diff --git a/getting-started/main.cpp b/getting-started/main.cpp index 9263bc0..ed5e7ce 100644 --- a/getting-started/main.cpp +++ b/getting-started/main.cpp @@ -109,7 +109,7 @@ static void import_a_key(const uint8_t *key, size_t key_len) { psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle; + psa_key_id_t id; printf("Import an AES key...\t"); fflush(stdout); @@ -121,9 +121,9 @@ static void import_a_key(const uint8_t *key, size_t key_len) psa_set_key_bits(&attributes, 128); /* Import the key */ - status = psa_import_key(&attributes, key, key_len, &handle); + status = psa_import_key(&attributes, key, key_len, &id); if (status != PSA_SUCCESS) { - printf("Failed to import key\n"); + printf("Failed to import key (%" PRIu32 ")\n", status); return; } printf("Imported a key\n"); @@ -132,7 +132,7 @@ static void import_a_key(const uint8_t *key, size_t key_len) psa_reset_key_attributes(&attributes); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(id); } static void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) @@ -146,33 +146,33 @@ static void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad }; - uint8_t signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; + uint8_t signature[PSA_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; - psa_key_handle_t handle; + psa_key_id_t id; printf("Sign a message...\t"); fflush(stdout); /* Set key attributes */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); psa_set_key_algorithm(&attributes, alg); psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR); psa_set_key_bits(&attributes, 1024); /* Import the key */ - status = psa_import_key(&attributes, key, key_len, &handle); + status = psa_import_key(&attributes, key, key_len, &id); if (status != PSA_SUCCESS) { - printf("Failed to import key\n"); + printf("Failed to import key (%" PRIu32 ")\n", status); return; } /* Sign message using the key */ - status = psa_asymmetric_sign(handle, alg, - hash, sizeof(hash), - signature, sizeof(signature), - &signature_length); + status = psa_sign_hash(id, alg, + hash, sizeof(hash), + signature, sizeof(signature), + &signature_length); if (status != PSA_SUCCESS) { - printf("Failed to sign\n"); + printf("Failed to sign (%" PRIu32 ")\n", status); return; } @@ -182,7 +182,7 @@ static void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) psa_reset_key_attributes(&attributes); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(id); } static void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) @@ -198,7 +198,7 @@ static void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) size_t iv_len; uint8_t output[block_size]; size_t output_len; - psa_key_handle_t handle; + psa_key_id_t id; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; printf("Encrypt with cipher...\t"); @@ -209,34 +209,34 @@ static void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) psa_set_key_algorithm(&attributes, alg); psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, key_len, &handle); + status = psa_import_key(&attributes, key, key_len, &id); if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); + printf("Failed to import a key (%" PRIu32 ")\n", status); return; } psa_reset_key_attributes(&attributes); /* Encrypt the plaintext */ - status = psa_cipher_encrypt_setup(&operation, handle, alg); + status = psa_cipher_encrypt_setup(&operation, id, alg); if (status != PSA_SUCCESS) { - printf("Failed to begin cipher operation\n"); + printf("Failed to begin cipher operation (%" PRIu32 ")\n", status); return; } status = psa_cipher_generate_iv(&operation, iv, sizeof(iv), &iv_len); if (status != PSA_SUCCESS) { - printf("Failed to generate IV\n"); + printf("Failed to generate IV (%" PRIu32 ")\n", status); return; } status = psa_cipher_update(&operation, plaintext, sizeof(plaintext), output, sizeof(output), &output_len); if (status != PSA_SUCCESS) { - printf("Failed to update cipher operation\n"); + printf("Failed to update cipher operation (%" PRIu32 ")\n", status); return; } status = psa_cipher_finish(&operation, output + output_len, sizeof(output) - output_len, &output_len); if (status != PSA_SUCCESS) { - printf("Failed to finish cipher operation\n"); + printf("Failed to finish cipher operation (%" PRIu32 ")\n", status); return; } printf("Encrypted plaintext\n"); @@ -245,7 +245,7 @@ static void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) psa_cipher_abort(&operation); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(id); } static void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) @@ -261,7 +261,7 @@ static void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) uint8_t iv[block_size] = ENCRYPTED_WITH_IV; uint8_t output[block_size]; size_t output_len; - psa_key_handle_t handle; + psa_key_id_t id; printf("Decrypt with cipher...