Skip to content

Commit d7c3daa

Browse files
author
itayzafrir
committed
Update example to use crypto key handles APIs
1 parent c278b6e commit d7c3daa

File tree

1 file changed

+34
-26
lines changed

1 file changed

+34
-26
lines changed

main.cpp

Lines changed: 34 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -58,19 +58,15 @@ int main(void)
5858
}
5959
#else
6060

61-
/* Use key slot 1 for our cipher key. Key slot 0 is reserved as unused. */
62-
static const psa_key_slot_t key_slot_cipher = 1;
63-
64-
static psa_status_t set_key_policy(psa_key_slot_t key_slot,
61+
static psa_status_t set_key_policy(psa_key_handle_t key_handle,
6562
psa_key_usage_t key_usage,
6663
psa_algorithm_t alg)
6764
{
6865
psa_status_t status;
69-
psa_key_policy_t policy;
66+
psa_key_policy_t policy = psa_key_policy_init();
7067

71-
psa_key_policy_init(&policy);
7268
psa_key_policy_set_usage(&policy, key_usage, alg);
73-
status = psa_set_key_policy(key_slot, &policy);
69+
status = psa_set_key_policy(key_handle, &policy);
7470
ASSERT_STATUS(status, PSA_SUCCESS);
7571
exit:
7672
return status;
@@ -111,7 +107,7 @@ static psa_status_t cipher_operation(psa_cipher_operation_t *operation,
111107
return status;
112108
}
113109

114-
static psa_status_t cipher_encrypt(psa_key_slot_t key_slot,
110+
static psa_status_t cipher_encrypt(psa_key_handle_t key_handle,
115111
psa_algorithm_t alg,
116112
uint8_t *iv,
117113
size_t iv_size,
@@ -127,7 +123,7 @@ static psa_status_t cipher_encrypt(psa_key_slot_t key_slot,
127123
size_t iv_len = 0;
128124

129125
memset(&operation, 0, sizeof(operation));
130-
status = psa_cipher_encrypt_setup(&operation, key_slot, alg);
126+
status = psa_cipher_encrypt_setup(&operation, key_handle, alg);
131127
ASSERT_STATUS(status, PSA_SUCCESS);
132128

133129
status = psa_cipher_generate_iv(&operation, iv, iv_size, &iv_len);
@@ -142,7 +138,7 @@ static psa_status_t cipher_encrypt(psa_key_slot_t key_slot,
142138
return status;
143139
}
144140

145-
static psa_status_t cipher_decrypt(psa_key_slot_t key_slot,
141+
static psa_status_t cipher_decrypt(psa_key_handle_t key_handle,
146142
psa_algorithm_t alg,
147143
const uint8_t *iv,
148144
size_t iv_size,
@@ -157,7 +153,7 @@ static psa_status_t cipher_decrypt(psa_key_slot_t key_slot,
157153
psa_cipher_operation_t operation;
158154

159155
memset(&operation, 0, sizeof(operation));
160-
status = psa_cipher_decrypt_setup(&operation, key_slot, alg);
156+
status = psa_cipher_decrypt_setup(&operation, key_handle, alg);
161157
ASSERT_STATUS(status, PSA_SUCCESS);
162158

163159
status = psa_cipher_set_iv(&operation, iv, iv_size);
@@ -187,25 +183,29 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block(void)
187183
uint8_t input[block_size];
188184
uint8_t encrypt[block_size];
189185
uint8_t decrypt[block_size];
186+
psa_key_handle_t key_handle = 0;
187+
188+
status = psa_allocate_key(&key_handle);
189+
ASSERT_STATUS(status, PSA_SUCCESS);
190190

191191
status = psa_generate_random(input, sizeof(input));
192192
ASSERT_STATUS(status, PSA_SUCCESS);
193193

194-
status = set_key_policy(key_slot_cipher,
194+
status = set_key_policy(key_handle,
195195
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
196196
alg);
197197
ASSERT_STATUS(status, PSA_SUCCESS);
198198

199-
status = psa_generate_key(key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
199+
status = psa_generate_key(key_handle, PSA_KEY_TYPE_AES, key_bits,
200200
NULL, 0);
201201
ASSERT_STATUS(status, PSA_SUCCESS);
202202

203-
status = cipher_encrypt(key_slot_cipher, alg, iv, sizeof(iv),
203+
status = cipher_encrypt(key_handle, alg, iv, sizeof(iv),
204204
input, sizeof(input), part_size,
205205
encrypt, sizeof(encrypt), &output_len);
206206
ASSERT_STATUS(status, PSA_SUCCESS);
207207

