psa: Add initializers for key policies
Add new initializers for key policies and use them in our docs, example
programs, tests, and library code. Prefer using the macro initializers
due to their straightforwardness.
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c1339c0..5358799 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -902,7 +902,7 @@
psa_status_t expected_import1_status = expected_import1_status_arg;
psa_key_type_t type2 = type2_arg;
psa_status_t expected_import2_status = expected_import2_status_arg;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_status_t status;
PSA_ASSERT( psa_crypto_init( ) );
@@ -911,7 +911,6 @@
MAX( KEY_BITS_FROM_DATA( type1, data1 ),
KEY_BITS_FROM_DATA( type2, data2 ) ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, usage, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -989,7 +988,7 @@
size_t reexported_length;
psa_key_type_t got_type;
size_t got_bits;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
export_size = (ptrdiff_t) data->len + export_size_delta;
ASSERT_ALLOC( exported, export_size );
@@ -998,7 +997,6 @@
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( type, expected_bits, &handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, usage_arg, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1126,7 +1124,7 @@
psa_key_handle_t handle = 0;
psa_algorithm_t alg = PSA_ALG_CTR;
psa_status_t status;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
unsigned char *exported = NULL;
size_t export_size = 0;
size_t exported_length = INVALID_EXPORT_LENGTH;
@@ -1135,7 +1133,6 @@
PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0,
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1155,7 +1152,7 @@
{
psa_key_handle_t handle = 0;
psa_status_t status;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_cipher_operation_t operation;
int exercise_alg = PSA_ALG_CTR;
@@ -1163,7 +1160,6 @@
PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0,
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1245,7 +1241,7 @@
psa_key_handle_t handle = 0;
psa_key_type_t type = type_arg;
psa_status_t status;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_algorithm_t alg = PSA_ALG_CTR;
unsigned char *exported = NULL;
size_t export_size = 0;
@@ -1255,7 +1251,6 @@
PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
export_size = (ptrdiff_t) data->len;
@@ -1298,13 +1293,12 @@
unsigned char *exported = NULL;
size_t export_size = expected_public_key->len + export_size_delta;
size_t exported_length = INVALID_EXPORT_LENGTH;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1347,7 +1341,7 @@
size_t bits = bits_arg;
psa_algorithm_t alg = alg_arg;
psa_key_usage_t usage = usage_to_exercise( type, alg );
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_key_type_t got_type;
size_t got_bits;
psa_status_t status;
@@ -1356,7 +1350,6 @@
PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, usage, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1389,8 +1382,8 @@
psa_key_usage_t usage = usage_arg;
psa_key_type_t key_type = PSA_KEY_TYPE_AES;
unsigned char key[32] = {0};
- psa_key_policy_t policy_set;
- psa_key_policy_t policy_get;
+ psa_key_policy_t policy_set = PSA_KEY_POLICY_INIT;
+ psa_key_policy_t policy_get = PSA_KEY_POLICY_INIT;
memset( key, 0x2a, sizeof( key ) );
@@ -1398,8 +1391,6 @@
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( sizeof( key ) ),
&handle ) );
- psa_key_policy_init( &policy_set );
- psa_key_policy_init( &policy_get );
psa_key_policy_set_usage( &policy_set, usage, alg );
TEST_EQUAL( psa_key_policy_get_usage( &policy_set ), usage );
@@ -1421,6 +1412,31 @@
/* END_CASE */
/* BEGIN_CASE */
+void key_policy_init( )
+{
+ /* Test each valid way of initializing the object, except for `= {0}`, as
+ * Clang 5 complains when `-Wmissing-field-initializers` is used, even
+ * though it's OK by the C standard. We could test for this, but we'd need
+ * to supress the Clang warning for the test. */
+ psa_key_policy_t func = psa_key_policy_init( );
+ psa_key_policy_t init = PSA_KEY_POLICY_INIT;
+ psa_key_policy_t zero;
+
+ memset( &zero, 0, sizeof( zero ) );
+
+ /* Although not technically guaranteed by the C standard nor the PSA Crypto
+ * specification, we test that all valid ways of initializing the object
+ * have the same bit pattern. This is a stronger requirement that may not
+ * be valid on all platforms or PSA Crypto implementations, but implies the
+ * weaker actual requirement is met: that a freshly initialized object, no
+ * matter how it was initialized, acts the same as any other valid
+ * initialization. */
+ TEST_EQUAL( memcmp( &func, &zero, sizeof( zero ) ), 0 );
+ TEST_EQUAL( memcmp( &init, &zero, sizeof( zero ) ), 0 );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
void mac_key_policy( int policy_usage,
int policy_alg,
int key_type,
@@ -1428,7 +1444,7 @@
int exercise_alg )
{
psa_key_handle_t handle = 0;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_mac_operation_t operation;
psa_status_t status;
unsigned char mac[PSA_MAC_MAX_SIZE];
@@ -1438,7 +1454,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1476,7 +1491,7 @@
int exercise_alg )
{
psa_key_handle_t handle = 0;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_cipher_operation_t operation;
psa_status_t status;
@@ -1485,7 +1500,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1524,7 +1538,7 @@
int exercise_alg )
{
psa_key_handle_t handle = 0;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_status_t status;
unsigned char nonce[16] = {0};
size_t nonce_length = nonce_length_arg;
@@ -1540,7 +1554,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1586,7 +1599,7 @@
int exercise_alg )
{
psa_key_handle_t handle = 0;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_status_t status;
