[Cryptech-Commits] [sw/libhal] 08/08: Debug keystore attribute code; handle name properly in ks_index_replace().

git at cryptech.is git at cryptech.is
Sun Oct 16 20:23:48 UTC 2016


This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch ksng
in repository sw/libhal.

commit 4ebe93221c31e5bebe3cf3aea24c5ac909b9ce2a
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Sun Oct 16 16:17:54 2016 -0400

    Debug keystore attribute code; handle name properly in ks_index_replace().
    
    hal_rpc_pkey_match() still untested.
---
 ks_flash.c            |  97 +++++------
 ks_index.c            |  12 +-
 tests/test-rpc_pkey.c | 440 +++++++++++++++++++++++++++++++-------------------
 3 files changed, 333 insertions(+), 216 deletions(-)

diff --git a/ks_flash.c b/ks_flash.c
index 9278aed..9f0a03e 100644
--- a/ks_flash.c
+++ b/ks_flash.c
@@ -986,6 +986,7 @@ static hal_error_t ks_store(hal_ks_t *ks,
   k->curve   = slot->curve;
   k->flags   = slot->flags;
   k->der_len = SIZEOF_FLASH_KEY_BLOCK_DER;
+  k->attributes_len = 0;
 
   if ((err = hal_mkm_get_kek(kek, &kek_len, sizeof(kek))) == HAL_OK)
     err = hal_aes_keywrap(NULL, kek, kek_len, der, der_len, k->der, &k->der_len);
@@ -1120,7 +1121,7 @@ static hal_error_t ks_list(hal_ks_t *ks,
 
 static inline hal_error_t locate_attributes(flash_block_t *block, const unsigned chunk,
                                             uint8_t **bytes, size_t *bytes_len,
-                                            unsigned *attrs_len)
+                                            unsigned **attrs_len)
 {
   if (block == NULL || bytes == NULL || bytes_len == NULL || attrs_len == NULL)
     return HAL_ERROR_IMPOSSIBLE;
@@ -1128,7 +1129,7 @@ static inline hal_error_t locate_attributes(flash_block_t *block, const unsigned
   if (chunk == 0) {
     if (block_get_type(block) != BLOCK_TYPE_KEY)
       return HAL_ERROR_KEY_NOT_FOUND;
-    *attrs_len = block->key.attributes_len;
+    *attrs_len = &block->key.attributes_len;
     *bytes = block->key.der + block->key.der_len;
     *bytes_len = SIZEOF_FLASH_KEY_BLOCK_DER - block->key.der_len;
   }
@@ -1136,7 +1137,7 @@ static inline hal_error_t locate_attributes(flash_block_t *block, const unsigned
   else {
     if (block_get_type(block) != BLOCK_TYPE_ATTR)
       return HAL_ERROR_KEY_NOT_FOUND;
-    *attrs_len = block->attr.attributes_len;
+    *attrs_len = &block->attr.attributes_len;
     *bytes = block->attr.attributes;
     *bytes_len = SIZEOF_FLASH_ATTRIBUTE_BLOCK_ATTRIBUTES;
   }
@@ -1200,29 +1201,31 @@ static hal_error_t ks_match(hal_ks_t *ks,
     if (attributes_len > 0) {
       uint8_t *bytes = NULL;
       size_t bytes_len = 0;
-      unsigned attrs_len;
+      unsigned *attrs_len;
 
       if ((err = locate_attributes(block, db.ksi.names[b].chunk,
                                    &bytes, &bytes_len, &attrs_len)) != HAL_OK)
         return err;
 
-      hal_rpc_pkey_attribute_t attrs[attrs_len];
+      if (*attrs_len > 0) {
+        hal_rpc_pkey_attribute_t attrs[*attrs_len];
 
-      if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, attrs_len, NULL)) != HAL_OK)
-        return err;
-
-      for (int j = 0; possible && j < attributes_len; j++) {
+        if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, *attrs_len, NULL)) != HAL_OK)
+          return err;
 
