psa_asymmetric_encrypt() doesn't work with opaque driver #8700
Conversation
…h opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
valeriosetti
added
needs-review
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Note to reviewersIn addition to allowing usage of opaque keys with |
…unctions Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
…n with opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
valeriosetti
force-pushed
the
issue8461
branch
from
171fdd1
to
4860a6c
Compare
|
Thanks for adding tests! I think one positive test case (for each API function) is enough. We want to validate that the dispatch code has a case for opaque keys. That's a non-regression test for the current bug fix, and it's the thing that's most likely to go wrong. In an ideal world we'd also test that parameters and errors are correctly propagated, but there's not much risk that they would work correctly for transparent drivers but not for opaque drivers, so it's very low priority. |
There was a problem hiding this comment.
LGTM.
I do not feel a changelog is needed in this case. This pr is fixing the opaque driver support.
Since @gilles-peskine-arm is happy with adding the single test at this stage, we are good to go.
That's a library bug (or missing feature), which has been reported by a user, so we do need a changelog entry. |
valeriosetti
force-pushed
the
issue8461
branch
from
4d2339c
to
f4faced
Compare
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
valeriosetti
force-pushed
the
issue8461
branch
from
f4faced
to
584dc80
Compare
tom-daubney-arm
removed
the
needs-reviewer
ChangeLog.d/8461.txt
Outdated
| @@ -0,0 +1,4 @@ | |||
| Bugfix | |||
| * Fix unsupported PSA asymmetric encryption and dectryption | |||
There was a problem hiding this comment.
| * Fix unsupported PSA asymmetric encryption and dectryption | |
| * Fix unsupported PSA asymmetric encryption and decryption |
| @@ -125,7 +125,7 @@ static size_t mbedtls_test_opaque_get_base_size() | |||
| * The argument wrapped_key_buffer_length is filled with the wrapped | |||
| * key_size on success. | |||
| * */ | |||
| static psa_status_t mbedtls_test_opaque_wrap_key( | |||
| psa_status_t mbedtls_test_opaque_wrap_key( | |||
There was a problem hiding this comment.
I am not totally sure why the wrap function is no longer static. It is not used in the tests I don't think. Is this just to keep it consistent with the unwrap function?
There was a problem hiding this comment.
Oh, you are totally right. I probably moved both functions from static to public, but actually only the unwrap function is needed for opaque drivers. I'm reverting the change for the wrapping key.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Only mbedtls_test_opaque_unwrap_key() is actually needed by other test drivers to deal with opaque keys. mbedtls_test_opaque_wrap_key() can be kept private to test_driver_key_management.c. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Mbed-TLS#8700 merged in the meantime. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Mbed-TLS#8700 merged in the meantime. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Description
This PR enabled asymmetric encryption/decryption with opaque keys.
Resolves #8461
PR checklist