size_t key_bits;
size_t buffer_length;
@@ -1598,7 +1611,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1651,7 +1663,7 @@
int exercise_alg )
{
psa_key_handle_t handle = 0;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_status_t status;
unsigned char payload[16] = {1};
size_t payload_length = sizeof( payload );
@@ -1663,7 +1675,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1704,7 +1715,7 @@
int exercise_alg )
{
psa_key_handle_t handle = 0;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
psa_status_t status;
@@ -1713,7 +1724,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1746,7 +1756,7 @@
int exercise_alg )
{
psa_key_handle_t handle = 0;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_key_type_t key_type = key_type_arg;
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
psa_status_t status;
@@ -1756,7 +1766,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1901,14 +1910,13 @@
psa_algorithm_t alg = alg_arg;
psa_status_t expected_status = expected_status_arg;
psa_mac_operation_t operation;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_status_t status;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy,
PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
alg );
@@ -1938,7 +1946,7 @@
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
psa_mac_operation_t operation;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
/* Leave a little extra room in the output buffer. At the end of the
* test, we'll check that the implementation didn't overwrite onto
* this extra room. */
@@ -1955,7 +1963,6 @@
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1996,7 +2003,7 @@
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
psa_mac_operation_t operation;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE );
@@ -2004,7 +2011,6 @@
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2037,14 +2043,13 @@
psa_algorithm_t alg = alg_arg;
psa_status_t expected_status = expected_status_arg;
psa_cipher_operation_t operation;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_status_t status;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2079,7 +2084,7 @@
size_t function_output_length = 0;
size_t total_output_length = 0;
psa_cipher_operation_t operation;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
memset( iv, 0x2a, iv_size );
@@ -2088,7 +2093,6 @@
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2147,7 +2151,7 @@
size_t function_output_length = 0;
size_t total_output_length = 0;
psa_cipher_operation_t operation;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
memset( iv, 0x2a, iv_size );
@@ -2156,7 +2160,6 @@
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2218,7 +2221,7 @@
size_t function_output_length = 0;
size_t total_output_length = 0;
psa_cipher_operation_t operation;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
memset( iv, 0x2a, iv_size );
@@ -2227,7 +2230,6 @@
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2291,7 +2293,7 @@
size_t function_output_length = 0;
size_t total_output_length = 0;
psa_cipher_operation_t operation;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
memset( iv, 0x2a, iv_size );
@@ -2300,7 +2302,6 @@
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2363,13 +2364,12 @@
size_t function_output_length = 0;
psa_cipher_operation_t operation1;
psa_cipher_operation_t operation2;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2449,13 +2449,12 @@
size_t function_output_length;
psa_cipher_operation_t operation1;
psa_cipher_operation_t operation2;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2550,7 +2549,7 @@
size_t output_length2 = 0;
size_t tag_length = 16;
psa_status_t expected_result = expected_result_arg;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
output_size = input_data->len + tag_length;
ASSERT_ALLOC( output_data, output_size );
@@ -2559,7 +2558,6 @@
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy,
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
alg );
@@ -2617,7 +2615,7 @@
size_t output_size = 0;
size_t output_length = 0;
size_t tag_length = 16;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
output_size = input_data->len + tag_length;
ASSERT_ALLOC( output_data, output_size );
@@ -2626,7 +2624,6 @@
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2667,7 +2664,7 @@
size_t output_size = 0;
size_t output_length = 0;
size_t tag_length = 16;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_status_t expected_result = expected_result_arg;
output_size = input_data->len + tag_length;
@@ -2677,7 +2674,6 @@
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2732,14 +2728,13 @@
unsigned char *signature = NULL;
size_t signature_size;
size_t signature_length = 0xdeadbeef;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2787,7 +2782,7 @@
psa_status_t expected_status = expected_status_arg;
unsigned char *signature = NULL;
size_t signature_length = 0xdeadbeef;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
ASSERT_ALLOC( signature, signature_size );
@@ -2796,7 +2791,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2833,14 +2827,13 @@
unsigned char *signature = NULL;
size_t signature_size;
size_t signature_length = 0xdeadbeef;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy,
PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
alg );
@@ -2903,7 +2896,7 @@
psa_key_handle_t handle = 0;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
TEST_ASSERT( signature_data->len <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
@@ -2912,7 +2905,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2941,14 +2933,13 @@
psa_algorithm_t alg = alg_arg;
psa_status_t actual_status;
psa_status_t expected_status = expected_status_arg;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2988,7 +2979,7 @@
size_t output_length = ~0;