-        if (!need_attr[j])
-          continue;
+        for (int j = 0; possible && j < attributes_len; j++) {
 
-        for (hal_rpc_pkey_attribute_t *a = attrs; a < attrs + attrs_len; a++) {
-          if (a->type != attributes[j].type)
+          if (!need_attr[j])
             continue;
-          need_attr[j] = 0;
-          possible = (a->length == attributes[j].length &&
-                      !memcmp(a->value, attributes[j].value, a->length));
-          break;
+
+          for (hal_rpc_pkey_attribute_t *a = attrs; a < attrs + *attrs_len; a++) {
+            if (a->type != attributes[j].type)
+              continue;
+            need_attr[j] = 0;
+            possible = (a->length == attributes[j].length &&
+                        !memcmp(a->value, attributes[j].value, a->length));
+            break;
+          }
         }
       }
     }
@@ -1274,26 +1277,23 @@ static  hal_error_t ks_set_attribute(hal_ks_t *ks,
 
     uint8_t *bytes = NULL;
     size_t bytes_len = 0;
-    unsigned attrs_len;
+    unsigned *attrs_len;
 
     if ((err = locate_attributes(block, chunk, &bytes, &bytes_len, &attrs_len)) != HAL_OK)
       return err;
 
     cache_mark_used(block, b);
 
-    if (attrs_len == 0)
-      continue;
-
-    hal_rpc_pkey_attribute_t attrs[attrs_len + 1];
-    const unsigned old_attrs_len = attrs_len;
+    hal_rpc_pkey_attribute_t attrs[*attrs_len + 1];
+    const unsigned old_attrs_len = *attrs_len;
     size_t total;
 
-    if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, attrs_len, &total)) != HAL_OK)
+    if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, *attrs_len, &total)) != HAL_OK)
       return err;
 
-    err = hal_ks_attribute_insert(bytes, bytes_len, attrs, &attrs_len, &total, type, value, value_len);
+    err = hal_ks_attribute_insert(bytes, bytes_len, attrs, attrs_len, &total, type, value, value_len);
 
-    if (attrs_len != old_attrs_len && err != HAL_OK)
+    if (*attrs_len != old_attrs_len && err != HAL_OK)
       cache_release(block);
 
     if (err == HAL_ERROR_RESULT_TOO_LONG)
@@ -1340,7 +1340,7 @@ static  hal_error_t ks_set_attribute(hal_ks_t *ks,
     block->attr.attributes_len = 0;
 
     hal_rpc_pkey_attribute_t attrs[1];
-    size_t total = SIZEOF_FLASH_ATTRIBUTE_BLOCK_ATTRIBUTES;
+    size_t total = 0;
 
     if ((err = hal_ks_attribute_insert(block->attr.attributes,
                                        SIZEOF_FLASH_ATTRIBUTE_BLOCK_ATTRIBUTES,
@@ -1364,16 +1364,16 @@ static  hal_error_t ks_set_attribute(hal_ks_t *ks,
 
     uint8_t *bytes = NULL;
     size_t bytes_len = 0;
-    unsigned attrs_len;
+    unsigned *attrs_len;
     size_t total;
 
     if ((err = locate_attributes(block, chunk, &bytes, &bytes_len, &attrs_len)) != HAL_OK)
       return err;
 
-    if (attrs_len > 0) {
-      hal_rpc_pkey_attribute_t attrs[attrs_len];
-      if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, attrs_len, &total)) != HAL_OK ||
-          (err = hal_ks_attribute_delete(bytes, bytes_len, attrs, &attrs_len, &total, type)) != HAL_OK)
+    if (*attrs_len > 0) {
+      hal_rpc_pkey_attribute_t attrs[*attrs_len];
+      if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, *attrs_len, &total)) != HAL_OK ||
+          (err = hal_ks_attribute_delete(bytes, bytes_len, attrs, attrs_len, &total, type)) != HAL_OK)
         return err;
     }
 