\t"); fflush(stdout); @@ -271,34 +271,34 @@ static void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) psa_set_key_algorithm(&attributes, alg); psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, key_len, &handle); + status = psa_import_key(&attributes, key, key_len, &id); if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); + printf("Failed to import a key (%" PRIu32 ")\n", status); return; } psa_reset_key_attributes(&attributes); /* Decrypt the ciphertext */ - status = psa_cipher_decrypt_setup(&operation, handle, alg); + status = psa_cipher_decrypt_setup(&operation, id, alg); if (status != PSA_SUCCESS) { - printf("Failed to begin cipher operation\n"); + printf("Failed to begin cipher operation (%" PRIu32 ")\n", status); return; } status = psa_cipher_set_iv(&operation, iv, sizeof(iv)); if (status != PSA_SUCCESS) { - printf("Failed to set IV\n"); + printf("Failed to set IV (%" PRIu32 ")\n", status); return; } status = psa_cipher_update(&operation, ciphertext, sizeof(ciphertext), output, sizeof(output), &output_len); if (status != PSA_SUCCESS) { - printf("Failed to update cipher operation\n"); + printf("Failed to update cipher operation (%" PRIu32 ")\n", status); return; } status = psa_cipher_finish(&operation, output + output_len, sizeof(output) - output_len, &output_len); if (status != PSA_SUCCESS) { - printf("Failed to finish cipher operation\n"); + printf("Failed to finish cipher operation (%" PRIu32 ")\n", status); return; } printf("Decrypted ciphertext\n"); @@ -307,7 +307,7 @@ static void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) psa_cipher_abort(&operation); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(id); } static void hash_a_message(void) @@ -325,18 +325,18 @@ static void hash_a_message(void) /* Compute hash of message */ status = psa_hash_setup(&operation, alg); if (status != PSA_SUCCESS) { - printf("Failed to begin hash operation\n"); + printf("Failed to begin hash operation (%" PRIu32 ")\n", status); return; } status = psa_hash_update(&operation, input, sizeof(input)); if (status != PSA_SUCCESS) { - printf("Failed to update hash operation\n"); + printf("Failed to update hash operation (%" PRIu32 ")\n", status); return; } status = psa_hash_finish(&operation, actual_hash, sizeof(actual_hash), &actual_hash_len); if (status != PSA_SUCCESS) { - printf("Failed to finish hash operation\n"); + printf("Failed to finish hash operation (%" PRIu32 ")\n", status); return; } @@ -365,17 +365,17 @@ static void verify_a_hash(void) /* Verify message hash */ status = psa_hash_setup(&operation, alg); if (status != PSA_SUCCESS) { - printf("Failed to begin hash operation\n"); + printf("Failed to begin hash operation (%" PRIu32 ")\n", status); return; } status = psa_hash_update(&operation, input, sizeof(input)); if (status != PSA_SUCCESS) { - printf("Failed to update hash operation\n"); + printf("Failed to update hash operation (%" PRIu32 ")\n", status); return; } status = psa_hash_verify(&operation, expected_hash, expected_hash_len); if (status != PSA_SUCCESS) { - printf("Failed to verify hash\n"); + printf("Failed to verify hash (%" PRIu32 ")\n", status); return; } @@ -395,7 +395,7 @@ static void generate_a_random_value(void) status = psa_generate_random(random, sizeof(random)); if (status != PSA_SUCCESS) { - printf("Failed to generate a random value\n"); + printf("Failed to generate a random value (%" PRIu32 ")\n", status); return; } @@ -422,8 +422,8 @@ static void derive_a_new_key_from_an_existing_key(void) PSA_KEY_DERIVATION_OPERATION_INIT; size_t derived_bits = 128; size_t capacity = PSA_BITS_TO_BYTES(derived_bits); - psa_key_handle_t base_key; - psa_key_handle_t derived_key; + psa_key_id_t base_key; + psa_key_id_t derived_key; printf("Derive a key (HKDF)...\t"); fflush(stdout); @@ -435,7 +435,7 @@ static void derive_a_new_key_from_an_existing_key(void) psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); status = psa_import_key(&attributes, key, sizeof(key), &base_key); if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); + printf("Failed to import a key (%" PRIu32 ")\n", status); return; } psa_reset_key_attributes(&attributes); @@ -443,33 +443,33 @@ static void derive_a_new_key_from_an_existing_key(void) /* Derive a key */ status = psa_key_derivation_setup(&operation, alg); if (status != PSA_SUCCESS) { - printf("Failed to begin key derivation\n"); + printf("Failed to begin key derivation (%" PRIu32 ")\n", status); return; } status = psa_key_derivation_set_capacity(&operation, capacity); if (status != PSA_SUCCESS) { - printf("Failed to set capacity\n"); + printf("Failed to set capacity (%" PRIu32 ")\n", status); return; } status = psa_key_derivation_input_bytes(&operation, PSA_KEY_DERIVATION_INPUT_SALT, salt, sizeof(salt)); if (status != PSA_SUCCESS) { - printf("Failed to input salt (extract)\n"); + printf("Failed to input salt (extract) (%" PRIu32 ")\n", status); return; } status = psa_key_derivation_input_key(&operation, PSA_KEY_DERIVATION_INPUT_SECRET, base_key); if (status != PSA_SUCCESS) { - printf("Failed to input key (extract)\n"); + printf("Failed to input key (extract) (%" PRIu32 ")\n", status); return; } status = psa_key_derivation_input_bytes(&operation, PSA_KEY_DERIVATION_INPUT_INFO, info, sizeof(info)); if (status != PSA_SUCCESS) { - printf("Failed to input info (expand)\n"); + printf("Failed to input info (expand) (%" PRIu32 ")\n", status); return; } psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); @@ -479,7 +479,7 @@ static void derive_a_new_key_from_an_existing_key(void) status = psa_key_derivation_output_key(&attributes, &operation, &derived_key); if (status != PSA_SUCCESS) { - printf("Failed to derive key\n"); + printf("Failed to derive key (%" PRIu32 ")\n", status); return; } psa_reset_key_attributes(&attributes); @@ -515,7 +515,7 @@ static void authenticate_and_encrypt_a_message(void) size_t output_length = 0; size_t tag_length = 16; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle; + psa_key_id_t id; printf("Authenticate encrypt...\t"); fflush(stdout); @@ -532,18 +532,18 @@ static void authenticate_and_encrypt_a_message(void) psa_set_key_algorithm(&attributes, PSA_ALG_CCM); psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, sizeof(key), &handle); + status = psa_import_key(&attributes, key, sizeof(key), &id); psa_reset_key_attributes(&attributes); /* Authenticate and encrypt */ - status = psa_aead_encrypt(handle, PSA_ALG_CCM, + status = psa_aead_encrypt(id, PSA_ALG_CCM, nonce, sizeof(nonce), additional_data, sizeof(additional_data), input_data, sizeof(input_data), output_data, output_size, &output_length); if (status != PSA_SUCCESS) { - printf("Failed to authenticate and encrypt\n"); + printf("Failed to authenticate and encrypt (%" PRIu32 ")\n", status); return; } @@ -553,7 +553,7 @@ static void authenticate_and_encrypt_a_message(void) free(output_data); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(id); } static void authenticate_and_decrypt_a_message(void) @@ -576,7 +576,7 @@ static void authenticate_and_decrypt_a_message(void) size_t output_size = 0; size_t output_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle; + psa_key_id_t id; printf("Authenticate decrypt...\t"); fflush(stdout); @@ -593,22 +593,22 @@ static void authenticate_and_decrypt_a_message(void) psa_set_key_algorithm(&attributes, PSA_ALG_CCM); psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, sizeof(key), &handle); + status = psa_import_key(&attributes, key, sizeof(key), &id); if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); + printf("Failed to import a key (%" PRIu32 ")\n", status); return; } psa_reset_key_attributes(&attributes); /* Authenticate and decrypt */ - status = psa_aead_decrypt(handle, PSA_ALG_CCM, + status = psa_aead_decrypt(id, PSA_ALG_CCM, nonce, sizeof(nonce), additional_data, sizeof(additional_data), input_data, sizeof(input_data), output_data, output_size, &output_length); if (status != PSA_SUCCESS) { - printf("Failed to authenticate and decrypt\n"); + printf("Failed to authenticate and decrypt (%" PRIu32 ")\n", status); return; } @@ -618,7 +618,7 @@ static void authenticate_and_decrypt_a_message(void) free(output_data); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(id); } static void generate_and_export_a_public_key() @@ -630,36 +630,36 @@ static void generate_and_export_a_public_key() size_t exported_length = 0; static uint8_t exported[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)]; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_handle_t handle; + psa_key_id_t id; printf("Generate a key pair...\t"); fflush(stdout); /* Generate a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); psa_set_key_algorithm(&attributes, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)); psa_set_key_type(&attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1)); + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); psa_set_key_bits(&attributes, key_bits); - status = psa_generate_key(&attributes, &handle); + status = psa_generate_key(&attributes, &id); if (status != PSA_SUCCESS) { - printf("Failed to generate key\n"); + printf("Failed to generate key (%" PRIu32 ")\n", status); return; } psa_reset_key_attributes(&attributes); - status = psa_export_public_key(handle, exported, sizeof(exported), + status = psa_export_public_key(id, exported, sizeof(exported), &exported_length); if (status != PSA_SUCCESS) { - printf("Failed to export public key %ld\n", status); + printf("Failed to export public key (%" PRIu32 ")\n", status); return; } printf("Exported a public key\n"); /* Destroy the key */ - psa_destroy_key(handle); + psa_destroy_key(id); } int main(void) @@ -669,7 +669,7 @@ int main(void) /* Initialize PSA Crypto */ psa_status_t status = psa_crypto_init(); if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); + printf("Failed to initialize PSA Crypto (%" PRIu32 ")\n", status); return -1; }