diff --git a/README.md b/README.md index 62ac60d..2059924 100644 --- a/README.md +++ b/README.md @@ -43,7 +43,7 @@ The following are the steps required to install the application: ## Compile To compile the example program use `mbed compile` while specifying the target platform and the compiler. -For example, in order to compile using the ARM GCC compiler and a K64F target platform use: `mbed compile -m K64F -t ARM`. +For example, in order to compile using the ARM GCC compiler and a K64F target platform use: `mbed compile -m K64F -t GCC_ARM`. Once the compilation is completed successfully a binary file will be created: `./BUILD/K64F/GCC_ARM/mbed-os-example-mbed-crypto.bin` diff --git a/main.cpp b/main.cpp index ffb32f3..fb85000 100644 --- a/main.cpp +++ b/main.cpp @@ -58,19 +58,15 @@ int main(void) } #else -/* Use key slot 1 for our cipher key. Key slot 0 is reserved as unused. */ -static const psa_key_slot_t key_slot_cipher = 1; - -static psa_status_t set_key_policy(psa_key_slot_t key_slot, +static psa_status_t set_key_policy(psa_key_handle_t key_handle, psa_key_usage_t key_usage, psa_algorithm_t alg) { psa_status_t status; - psa_key_policy_t policy; + psa_key_policy_t policy = psa_key_policy_init(); - psa_key_policy_init(&policy); psa_key_policy_set_usage(&policy, key_usage, alg); - status = psa_set_key_policy(key_slot, &policy); + status = psa_set_key_policy(key_handle, &policy); ASSERT_STATUS(status, PSA_SUCCESS); exit: return status; @@ -111,7 +107,7 @@ static psa_status_t cipher_operation(psa_cipher_operation_t *operation, return status; } -static psa_status_t cipher_encrypt(psa_key_slot_t key_slot, +static psa_status_t cipher_encrypt(psa_key_handle_t key_handle, psa_algorithm_t alg, uint8_t *iv, size_t iv_size, @@ -127,7 +123,7 @@ static psa_status_t cipher_encrypt(psa_key_slot_t key_slot, size_t iv_len = 0; memset(&operation, 0, sizeof(operation)); - status = psa_cipher_encrypt_setup(&operation, key_slot, alg); + status = psa_cipher_encrypt_setup(&operation, key_handle, alg); ASSERT_STATUS(status, PSA_SUCCESS); status = psa_cipher_generate_iv(&operation, iv, iv_size, &iv_len); @@ -142,7 +138,7 @@ static psa_status_t cipher_encrypt(psa_key_slot_t key_slot, return status; } -static psa_status_t cipher_decrypt(psa_key_slot_t key_slot, +static psa_status_t cipher_decrypt(psa_key_handle_t key_handle, psa_algorithm_t alg, const uint8_t *iv, size_t iv_size, @@ -157,7 +153,7 @@ static psa_status_t cipher_decrypt(psa_key_slot_t key_slot, psa_cipher_operation_t operation; memset(&operation, 0, sizeof(operation)); - status = psa_cipher_decrypt_setup(&operation, key_slot, alg); + status = psa_cipher_decrypt_setup(&operation, key_handle, alg); ASSERT_STATUS(status, PSA_SUCCESS); status = psa_cipher_set_iv(&operation, iv, iv_size); @@ -187,25 +183,29 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block(void) uint8_t input[block_size]; uint8_t encrypt[block_size]; uint8_t decrypt[block_size]; + psa_key_handle_t key_handle = 0; + + status = psa_allocate_key(&key_handle); + ASSERT_STATUS(status, PSA_SUCCESS); status = psa_generate_random(input, sizeof(input)); ASSERT_STATUS(status, PSA_SUCCESS); - status = set_key_policy(key_slot_cipher, + status = set_key_policy(key_handle, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg); ASSERT_STATUS(status, PSA_SUCCESS); - status = psa_generate_key(key_slot_cipher, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key(key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0); ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_encrypt(key_slot_cipher, alg, iv, sizeof(iv), + status = cipher_encrypt(key_handle, alg, iv, sizeof(iv), input, sizeof(input), part_size, encrypt, sizeof(encrypt), &output_len); ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_decrypt(key_slot_cipher, alg, iv, sizeof(iv), + status = cipher_decrypt(key_handle, alg, iv, sizeof(iv), encrypt, output_len, part_size, decrypt, sizeof(decrypt), &output_len); ASSERT_STATUS(status, PSA_SUCCESS); @@ -214,7 +214,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block(void) ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_destroy_key(key_slot_cipher); + psa_destroy_key(key_handle); return status; } @@ -233,25 +233,29 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi(void) size_t output_len = 0; uint8_t iv[block_size], input[input_size], encrypt[input_size + block_size], decrypt[input_size + block_size]; + psa_key_handle_t key_handle = 0; + + status = psa_allocate_key(&key_handle); + ASSERT_STATUS(status, PSA_SUCCESS); status = psa_generate_random(input, sizeof(input)); ASSERT_STATUS(status, PSA_SUCCESS); - status = set_key_policy(key_slot_cipher, + status = set_key_policy(key_handle, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg); ASSERT_STATUS(status, PSA_SUCCESS); - status = psa_generate_key(key_slot_cipher, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key(key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0); ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_encrypt(key_slot_cipher, alg, iv, sizeof(iv), + status = cipher_encrypt(key_handle, alg, iv, sizeof(iv), input, sizeof(input), part_size, encrypt, sizeof(encrypt), &output_len); ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_decrypt(key_slot_cipher, alg, iv, sizeof(iv), + status = cipher_decrypt(key_handle, alg, iv, sizeof(iv), encrypt, output_len, part_size, decrypt, sizeof(decrypt), &output_len); ASSERT_STATUS(status, PSA_SUCCESS); @@ -260,7 +264,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi(void) ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_destroy_key(key_slot_cipher); + psa_destroy_key(key_handle); return status; } @@ -278,25 +282,29 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi(void) size_t output_len = 0; uint8_t iv[block_size], input[input_size], encrypt[input_size], decrypt[input_size]; + psa_key_handle_t key_handle = 0; + + status = psa_allocate_key(&key_handle); + ASSERT_STATUS(status, PSA_SUCCESS); status = psa_generate_random(input, sizeof(input)); ASSERT_STATUS(status, PSA_SUCCESS); - status = set_key_policy(key_slot_cipher, + status = set_key_policy(key_handle, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg); ASSERT_STATUS(status, PSA_SUCCESS); - status = psa_generate_key(key_slot_cipher, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key(key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0); ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_encrypt(key_slot_cipher, alg, iv, sizeof(iv), + status = cipher_encrypt(key_handle, alg, iv, sizeof(iv), input, sizeof(input), part_size, encrypt, sizeof(encrypt), &output_len); ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_decrypt(key_slot_cipher, alg, iv, sizeof(iv), + status = cipher_decrypt(key_handle, alg, iv, sizeof(iv), encrypt, output_len, part_size, decrypt, sizeof(decrypt), &output_len); ASSERT_STATUS(status, PSA_SUCCESS); @@ -305,7 +313,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi(void) ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_destroy_key(key_slot_cipher); + psa_destroy_key(key_handle); return status; }