@@ -1421,23 +1421,26 @@ static  hal_error_t ks_get_attribute(hal_ks_t *ks,
     if (chunk == 0)
       slot->hint = hint;
 
+    cache_mark_used(block, b);
+
     uint8_t *bytes = NULL;
     size_t bytes_len = 0;
-    unsigned attributes_len;
+    unsigned *attrs_len;
 
-    if ((err = locate_attributes(block, chunk, &bytes, &bytes_len, &attributes_len)) != HAL_OK)
+    if ((err = locate_attributes(block, chunk, &bytes, &bytes_len, &attrs_len)) != HAL_OK)
       return err;
 
-    cache_mark_used(block, b);
+    if (*attrs_len == 0)
+      continue;
 
-    hal_rpc_pkey_attribute_t attributes[attributes_len];
+    hal_rpc_pkey_attribute_t attrs[*attrs_len];
 
-    if ((err = hal_ks_attribute_scan(bytes, bytes_len, attributes, attributes_len, NULL)) != HAL_OK)
+    if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, *attrs_len, NULL)) != HAL_OK)
       return err;
 
-    for (int i = 0; a.value == NULL && i < attributes_len; ++i)
-      if (attributes[i].type == type)
-        a = attributes[i];
+    for (int i = 0; a.value == NULL && i < *attrs_len; ++i)
+      if (attrs[i].type == type)
+        a = attrs[i];
 
   } while (a.value == NULL && ++chunk < block->header.total_chunks);
 
@@ -1490,25 +1493,25 @@ static hal_error_t ks_delete_attribute(hal_ks_t *ks,
 
     uint8_t *bytes = NULL;
     size_t bytes_len = 0;
-    unsigned attrs_len;
+    unsigned *attrs_len;
 
     if ((err = locate_attributes(block, chunk, &bytes, &bytes_len, &attrs_len)) != HAL_OK)
       return err;
 
     cache_mark_used(block, b);
 
-    if (attrs_len == 0)
+    if (*attrs_len == 0)
       continue;
 
-    hal_rpc_pkey_attribute_t attrs[attrs_len];
-    const unsigned old_attrs_len = attrs_len;
+    hal_rpc_pkey_attribute_t attrs[*attrs_len];
+    const unsigned old_attrs_len = *attrs_len;
     size_t total;
 
-    if ((err = hal_ks_attribute_scan(  bytes, bytes_len, attrs,  attrs_len, &total))       != HAL_OK ||
-        (err = hal_ks_attribute_delete(bytes, bytes_len, attrs, &attrs_len, &total, type)) != HAL_OK)
+    if ((err = hal_ks_attribute_scan(  bytes, bytes_len, attrs, *attrs_len, &total))       != HAL_OK ||
+        (err = hal_ks_attribute_delete(bytes, bytes_len, attrs,  attrs_len, &total, type)) != HAL_OK)
       return err;
 
-    if (attrs_len == old_attrs_len)
+    if (*attrs_len == old_attrs_len)
       continue;
 
     if ((err = block_update(b, block, &slot->name, chunk, &hint)) != HAL_OK)
diff --git a/ks_index.c b/ks_index.c
index 40238db..5bf2ce5 100644
--- a/ks_index.c
+++ b/ks_index.c
@@ -371,13 +371,17 @@ hal_error_t hal_ks_index_replace(hal_ks_index_t *ksi,
    */
 
   const size_t len = (ksi->size - ksi->used - 1) * sizeof(*ksi->index);
-  const uint16_t b = ksi->index[ksi->used];
+  const uint16_t b1 = ksi->index[where];
+  const uint16_t b2 = ksi->index[ksi->used];
   memmove(&ksi->index[ksi->used], &ksi->index[ksi->used + 1], len);
-  ksi->index[ksi->size - 1] = ksi->index[where];
-  ksi->index[where] = b;
+  ksi->index[ksi->size - 1] = b1;
+  ksi->index[where] = b2;
+  ksi->names[b2].name = *name;
+  ksi->names[b2].chunk = chunk;
+  memset(&ksi->names[b1], 0, sizeof(ksi->names[b1]));
 
