Merge pull request #4 from AndrzejKurek/private_key_generation

Use the driver version of private key generation

Author: Patater

atecc608a_utils.c

@@ -61,19 +61,3 @@ psa_status_t atecc608a_check_config_locked()
     }
     return status;
 }
-
-psa_status_t atecc608a_generate_key(uint16_t slot, uint8_t *pubkey, size_t pubkey_size)
-{
-    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
-    if (pubkey != NULL && pubkey_size < ATCA_PUB_KEY_SIZE)
-    {
-       return PSA_ERROR_BUFFER_TOO_SMALL;
-    }
-
-    ASSERT_SUCCESS_PSA(atecc608a_init());
-    ASSERT_SUCCESS(atcab_genkey(slot, pubkey));
-
-exit:
-    atecc608a_deinit();
-    return status;
-}

atecc608a_utils.h

@@ -61,6 +61,4 @@ psa_status_t atecc608a_get_serial_number(uint8_t *buffer, size_t buffer_size,
 
 psa_status_t atecc608a_check_config_locked();
 
-psa_status_t atecc608a_generate_key(uint16_t slot, uint8_t *pubkey, size_t pubkey_size);
-
 #endif /* ATECC608A_SE_H */

main.c

@@ -147,8 +147,6 @@ int main(void)
 
     atecc608a_print_serial_number();
     atecc608a_print_config_zone();
-    ASSERT_SUCCESS_PSA(atecc608a_generate_key(atecc608a_key_slot_device, pubkey, pubkey_size));
-    atcab_printbin_label("pubKey generated: ", pubkey, ATCA_PUB_KEY_SIZE);
 
     ASSERT_SUCCESS_PSA(atecc608a_hash_sha256(hash_input1,
                                              sizeof(hash_input1) - 1,
@@ -167,6 +165,21 @@ int main(void)
     /* Verify that the device has a locked config before doing anything */
     ASSERT_SUCCESS_PSA(atecc608a_check_config_locked());
 
+    /* Test that a public key received during a private key generation
+     * can be imported */
+    ASSERT_SUCCESS_PSA(atecc608a_drv_info.p_key_management->p_generate(
+                         atecc608a_key_slot_device, keypair_type,
+                         PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
+                         key_bits, NULL, 0, pubkey, pubkey_size, &pubkey_len));
+
+    ASSERT_SUCCESS_PSA(atecc608a_drv_info.p_key_management->p_import(
+                         atecc608a_public_key_slot,
+                         atecc608a_drv_info.lifetime,
+                         key_type, alg, PSA_KEY_USAGE_VERIFY, pubkey,
+                         pubkey_len));
+
+    /* Test that a public key that is exported from a private key can be
+     * imported */
     ASSERT_SUCCESS_PSA(atecc608a_drv_info.p_key_management->p_export(
                          atecc608a_key_slot_device, pubkey, sizeof(pubkey),
                          &pubkey_len));
@@ -177,13 +190,16 @@ int main(void)
                          key_type, alg, PSA_KEY_USAGE_VERIFY, pubkey,
                          pubkey_len));
 
+    /* Test that signing using the generated private key and verifying using
+     * the exported public key works */
     ASSERT_SUCCESS_PSA(atecc608a_drv_info.p_asym->p_sign(
                          atecc608a_key_slot_device, alg, hash, sizeof(hash),
                          signature, sizeof(signature), &signature_length));
 
     ASSERT_SUCCESS_PSA(atecc608a_drv_info.p_asym->p_verify(
                          atecc608a_public_key_slot, alg, hash, sizeof(hash),
                          signature, signature_length));
+
     /*
      * Import the secure element's public key into a volatile key slot.
      */

mbed-os-atecc608a.lib

@@ -1 +1 @@
-git@github.com:ARMmbed/mbed-os-atecc608a/#b43091e170053864a0cf1199186160e8e7ffc337
+https://github.com/ARMmbed/mbed-os-atecc608a/#bae7de43d835aea03c4fd7af382232d8b5d26ad7