208-
status = cipher_decrypt(key_slot_cipher, alg, iv, sizeof(iv),
208+
status = cipher_decrypt(key_handle, alg, iv, sizeof(iv),
209209
encrypt, output_len, part_size,
210210
decrypt, sizeof(decrypt), &output_len);
211211
ASSERT_STATUS(status, PSA_SUCCESS);
@@ -214,7 +214,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block(void)
214214
ASSERT_STATUS(status, PSA_SUCCESS);
215215

216216
exit:
217-
psa_destroy_key(key_slot_cipher);
217+
psa_destroy_key(key_handle);
218218
return status;
219219
}
220220

@@ -233,25 +233,29 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi(void)
233233
size_t output_len = 0;
234234
uint8_t iv[block_size], input[input_size],
235235
encrypt[input_size + block_size], decrypt[input_size + block_size];
236+
psa_key_handle_t key_handle = 0;
237+
238+
status = psa_allocate_key(&key_handle);
239+
ASSERT_STATUS(status, PSA_SUCCESS);
236240

237241
status = psa_generate_random(input, sizeof(input));
238242
ASSERT_STATUS(status, PSA_SUCCESS);
239243

240-
status = set_key_policy(key_slot_cipher,
244+
status = set_key_policy(key_handle,
241245
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
242246
alg);
243247
ASSERT_STATUS(status, PSA_SUCCESS);
244248

245-
status = psa_generate_key(key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
249+
status = psa_generate_key(key_handle, PSA_KEY_TYPE_AES, key_bits,
246250
NULL, 0);
247251
ASSERT_STATUS(status, PSA_SUCCESS);
248252

249-
status = cipher_encrypt(key_slot_cipher, alg, iv, sizeof(iv),
253+
status = cipher_encrypt(key_handle, alg, iv, sizeof(iv),
250254
input, sizeof(input), part_size,
251255
encrypt, sizeof(encrypt), &output_len);
252256
ASSERT_STATUS(status, PSA_SUCCESS);
253257

254-
status = cipher_decrypt(key_slot_cipher, alg, iv, sizeof(iv),
258+
status = cipher_decrypt(key_handle, alg, iv, sizeof(iv),
255259
encrypt, output_len, part_size,
256260
decrypt, sizeof(decrypt), &output_len);
257261
ASSERT_STATUS(status, PSA_SUCCESS);
@@ -260,7 +264,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi(void)
260264
ASSERT_STATUS(status, PSA_SUCCESS);
261265

262266
exit:
263-
psa_destroy_key(key_slot_cipher);
267+
psa_destroy_key(key_handle);
264268
return status;
265269
}
266270

@@ -278,25 +282,29 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi(void)
278282
size_t output_len = 0;
279283
uint8_t iv[block_size], input[input_size], encrypt[input_size],
280284
decrypt[input_size];
285+
psa_key_handle_t key_handle = 0;
286+
287+
status = psa_allocate_key(&key_handle);
288+
ASSERT_STATUS(status, PSA_SUCCESS);
281289

282290
status = psa_generate_random(input, sizeof(input));
283291
ASSERT_STATUS(status, PSA_SUCCESS);
284292

285-
status = set_key_policy(key_slot_cipher,
293+
status = set_key_policy(key_handle,
286294
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
287295
alg);
288296
ASSERT_STATUS(status, PSA_SUCCESS);
289297

290-
status = psa_generate_key(key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
298+
status = psa_generate_key(key_handle, PSA_KEY_TYPE_AES, key_bits,
291299
NULL, 0);
292300
ASSERT_STATUS(status, PSA_SUCCESS);
293301

294-
status = cipher_encrypt(key_slot_cipher, alg, iv, sizeof(iv),
302+
status = cipher_encrypt(key_handle, alg, iv, sizeof(iv),
295303
input, sizeof(input), part_size,
296304
encrypt, sizeof(encrypt), &output_len);
297305
ASSERT_STATUS(status, PSA_SUCCESS);
298306

299-
status = cipher_decrypt(key_slot_cipher, alg, iv, sizeof(iv),
307+
status = cipher_decrypt(key_handle, alg, iv, sizeof(iv),
300308
encrypt, output_len, part_size,
301309
decrypt, sizeof(decrypt), &output_len);
302310
ASSERT_STATUS(status, PSA_SUCCESS);
@@ -305,7 +313,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi(void)
305313
ASSERT_STATUS(status, PSA_SUCCESS);
306314

307315
exit:
308-
psa_destroy_key(key_slot_cipher);
316+
psa_destroy_key(key_handle);
309317
return status;
310318
}
311319

0 commit comments

Comments
 (0)