   if (blockno != NULL)
-    *blockno = b;
+    *blockno = b2;
 
   if (hint != NULL)
     *hint = where;
diff --git a/tests/test-rpc_pkey.c b/tests/test-rpc_pkey.c
index efc0cf1..a82978d 100644
--- a/tests/test-rpc_pkey.c
+++ b/tests/test-rpc_pkey.c
@@ -44,6 +44,8 @@
 #include "test-rsa.h"
 #include "test-ecdsa.h"
 
+#define lose(...) do { printf(__VA_ARGS__); goto fail; } while (0)
+
 static inline const char *ecdsa_curve_to_string(const hal_curve_name_t curve)
 {
   switch (curve) {
@@ -54,269 +56,377 @@ static inline const char *ecdsa_curve_to_string(const hal_curve_name_t curve)
   }
 }
 
+static int test_attributes(const hal_pkey_handle_t pkey)
+{
+  static const size_t sizes[] = { 32, 100, 260, 1000, 2000, 2048, 0 };
+  hal_error_t err;
+  size_t n;
+
+  for (const size_t *size = sizes; *size; size++) {
+    uint8_t buf_1[*size], buf_2[*size];
+    memset(buf_1, 0x55, sizeof(buf_1));
+    snprintf((char *) buf_1, sizeof(buf_1), "Test attribute %lu", (unsigned long) *size);
+
+    if ((err = hal_rpc_pkey_set_attribute(pkey, *size, buf_1, sizeof(buf_1))) != HAL_OK)
+      lose("Could not set attribute %lu: %s\n",
+           (unsigned long) *size, hal_error_string(err));
+
+    if ((err = hal_rpc_pkey_get_attribute(pkey, *size, buf_2, &n, sizeof(buf_2))) != HAL_OK)
+      lose("Could not get attribute %lu: %s\n",
+           (unsigned long) *size, hal_error_string(err));
+
+    if (n != *size)
+      lose("Unexpected size returned for attribute %lu: %lu\n",
+           (unsigned long) *size, (unsigned long) n);
+
+    if ((err = hal_rpc_pkey_delete_attribute(pkey, *size)) != HAL_OK)
+      lose("Could not delete attribute %lu: %s\n",
+           (unsigned long) *size, hal_error_string(err));
+
+    if ((err = hal_rpc_pkey_set_attribute(pkey, *size, buf_1, sizeof(buf_1))) != HAL_OK)
+      lose("Could not (re)set attribute %lu: %s\n",
+           (unsigned long) *size, hal_error_string(err));
+  }
+
+#warning Still need something to test hal_rpc_pkey_match()
+
+  return 1;
+
+ fail:
+  return 0;
+}
+
 static int test_rsa_testvec(const rsa_tc_t * const tc, hal_key_flags_t flags)
 {
-  const hal_client_handle_t client = {0};
-  const hal_session_handle_t session = {0};
-  hal_pkey_handle_t private_key, public_key;
+  const hal_client_handle_t client = {HAL_HANDLE_NONE};
+  const hal_session_handle_t session = {HAL_HANDLE_NONE};
+  hal_pkey_handle_t private_key = {HAL_HANDLE_NONE};
+  hal_pkey_handle_t public_key = {HAL_HANDLE_NONE};
   hal_error_t err;
   size_t len;
 
   assert(tc != NULL);
 
-  flags |= HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE;
+  {
+    flags |= HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE;
 
