size );
|
||||
|
||||
exit:
|
||||
mbedtls_free( loaded_data );
|
||||
remove( slot_location );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void write_data_to_file( data_t *data, int expected_status )
|
||||
{
|
||||
char slot_location[] = "psa_key_slot_1";
|
||||
psa_status_t status;
|
||||
int ret;
|
||||
FILE *file;
|
||||
size_t file_size;
|
||||
size_t num_read;
|
||||
uint8_t *loaded_data = NULL;
|
||||
|
||||
/* Write data to file. */
|
||||
status = psa_crypto_storage_store( 1, data->x, data->len );
|
||||
|
||||
/* Check that we got the expected status. */
|
||||
TEST_EQUAL( status, expected_status );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
/* Check that the file length is what we expect */
|
||||
file = fopen( slot_location, "rb" );
|
||||
TEST_ASSERT( file != NULL );
|
||||
fseek( file, 0, SEEK_END );
|
||||
file_size = (size_t) ftell( file );
|
||||
fseek( file, 0, SEEK_SET );
|
||||
TEST_EQUAL( file_size, data->len );
|
||||
|
||||
/* Check that the file contents are what we expect */
|
||||
ASSERT_ALLOC( loaded_data, data->len );
|
||||
|
||||
num_read = fread( loaded_data, 1, file_size, file );
|
||||
TEST_EQUAL( num_read, file_size );
|
||||
ASSERT_COMPARE( data->x, data->len, loaded_data, file_size );
|
||||
ret = fclose( file );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
|
||||
exit:
|
||||
mbedtls_free( loaded_data );
|
||||
remove( slot_location );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void get_file_size( data_t *data, int expected_data_length,
|
||||
int expected_status, int should_make_file )
|
||||
{
|
||||
char slot_location[] = "psa_key_slot_1";
|
||||
psa_status_t status;
|
||||
int ret;
|
||||
size_t file_size;
|
||||
|
||||
if( should_make_file )
|
||||
{
|
||||
/* Create a file with data contents, with mask permissions. */
|
||||
FILE *file;
|
||||
file = fopen( slot_location, "wb+" );
|
||||
TEST_ASSERT( file != NULL );
|
||||
file_size = fwrite( data->x, 1, data->len, file );
|
||||
TEST_EQUAL( file_size, data->len );
|
||||
ret = fclose( file );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
}
|
||||
|
||||
/* Check get data size is what we expect */
|
||||
status = psa_crypto_storage_get_data_length( 1, &file_size );
|
||||
TEST_EQUAL( status, expected_status );
|
||||
if( expected_status == PSA_SUCCESS )
|
||||
TEST_EQUAL( file_size, (size_t)expected_data_length );
|
||||
|
||||
exit:
|
||||
remove( slot_location );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void write_data_to_prexisting_file( char *preexist_file_location,
|
||||
data_t *data, int expected_status )
|
||||
{
|
||||
char slot_location[] = "psa_key_slot_1";
|
||||
psa_status_t status;
|
||||
int ret;
|
||||
FILE *file;
|
||||
|
||||
/* Create file first */
|
||||
file = fopen( preexist_file_location, "wb" );
|
||||
TEST_ASSERT( file != NULL );
|
||||
ret = fclose( file );
|
||||
TEST_EQUAL( ret, 0 );
|
||||
|
||||
/* Write data to file. */
|
||||
status = psa_crypto_storage_store( 1, data->x, data->len );
|
||||
|
||||
/* Check that we got the expected status. */
|
||||
TEST_EQUAL( status, expected_status );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
exit:
|
||||
remove( preexist_file_location );
|
||||
remove( slot_location );
|
||||
}
|
||||
/* END_CASE */
|
|
@ -302,7 +302,6 @@
|
|||
<ClCompile Include="..\..\library\psa_crypto.c" />
|
||||
<ClCompile Include="..\..\library\psa_crypto_slot_management.c" />
|
||||
<ClCompile Include="..\..\library\psa_crypto_storage.c" />
|
||||
<ClCompile Include="..\..\library\psa_crypto_storage_file.c" />
|
||||
<ClCompile Include="..\..\library\psa_crypto_storage_its.c" />
|
||||
<ClCompile Include="..\..\library\psa_its_file.c" />
|
||||
<ClCompile Include="..\..\library\ripemd160.c" />
|
||||
|
|
Loading…
Reference in a new issue