|
4 | 4 |
|
5 | 5 | #include "psa_crypto_se.h" |
6 | 6 |
|
7 | | -/* The minimum valid lifetime value for a secure element driver. */ |
| 7 | +/** The minimum valid lifetime value for a secure element driver. */ |
8 | 8 | #define MIN_DRIVER_LIFETIME 2 |
9 | 9 |
|
| 10 | +/** The driver detected a condition that shouldn't happen. |
| 11 | + * This is probably a bug in the library. */ |
| 12 | +#define PSA_ERROR_DETECTED_BY_DRIVER ((psa_status_t)( -500 )) |
| 13 | + |
| 14 | +#define RAM_MAX_KEY_SIZE 64 |
| 15 | +typedef struct |
| 16 | +{ |
| 17 | + psa_key_lifetime_t lifetime; |
| 18 | + psa_key_type_t type; |
| 19 | + size_t bits; |
| 20 | + uint8_t content[RAM_MAX_KEY_SIZE]; |
| 21 | +} ram_slot_t; |
| 22 | +static ram_slot_t ram_slots[16]; |
| 23 | + |
| 24 | +static void ram_slots_reset( void ) |
| 25 | +{ |
| 26 | + memset( ram_slots, 0, sizeof( ram_slots ) ); |
| 27 | +} |
| 28 | + |
| 29 | +static psa_status_t ram_import( psa_key_slot_number_t slot_number, |
| 30 | + psa_key_lifetime_t lifetime, |
| 31 | + psa_key_type_t type, |
| 32 | + psa_algorithm_t algorithm, |
| 33 | + psa_key_usage_t usage, |
| 34 | + const uint8_t *p_data, |
| 35 | + size_t data_length ) |
| 36 | +{ |
| 37 | + if( slot_number > ARRAY_LENGTH( ram_slots ) ) |
| 38 | + return( PSA_ERROR_DETECTED_BY_DRIVER ); |
| 39 | + if( data_length > sizeof( ram_slots[slot_number].content ) ) |
| 40 | + return( PSA_ERROR_INSUFFICIENT_STORAGE ); |
| 41 | + ram_slots[slot_number].lifetime = lifetime; |
| 42 | + ram_slots[slot_number].type = type; |
| 43 | + ram_slots[slot_number].bits = PSA_BYTES_TO_BITS( data_length ); |
| 44 | + (void) algorithm; |
| 45 | + (void) usage; |
| 46 | + memcpy( ram_slots[slot_number].content, p_data, data_length ); |
| 47 | + return( PSA_SUCCESS ); |
| 48 | +} |
| 49 | + |
| 50 | +psa_status_t ram_export( psa_key_slot_number_t slot_number, |
| 51 | + uint8_t *p_data, |
| 52 | + size_t data_size, |
| 53 | + size_t *p_data_length ) |
| 54 | +{ |
| 55 | + size_t actual_size; |
| 56 | + if( slot_number > ARRAY_LENGTH( ram_slots ) ) |
| 57 | + return( PSA_ERROR_DETECTED_BY_DRIVER ); |
| 58 | + actual_size = PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ); |
| 59 | + if( actual_size > data_size ) |
| 60 | + return( PSA_ERROR_BUFFER_TOO_SMALL ); |
| 61 | + *p_data_length = actual_size; |
| 62 | + memcpy( p_data, ram_slots[slot_number].content, actual_size ); |
| 63 | + return( PSA_SUCCESS ); |
| 64 | +} |
| 65 | + |
| 66 | +psa_status_t ram_destroy( psa_key_slot_number_t slot_number ) |
| 67 | +{ |
| 68 | + if( slot_number > ARRAY_LENGTH( ram_slots ) ) |
| 69 | + return( PSA_ERROR_DETECTED_BY_DRIVER ); |
| 70 | + memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); |
| 71 | + return( PSA_SUCCESS ); |
| 72 | +} |
| 73 | + |
10 | 74 | /* END_HEADER */ |
11 | 75 |
|
12 | 76 | /* BEGIN_DEPENDENCIES |
@@ -78,3 +142,57 @@ exit: |
78 | 142 | PSA_DONE( ); |
79 | 143 | } |
80 | 144 | /* END_CASE */ |
| 145 | + |
| 146 | +/* BEGIN_CASE */ |
| 147 | +void key_creation_import_export( ) |
| 148 | +{ |
| 149 | + psa_drv_se_t driver; |
| 150 | + psa_drv_se_key_management_t key_management; |
| 151 | + psa_key_lifetime_t lifetime = 2; |
| 152 | + psa_key_id_t id = 1; |
| 153 | + psa_key_handle_t handle = 0; |
| 154 | + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; |
| 155 | + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; |
| 156 | + uint8_t exported[sizeof( key_material )]; |
| 157 | + size_t exported_length; |
| 158 | + psa_key_slot_number_t expected_slot = 0; |
| 159 | + |
| 160 | + memset( &driver, 0, sizeof( driver ) ); |
| 161 | + memset( &key_management, 0, sizeof( key_management ) ); |
| 162 | + driver.hal_version = PSA_DRV_SE_HAL_VERSION; |
| 163 | + driver.key_management = &key_management; |
| 164 | + key_management.slot_count = ARRAY_LENGTH( ram_slots ); |
| 165 | + key_management.p_import = ram_import; |
| 166 | + key_management.p_export = ram_export; |
| 167 | + key_management.p_destroy = ram_destroy; |
| 168 | + |
| 169 | + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); |
| 170 | + PSA_ASSERT( psa_crypto_init( ) ); |
| 171 | + |
| 172 | + psa_set_key_id( &attributes, id ); |
| 173 | + psa_set_key_lifetime( &attributes, lifetime ); |
| 174 | + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); |
| 175 | + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); |
| 176 | + PSA_ASSERT( psa_import_key( &attributes, |
| 177 | + key_material, sizeof( key_material ), |
| 178 | + &handle ) ); |
| 179 | + |
| 180 | + /* Test that the key was created in the designated slot. */ |
| 181 | + TEST_ASSERT( ram_slots[expected_slot].type == PSA_KEY_TYPE_RAW_DATA ); |
| 182 | + |
| 183 | + PSA_ASSERT( psa_export_key( handle, |
| 184 | + exported, sizeof( exported ), |
| 185 | + &exported_length ) ); |
| 186 | + ASSERT_COMPARE( key_material, sizeof( key_material ), |
| 187 | + exported, exported_length ); |
| 188 | + |
| 189 | + PSA_ASSERT( psa_destroy_key( handle ) ); |
| 190 | + |
| 191 | + /* Test that the key has been erased from the designated slot. */ |
| 192 | + TEST_ASSERT( ram_slots[expected_slot].type == 0 ); |
| 193 | + |
| 194 | +exit: |
| 195 | + PSA_DONE( ); |
| 196 | + ram_slots_reset( ); |
| 197 | +} |
| 198 | +/* END_CASE */ |
0 commit comments