-  printf("Starting %lu-bit RSA test vector tests, flags 0x%lx\n",
-         (unsigned long) tc->size, (unsigned long) flags);
+    printf("Starting %lu-bit RSA test vector tests, flags 0x%lx\n",
+           (unsigned long) tc->size, (unsigned long) flags);
 
-  uint8_t tc_keybuf[hal_rsa_key_t_size];
-  hal_rsa_key_t *tc_key = NULL;
+    uint8_t tc_keybuf[hal_rsa_key_t_size];
+    hal_rsa_key_t *tc_key = NULL;
 
-  if ((err = hal_rsa_key_load_private(&tc_key,
-                                      tc_keybuf, sizeof(tc_keybuf),
-                                      tc->n.val,  tc->n.len,
-                                      tc->e.val,  tc->e.len,
-                                      tc->d.val,  tc->d.len,
-                                      tc->p.val,  tc->p.len,
-                                      tc->q.val,  tc->q.len,
-                                      tc->u.val,  tc->u.len,
-                                      tc->dP.val, tc->dP.len,
-                                      tc->dQ.val, tc->dQ.len)) != HAL_OK)
-    return printf("Could not load RSA private key from test vector: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rsa_key_load_private(&tc_key,
+                                        tc_keybuf, sizeof(tc_keybuf),
+                                        tc->n.val,  tc->n.len,
+                                        tc->e.val,  tc->e.len,
+                                        tc->d.val,  tc->d.len,
+                                        tc->p.val,  tc->p.len,
+                                        tc->q.val,  tc->q.len,
+                                        tc->u.val,  tc->u.len,
+                                        tc->dP.val, tc->dP.len,
+                                        tc->dQ.val, tc->dQ.len)) != HAL_OK)
+      lose("Could not load RSA private key from test vector: %s\n", hal_error_string(err));
 
-  hal_uuid_t private_name, public_name;
+    hal_uuid_t private_name, public_name;
 
-  uint8_t private_der[hal_rsa_private_key_to_der_len(tc_key)];
-  uint8_t public_der[hal_rsa_public_key_to_der_len(tc_key)];
+    uint8_t private_der[hal_rsa_private_key_to_der_len(tc_key)];
+    uint8_t public_der[hal_rsa_public_key_to_der_len(tc_key)];
 
-  if ((err = hal_rsa_private_key_to_der(tc_key, private_der, &len, sizeof(private_der))) != HAL_OK)
-    return printf("Could not DER encode private key from test vector: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rsa_private_key_to_der(tc_key, private_der, &len, sizeof(private_der))) != HAL_OK)
+      lose("Could not DER encode private key from test vector: %s\n", hal_error_string(err));
 
-  assert(len == sizeof(private_der));
+    assert(len == sizeof(private_der));
 
-  if ((err = hal_rpc_pkey_load(client, session, &private_key, HAL_KEY_TYPE_RSA_PRIVATE, HAL_CURVE_NONE,
-                               &private_name, private_der, sizeof(private_der), flags)) != HAL_OK)
-    return printf("Could not load private key into RPC: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_load(client, session, &private_key, HAL_KEY_TYPE_RSA_PRIVATE, HAL_CURVE_NONE,
+                                 &private_name, private_der, sizeof(private_der), flags)) != HAL_OK)
+      lose("Could not load private key into RPC: %s\n", hal_error_string(err));
 
-  if ((err = hal_rsa_public_key_to_der(tc_key, public_der, &len, sizeof(public_der))) != HAL_OK)
-    return printf("Could not DER encode public key from test vector: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rsa_public_key_to_der(tc_key, public_der, &len, sizeof(public_der))) != HAL_OK)
+      lose("Could not DER encode public key from test vector: %s\n", hal_error_string(err));
 
-  assert(len == sizeof(public_der));
+    assert(len == sizeof(public_der));
 
