Add mock tests for hooks for secure element drivers #174
Conversation
include/psa/crypto_se_driver.h
Outdated
| uint8_t *p_pubkey_out, | ||
| size_t pubkey_out_size, | ||
| size_t *p_pubkey_length); | ||
| size_t bits); |
There was a problem hiding this comment.
Why did you drop support for pubkey exporting during key generation?
There was a problem hiding this comment.
I've fixed this based on the discussion we had.
library/psa_crypto.c
Outdated
| status = drv->asymmetric->p_sign( | ||
| slot->data.se.slot_number, alg, hash, hash_length, signature, | ||
| signature_size, signature_length ); | ||
| goto exit; |
There was a problem hiding this comment.
Do we need this goto?
There was a problem hiding this comment.
No, it goes to exit at this point anyway, I'll remove it.
library/psa_crypto.c
Outdated
| drv->asymmetric->p_sign == NULL ) | ||
| { | ||
| status = PSA_ERROR_NOT_SUPPORTED; | ||
| goto exit; |
There was a problem hiding this comment.
Do we need this goto?
There was a problem hiding this comment.
I believe we need this one, as there isn't anything more we can do at this point.
| mock_import_data.usage = usage; | ||
| mock_import_data.data_length = data_length; | ||
|
|
||
| if( mock_import_data.return_value == PSA_SUCCESS ) |
There was a problem hiding this comment.
This should be set regardlesss of the result.
There was a problem hiding this comment.
Do we want to set all these values even on failure? The test seems to indicate that type at least should remain unset if mock_import_return_value isn't PSA_SUCCESS
There was a problem hiding this comment.
The mock structures only indicate with what arguments was the function called, regardless of any error.
gilles-peskine-arm
added
the
feature branch
dgreen-arm
force-pushed
the
psa-se-driver-hooks
branch
from
bde7708 to
284eca2
Compare
|
@dgreen-arm I've rebased this branch on the latest API branch. Available at https://github.com/Patater/mbed-crypto/tree/psa-se-driver-hooks. Would recommend updating this PR with that branch, changing the target branch of this PR, and continuing the review from there. |
dgreen-arm
changed the base branch from
dev/shared/secure-element
to
psa-api-1.0-beta
dgreen-arm
force-pushed
the
psa-se-driver-hooks
branch
from
284eca2 to
37a41ec
Compare
|
There are currently two issues to note with this PR. Firstly, the tests aren't currently being run as |
gilles-peskine-arm
added
api-spec
|
There's an |
|
Oh, I hadn't realized that. This is based on #157, so that issue is already solved. |
dgreen-arm
force-pushed
the
psa-se-driver-hooks
branch
from
37a41ec to
917ab8a
Compare
| @@ -1835,7 +1835,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, | |||
| if( driver != NULL ) | |||
| { | |||
| const psa_drv_se_t *drv = psa_get_se_driver_methods( driver ); | |||
| size_t bits; | |||
| size_t bits = PSA_MAX_KEY_BITS + 1; | |||
There was a problem hiding this comment.
Why is this change needed?
There was a problem hiding this comment.
Please leave a comment in the code explaining the reason, to improve the code's readability. Others will have the same question.
There was a problem hiding this comment.
I see this change was added in commit "Parametrize key bits in import mock test", which doesn't seem right if all one intends to do is updating a test as the title would imply. If the core has to be updated together with the test change, revise the commit message. If the core has a bug, explain it in the commit message and make a change to fix the bug separate from the mock test updating.
There was a problem hiding this comment.
I've split this out into a separate commit and added an explanation.
There was a problem hiding this comment.
Please add a comment in the code about why you chose the value you did.
There was a problem hiding this comment.
Added a code comment.
tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
Outdated
Show resolved
Hide resolved
tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
Outdated
Show resolved
Hide resolved
tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
Outdated
Show resolved
Hide resolved
| @@ -1835,7 +1835,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, | |||
| if( driver != NULL ) | |||
| { | |||
| const psa_drv_se_t *drv = psa_get_se_driver_methods( driver ); | |||
| size_t bits; | |||
| size_t bits = PSA_MAX_KEY_BITS + 1; | |||
There was a problem hiding this comment.
I see this change was added in commit "Parametrize key bits in import mock test", which doesn't seem right if all one intends to do is updating a test as the title would imply. If the core has to be updated together with the test change, revise the commit message. If the core has a bug, explain it in the commit message and make a change to fix the bug separate from the mock test updating.
dgreen-arm
force-pushed
the
psa-se-driver-hooks
branch
from
917ab8a to
af793a8
Compare
|
The ABI check is failing as the fix hasn't been merged into the |
dgreen-arm
force-pushed
the
psa-se-driver-hooks
branch
from
af793a8 to
dd55ea5
Compare
dgreen-arm
changed the title
Mock key importing and exporting
In psa_import_key, the key bits value was uninitialized before calling the secure element driver import function. There is a potential issue if the driver returns PSA_SUCCESS without setting the key bits. This shouldn't happen, but shouldn't be discounted either, so we initialize the key bits to an invalid issue.
dgreen-arm
force-pushed
the
psa-se-driver-hooks
branch
from
dd55ea5 to
0892d0f
Compare
|
I've reworked this to save and check all the attributes in the import and generate mock tests. I've also rebased it onto development to (hopefully) get the PR-head tests passing. Previous version available here: https://github.com/dgreen-arm/mbed-crypto/tree/psa-se-driver-hooks-3 |
dgreen-arm
added
needs: review
Patater
removed
the
needs: review
This PR add hooks for generating keys, signing and verification using secure element driver code.