TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 01a12c49aa057c83383ac2fc1dd32489672089c2^! / . / tests
commit01a12c49aa057c83383ac2fc1dd32489672089c2[log] [tgz]
authorManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Wed Oct 31 10:28:01 2018 +0100
committerManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Thu Nov 22 09:59:34 2018 +0100
treec6138023e6ee46efa12cd4766a50171346a6c579
parent7b5fe041f1be3a4ddd7c6d99b24314e9794c2db8 [diff]
Add key generation to opaque test function

While at it, clarify who's responsible for destroying the underlying key. That
can't be us because some keys cannot be destroyed and we wouldn't know. So
let's leave that up to the caller.

diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index d95dbc9..64f1fec 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function

@@ -62,6 +62,34 @@
     return( ((const mbedtls_rsa_context *) ctx)->len );
 }
 #endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+#include "mbedtls/psa_util.h"
+
+#define PK_PSA_INVALID_SLOT 0 /* guaranteed invalid */
+
+/*
+ * Generate a key in a free key slot and return this key slot,
+ * or PK_PSA_INVALID_SLOT if no slot was available.
+ */
+psa_key_slot_t pk_psa_genkey( void )
+{
+    psa_key_slot_t key;
+
+    const int curve = PSA_ECC_CURVE_SECP256R1;
+    const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEYPAIR(curve);
+    const size_t bits = 256;
+
+    if( PSA_SUCCESS != mbedtls_psa_get_free_key_slot( &key ) )
+        return( PK_PSA_INVALID_SLOT );
+
+    if( PSA_SUCCESS != psa_generate_key( key, type, bits, NULL, 0 ) )
+        return( PK_PSA_INVALID_SLOT );
+
+    return( key );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -69,21 +97,29 @@
  * END_DEPENDENCIES
  */
 
-/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */
+/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
 void pk_psa_utils(  )
 {
     mbedtls_pk_context pk;
     const char * const name = "Opaque (PSA)";
+    psa_key_slot_t key;
 
     mbedtls_pk_init( &pk );
 
-    TEST_ASSERT( mbedtls_pk_setup_psa( &pk, 0 ) == 0 );
+    key = pk_psa_genkey();
+    TEST_ASSERT( key != 0 );
+
+    TEST_ASSERT( mbedtls_pk_setup_psa( &pk, key ) == 0 );
 
     TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE_PSA );
     TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
 
-exit:
+    /* test that freeing the context does not destroy the key */
     mbedtls_pk_free( &pk );
+    TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );
+
+exit:
+    mbedtls_pk_free( &pk ); /* redundant except upon error */
 }
 /* END_CASE */