Move key type validation to crypto_knowledge
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py
index 4b4e2df..01a8c5d 100644
--- a/scripts/mbedtls_dev/crypto_knowledge.py
+++ b/scripts/mbedtls_dev/crypto_knowledge.py
@@ -19,7 +19,7 @@
# limitations under the License.
import re
-from typing import Iterable, Optional, Tuple
+from typing import Iterable, Optional, Tuple, Dict
from mbedtls_dev.asymmetric_key_data import ASYMMETRIC_KEY_DATA
@@ -138,3 +138,18 @@
return des3[:length]
return b''.join([self.DATA_BLOCK] * (length // len(self.DATA_BLOCK)) +
[self.DATA_BLOCK[:length % len(self.DATA_BLOCK)]])
+
+ KEY_TYPE_FOR_SIGNATURE = {
+ 'PSA_KEY_USAGE_SIGN_HASH': '.*KEY_PAIR',
+ 'PSA_KEY_USAGE_VERIFY_HASH': '.*KEY.*'
+ } #type: Dict[str, str]
+ """Use a regexp to determine key types for which signature is possible
+ when using the actual usage flag.
+ """
+ def is_valid_for_signature(self, usage: str) -> bool:
+ """Determine if the key type is compatible with the specified
+ signitute type.
+
+ """
+ # This is just temporaly solution for the implicit usage flags.
+ return re.match(self.KEY_TYPE_FOR_SIGNATURE[usage], self.name) is not None
diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py
index 5ff1738..88992a6 100644
--- a/scripts/mbedtls_dev/psa_storage.py
+++ b/scripts/mbedtls_dev/psa_storage.py
@@ -107,14 +107,6 @@
} #type: Dict[str, str]
"""Mapping of usage flags to the flags that they imply."""
- IMPLICIT_USAGE_FLAGS_KEY_RESTRICTION = {
- 'PSA_KEY_USAGE_SIGN_HASH': '.*KEY_PAIR',
- 'PSA_KEY_USAGE_VERIFY_HASH': '.*KEY.*'
- } #type: Dict[str, str]
- """Use a regexp to determine key types for which signature is possible
- when using the actual usage flag.
- """
-
def __init__(self, *,
version: Optional[int] = None,
id: Optional[int] = None, #pylint: disable=redefined-builtin