psa_status_t actual_status;
psa_status_t expected_status = expected_status_arg;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
@@ -2996,7 +2987,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
PSA_ASSERT( psa_import_key( handle, key_type,
@@ -3059,14 +3049,13 @@
unsigned char *output2 = NULL;
size_t output2_size;
size_t output2_length = ~0;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy,
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
alg );
@@ -3127,7 +3116,7 @@
unsigned char *output = NULL;
size_t output_size = 0;
size_t output_length = ~0;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
output_size = key_data->len;
ASSERT_ALLOC( output, output_size );
@@ -3137,7 +3126,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3194,7 +3182,7 @@
size_t output_length = ~0;
psa_status_t actual_status;
psa_status_t expected_status = expected_status_arg;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
output_size = key_data->len;
ASSERT_ALLOC( output, output_size );
@@ -3204,7 +3192,6 @@
PSA_ASSERT( psa_allocate_key( key_type,
KEY_BITS_FROM_DATA( key_type, key_data ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3258,13 +3245,12 @@
size_t requested_capacity = requested_capacity_arg;
psa_status_t expected_status = expected_status_arg;
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3297,14 +3283,13 @@
const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( key_type,
PSA_BYTES_TO_BITS( sizeof( key_data ) ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3385,7 +3370,7 @@
uint8_t *output_buffer = NULL;
size_t expected_capacity;
size_t current_capacity;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_status_t status;
unsigned i;
@@ -3402,7 +3387,6 @@
PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
PSA_BYTES_TO_BITS( key_data->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3476,14 +3460,13 @@
unsigned char output_buffer[16];
size_t expected_capacity = requested_capacity;
size_t current_capacity;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
PSA_BYTES_TO_BITS( key_data->len ),
&handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3547,7 +3530,7 @@
psa_algorithm_t derived_alg = derived_alg_arg;
size_t capacity = PSA_BITS_TO_BYTES( derived_bits );
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
psa_key_type_t got_type;
size_t got_bits;
@@ -3556,7 +3539,6 @@
PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
PSA_BYTES_TO_BITS( key_data->len ),
&base_handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) );
PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
@@ -3614,7 +3596,7 @@
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
uint8_t *output_buffer = NULL;
uint8_t *export_buffer = NULL;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
size_t length;
ASSERT_ALLOC( output_buffer, capacity );
@@ -3624,7 +3606,6 @@
PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
PSA_BYTES_TO_BITS( key_data->len ),
&base_handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) );
PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
@@ -3696,7 +3677,7 @@
psa_algorithm_t alg = alg_arg;
psa_key_type_t our_key_type = our_key_type_arg;
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
@@ -3704,7 +3685,6 @@
KEY_BITS_FROM_DATA( our_key_type,
our_key_data ),
&our_key ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
PSA_ASSERT( psa_import_key( our_key, our_key_type,
@@ -3734,7 +3714,7 @@
psa_algorithm_t alg = alg_arg;
psa_key_type_t our_key_type = our_key_type_arg;
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
size_t actual_capacity;
unsigned char output[16];
@@ -3744,7 +3724,6 @@
KEY_BITS_FROM_DATA( our_key_type,
our_key_data ),
&our_key ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
PSA_ASSERT( psa_import_key( our_key, our_key_type,
@@ -3790,7 +3769,7 @@
psa_algorithm_t alg = alg_arg;
psa_key_type_t our_key_type = our_key_type_arg;
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
uint8_t *actual_output = NULL;
ASSERT_ALLOC( actual_output, MAX( expected_output1->len,
@@ -3802,7 +3781,6 @@
KEY_BITS_FROM_DATA( our_key_type,
our_key_data ),
&our_key ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
PSA_ASSERT( psa_import_key( our_key, our_key_type,
@@ -3904,12 +3882,11 @@
size_t got_bits;
psa_status_t expected_info_status =
expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_EMPTY_SLOT;
- psa_key_policy_t policy;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_allocate_key( type, bits, &handle ) );
- psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, usage, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3946,11 +3923,11 @@
psa_key_type_t type = (psa_key_type_t) type_arg;
psa_key_type_t type_get;
size_t bits_get;
- psa_key_policy_t policy_set;
- psa_key_policy_t policy_get;
+ psa_key_policy_t policy_set = PSA_KEY_POLICY_INIT;
+ psa_key_policy_t policy_get = PSA_KEY_POLICY_INIT;
psa_key_usage_t policy_usage = (psa_key_usage_t) usage_arg;
psa_algorithm_t policy_alg = (psa_algorithm_t) alg_arg;
- psa_key_policy_t base_policy_set;
+ psa_key_policy_t base_policy_set = PSA_KEY_POLICY_INIT;
psa_algorithm_t base_policy_alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
unsigned char *first_export = NULL;
@@ -3967,7 +3944,6 @@
PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1,
type, bits,
&handle ) );
- psa_key_policy_init( &policy_set );
psa_key_policy_set_usage( &policy_set, policy_usage,
policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) );
@@ -3991,7 +3967,6 @@
PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
PSA_BYTES_TO_BITS( data->len ),
&base_key ) );
- psa_key_policy_init( &base_policy_set );
psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE,
base_policy_alg );
PSA_ASSERT( psa_set_key_policy(