-  if ((err = hal_rpc_pkey_load(client, session, &public_key, HAL_KEY_TYPE_RSA_PUBLIC, HAL_CURVE_NONE,
-                               &public_name, public_der, sizeof(public_der), flags)) != HAL_OK)
-    return printf("Could not load public key into RPC: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_load(client, session, &public_key, HAL_KEY_TYPE_RSA_PUBLIC, HAL_CURVE_NONE,
+                                 &public_name, public_der, sizeof(public_der), flags)) != HAL_OK)
+      lose("Could not load public key into RPC: %s\n", hal_error_string(err));
 
-  uint8_t sig[tc->s.len];
+    uint8_t sig[tc->s.len];
 
-  /*
-   * Raw RSA test cases include PKCS #1.5 padding, we need to drill down to the DigestInfo.
-   */
-  assert(tc->m.len > 4 && tc->m.val[0] == 0x00 && tc->m.val[1] == 0x01 && tc->m.val[2] == 0xff);
-  const uint8_t *digestinfo = memchr(tc->m.val + 2, 0x00, tc->m.len - 2);
-  assert(digestinfo != NULL);
-  const size_t digestinfo_len = tc->m.val + tc->m.len - ++digestinfo;
+    /*
+     * Raw RSA test cases include PKCS #1.5 padding, we need to drill down to the DigestInfo.
+     */
+    assert(tc->m.len > 4 && tc->m.val[0] == 0x00 && tc->m.val[1] == 0x01 && tc->m.val[2] == 0xff);
+    const uint8_t *digestinfo = memchr(tc->m.val + 2, 0x00, tc->m.len - 2);
+    assert(digestinfo != NULL);
+    const size_t digestinfo_len = tc->m.val + tc->m.len - ++digestinfo;
 
-  if ((err = hal_rpc_pkey_sign(session, private_key, hal_hash_handle_none,
-                               digestinfo, digestinfo_len, sig, &len, sizeof(sig))) != HAL_OK)
-    return printf("Could not sign: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_sign(private_key, hal_hash_handle_none,
+                                 digestinfo, digestinfo_len, sig, &len, sizeof(sig))) != HAL_OK)
+      lose("Could not sign: %s\n", hal_error_string(err));
 
-  if (tc->s.len != len || memcmp(sig, tc->s.val, tc->s.len) != 0)
-    return printf("MISMATCH\n"), 0;
+    if (tc->s.len != len || memcmp(sig, tc->s.val, tc->s.len) != 0)
+      lose("MISMATCH\n");
 
-  if ((err = hal_rpc_pkey_verify(session, public_key, hal_hash_handle_none,
-                                 digestinfo, digestinfo_len, tc->s.val, tc->s.len)) != HAL_OK)
-    return printf("Could not verify: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
+                                   digestinfo, digestinfo_len, tc->s.val, tc->s.len)) != HAL_OK)
+      lose("Could not verify: %s\n", hal_error_string(err));
 
-  if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
-    return printf("Could not delete private key: %s\n", hal_error_string(err)), 0;
+    if (!test_attributes(private_key) || !test_attributes(public_key))
+      goto fail;
 
-  if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
-    return printf("Could not delete public key: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+      lose("Could not delete private key: %s\n", hal_error_string(err));
 
-  printf("OK\n");
-  return 1;
+    if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+      lose("Could not delete public key: %s\n", hal_error_string(err));
+
+    printf("OK\n");
+    return 1;
+  }
+
+ fail:
+  if (private_key.handle != HAL_HANDLE_NONE &&
+      (err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+    printf("Warning: could not delete private key: %s\n", hal_error_string(err));
+
+  if (public_key.handle != HAL_HANDLE_NONE &&
+      (err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+    printf("Warning: could not delete public key: %s\n", hal_error_string(err));
+
+  return 0;
 }
 
 static int test_ecdsa_testvec(const ecdsa_tc_t * const tc, hal_key_flags_t flags)
 {
-  const hal_client_handle_t client = {0};
-  const hal_session_handle_t session = {0};
-  hal_pkey_handle_t private_key, public_key;
+  const hal_client_handle_t client = {HAL_HANDLE_NONE};
+  const hal_session_handle_t session = {HAL_HANDLE_NONE};
+  hal_pkey_handle_t private_key = {HAL_HANDLE_NONE};
+  hal_pkey_handle_t public_key = {HAL_HANDLE_NONE};
   hal_error_t err;
   size_t len;
 
   assert(tc != NULL);
 
