Merge pull request #27 from hanno-arm/crypto_submodule_update_prs_6_18_19_sibling

Patater · web-flow · commit 37a8c0c144db · 2019-01-28T11:33:28.000Z
PSA integration sibling: Update crypto submodule (Hash clone, Key Policy Init, Key slot alloc)
diff --git a/library/cipher.c b/library/cipher.c
@@ -308,7 +308,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
             return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
 
         /* Allocate a key slot to use. */
-        status = psa_allocate_key( key_type, key_bitlen, &cipher_psa->slot );
+        status = psa_allocate_key( &cipher_psa->slot );
         if( status != PSA_SUCCESS )
             return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
 
@@ -322,7 +322,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
          * mbedtls_cipher_free() needs to be called in any case. */
 
         /* Setup policy for the new key slot. */
-        psa_key_policy_init( &key_policy );
+        key_policy = psa_key_policy_init();
 
         /* Mbed TLS' cipher layer doesn't enforce the mode of operation
          * (encrypt vs. decrypt): it is possible to setup a key for encryption
diff --git a/library/pk.c b/library/pk.c
@@ -576,11 +576,11 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
                                  mbedtls_psa_parse_tls_ecc_group ( curve_id ) );
 
     /* allocate a key slot */
-    if( PSA_SUCCESS != psa_allocate_key( key_type, d_len * 8, &key ) )
+    if( PSA_SUCCESS != psa_allocate_key( &key ) )
         return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
 
     /* set policy */
-    psa_key_policy_init( &policy );
+    policy = psa_key_policy_init();
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN,
                                        PSA_ALG_ECDSA(hash_alg) );
     if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) )
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
@@ -577,12 +577,10 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     psa_sig_md = PSA_ALG_ECDSA( psa_md );
     psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
 
-    if( ( ret = psa_allocate_key( psa_type,
-                                  MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE(curve),
-                                  &key_slot ) ) != PSA_SUCCESS )
+    if( ( ret = psa_allocate_key( &key_slot ) ) != PSA_SUCCESS )
           return( mbedtls_psa_err_translate_pk( ret ) );
 
-    psa_key_policy_init( &policy );
+    policy = psa_key_policy_init();
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md );
     if( ( ret = psa_set_key_policy( key_slot, &policy ) ) != PSA_SUCCESS )
     {
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
@@ -1594,14 +1594,14 @@ int main( int argc, char *argv[] )
     if( opt.psk_opaque != 0 )
     {
         /* The algorithm has already been determined earlier. */
-        status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, psk_len * 8, &slot );
+        status = psa_allocate_key( &slot );
         if( status != PSA_SUCCESS )
         {
             ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
             goto exit;
         }
 
-        psa_key_policy_init( &policy );
+        policy = psa_key_policy_init();
         psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
 
         status = psa_set_key_policy( slot, &policy );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
@@ -1239,7 +1239,7 @@ static psa_status_t psa_setup_psk_key_slot( psa_key_handle_t slot,
     psa_status_t status;
     psa_key_policy_t policy;
 
-    psa_key_policy_init( &policy );
+    policy = psa_key_policy_init();
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
 
     status = psa_set_key_policy( slot, &policy );
@@ -2667,7 +2667,7 @@ int main( int argc, char *argv[] )
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
         if( opt.psk_opaque != 0 )
         {
-            status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, psk_len * 8, &psk_slot );
+            status = psa_allocate_key( &psk_slot );
             if( status != PSA_SUCCESS )
             {
                 fprintf( stderr, "ALLOC FAIL\n" );
@@ -2711,7 +2711,7 @@ int main( int argc, char *argv[] )
             psk_entry *cur_psk;
             for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next )
             {
-                status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, cur_psk->key_len * 8, &cur_psk->slot );
+                status = psa_allocate_key( &cur_psk->slot );
                 if( status != PSA_SUCCESS )
                 {
                     ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
@@ -84,11 +84,11 @@ psa_key_handle_t pk_psa_genkey( void )
     psa_key_policy_t policy;
 
     /* Allocate a key slot */
-    if( PSA_SUCCESS != psa_allocate_key( type, bits, &key ) )
+    if( PSA_SUCCESS != psa_allocate_key( &key ) )
         return( PK_PSA_INVALID_SLOT );
 
     /* set up policy on key slot */
-    psa_key_policy_init( &policy );
+    policy = psa_key_policy_init();
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN,
                                       PSA_ALG_ECDSA(PSA_ALG_SHA_256) );
     if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) )

Original file line number	Diff line number	Diff line change
`@@ -1594,14 +1594,14 @@ int main( int argc, char *argv[] )`
`1594`	`1594`	`if( opt.psk_opaque != 0 )`
`1595`	`1595`	`{`
`1596`	`1596`	`/* The algorithm has already been determined earlier. */`
`1597`		`- status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, psk_len * 8, &slot );`
	`1597`	`+ status = psa_allocate_key( &slot );`
`1598`	`1598`	`if( status != PSA_SUCCESS )`
`1599`	`1599`	`{`
`1600`	`1600`	`ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;`
`1601`	`1601`	`goto exit;`
`1602`	`1602`	`}`
`1603`	`1603`
`1604`		`- psa_key_policy_init( &policy );`
	`1604`	`+ policy = psa_key_policy_init();`
`1605`	`1605`	`psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );`
`1606`	`1606`
`1607`	`1607`	`status = psa_set_key_policy( slot, &policy );`
Original file line number	Diff line number	Diff line change
`@@ -1239,7 +1239,7 @@ static psa_status_t psa_setup_psk_key_slot( psa_key_handle_t slot,`
`1239`	`1239`	`psa_status_t status;`
`1240`	`1240`	`psa_key_policy_t policy;`
`1241`	`1241`
`1242`		`- psa_key_policy_init( &policy );`
	`1242`	`+ policy = psa_key_policy_init();`
`1243`	`1243`	`psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );`
`1244`	`1244`
`1245`	`1245`	`status = psa_set_key_policy( slot, &policy );`
`@@ -2667,7 +2667,7 @@ int main( int argc, char *argv[] )`
`2667`	`2667`	`#if defined(MBEDTLS_USE_PSA_CRYPTO)`
`2668`	`2668`	`if( opt.psk_opaque != 0 )`
`2669`	`2669`	`{`
`2670`		`- status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, psk_len * 8, &psk_slot );`
	`2670`	`+ status = psa_allocate_key( &psk_slot );`
`2671`	`2671`	`if( status != PSA_SUCCESS )`
`2672`	`2672`	`{`
`2673`	`2673`	`fprintf( stderr, "ALLOC FAIL\n" );`
`@@ -2711,7 +2711,7 @@ int main( int argc, char *argv[] )`
`2711`	`2711`	`psk_entry *cur_psk;`
`2712`	`2712`	`for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next )`
`2713`	`2713`	`{`
`2714`		`- status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, cur_psk->key_len * 8, &cur_psk->slot );`
	`2714`	`+ status = psa_allocate_key( &cur_psk->slot );`
`2715`	`2715`	`if( status != PSA_SUCCESS )`
`2716`	`2716`	`{`
`2717`	`2717`	`ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;`