-  flags |= HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE;
+  {
+    flags |= HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE;
 
-  printf("Starting ECDSA %s test vector tests, flags 0x%lx\n",
-         ecdsa_curve_to_string(tc->curve), (unsigned long) flags);
+    printf("Starting ECDSA %s test vector tests, flags 0x%lx\n",
+           ecdsa_curve_to_string(tc->curve), (unsigned long) flags);
 
-  uint8_t tc_keybuf[hal_ecdsa_key_t_size];
-  hal_ecdsa_key_t *tc_key = NULL;
+    uint8_t tc_keybuf[hal_ecdsa_key_t_size];
+    hal_ecdsa_key_t *tc_key = NULL;
 
-  if ((err = hal_ecdsa_key_load_private(&tc_key, tc_keybuf, sizeof(tc_keybuf), tc->curve,
-                                        tc->Qx, tc->Qx_len, tc->Qy, tc->Qy_len,
-                                        tc->d,  tc->d_len)) != HAL_OK)
-    return printf("Could not load ECDSA private key from test vector: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_ecdsa_key_load_private(&tc_key, tc_keybuf, sizeof(tc_keybuf), tc->curve,
+                                          tc->Qx, tc->Qx_len, tc->Qy, tc->Qy_len,
+                                          tc->d,  tc->d_len)) != HAL_OK)
+      lose("Could not load ECDSA private key from test vector: %s\n", hal_error_string(err));
 
-  hal_uuid_t private_name, public_name;
+    hal_uuid_t private_name, public_name;
 
-  uint8_t private_der[hal_ecdsa_private_key_to_der_len(tc_key)];
-  uint8_t public_der[hal_ecdsa_public_key_to_der_len(tc_key)];
+    uint8_t private_der[hal_ecdsa_private_key_to_der_len(tc_key)];
+    uint8_t public_der[hal_ecdsa_public_key_to_der_len(tc_key)];
 
-  if ((err = hal_ecdsa_private_key_to_der(tc_key, private_der, &len, sizeof(private_der))) != HAL_OK)
-    return printf("Could not DER encode private key from test vector: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_ecdsa_private_key_to_der(tc_key, private_der, &len, sizeof(private_der))) != HAL_OK)
+      lose("Could not DER encode private key from test vector: %s\n", hal_error_string(err));
 
-  assert(len == sizeof(private_der));
+    assert(len == sizeof(private_der));
 
-  if ((err = hal_rpc_pkey_load(client, session, &private_key, HAL_KEY_TYPE_EC_PRIVATE, tc->curve,
-                               &private_name, private_der, sizeof(private_der), flags)) != HAL_OK)
-    return printf("Could not load private key into RPC: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_load(client, session, &private_key, HAL_KEY_TYPE_EC_PRIVATE, tc->curve,
+                                 &private_name, private_der, sizeof(private_der), flags)) != HAL_OK)
+      lose("Could not load private key into RPC: %s\n", hal_error_string(err));
 
-  if ((err = hal_ecdsa_public_key_to_der(tc_key, public_der, &len, sizeof(public_der))) != HAL_OK)
-    return printf("Could not DER encode public key from test vector: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_ecdsa_public_key_to_der(tc_key, public_der, &len, sizeof(public_der))) != HAL_OK)
+      lose("Could not DER encode public key from test vector: %s\n", hal_error_string(err));
 
-  assert(len == sizeof(public_der));
+    assert(len == sizeof(public_der));
 
-  if ((err = hal_rpc_pkey_load(client, session, &public_key, HAL_KEY_TYPE_EC_PUBLIC, tc->curve,
-                               &public_name, public_der, sizeof(public_der), flags)) != HAL_OK)
-    return printf("Could not load public key into RPC: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_load(client, session, &public_key, HAL_KEY_TYPE_EC_PUBLIC, tc->curve,
+                                 &public_name, public_der, sizeof(public_der), flags)) != HAL_OK)
+      lose("Could not load public key into RPC: %s\n", hal_error_string(err));
 
-  if ((err = hal_rpc_pkey_verify(session, public_key, hal_hash_handle_none,
-                                 tc->H, tc->H_len, tc->sig, tc->sig_len)) != HAL_OK)
-    return printf("Could not verify signature from test vector: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
+                                   tc->H, tc->H_len, tc->sig, tc->sig_len)) != HAL_OK)
+      lose("Could not verify signature from test vector: %s\n", hal_error_string(err));
 
-  uint8_t sig[tc->sig_len + 4];
+    uint8_t sig[tc->sig_len + 4];
 
-  if ((err = hal_rpc_pkey_sign(session, private_key, hal_hash_handle_none,
-                               tc->H, tc->H_len, sig, &len, sizeof(sig))) != HAL_OK)
-    return printf("Could not sign: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_sign(private_key, hal_hash_handle_none,
+                                 tc->H, tc->H_len, sig, &len, sizeof(sig))) != HAL_OK)
+      lose("Could not sign: %s\n", hal_error_string(err));
 
-  if ((err = hal_rpc_pkey_verify(session, public_key, hal_hash_handle_none,
-                                 tc->H, tc->H_len, sig, len)) != HAL_OK)
-    return printf("Could not verify own signature: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
+                                   tc->H, tc->H_len, sig, len)) != HAL_OK)
+      lose("Could not verify own signature: %s\n", hal_error_string(err));
 
-  if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
-    return printf("Could not delete private key: %s\n", hal_error_string(err)), 0;
+    if (!test_attributes(private_key) || !test_attributes(public_key))
+      goto fail;
 
-  if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
-    return printf("Could not delete public key: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+      lose("Could not delete private key: %s\n", hal_error_string(err));
 
-  printf("OK\n");
-  return 1;
+    if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+      lose("Could not delete public key: %s\n", hal_error_string(err));
+
+    printf("OK\n");
+    return 1;
+  }
+
+ fail:
+  if (private_key.handle != HAL_HANDLE_NONE &&
+      (err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+    printf("Warning: could not delete private key: %s\n", hal_error_string(err));
+
+  if (public_key.handle != HAL_HANDLE_NONE &&
+      (err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+    printf("Warning: could not delete public key: %s\n", hal_error_string(err));
+
+  return 0;
 }
 
 static int test_rsa_generate(const rsa_tc_t * const tc, hal_key_flags_t flags)
 {
-  const hal_client_handle_t client = {0};
-  const hal_session_handle_t session = {0};
-  hal_pkey_handle_t private_key, public_key;
+  const hal_client_handle_t client = {HAL_HANDLE_NONE};
+  const hal_session_handle_t session = {HAL_HANDLE_NONE};
+  hal_pkey_handle_t private_key = {HAL_HANDLE_NONE};
+  hal_pkey_handle_t public_key = {HAL_HANDLE_NONE};
   hal_error_t err;
   size_t len;
 
   assert(tc != NULL);
 
-  flags |= HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE;
+  {
+    flags |= HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE;
 
-  printf("Starting %lu-bit RSA key generation tests, flags 0x%lx\n",
-         (unsigned long) tc->size, (unsigned long) flags);
+    printf("Starting %lu-bit RSA key generation tests, flags 0x%lx\n",
+           (unsigned long) tc->size, (unsigned long) flags);
 
-  hal_uuid_t private_name, public_name;
+    hal_uuid_t private_name, public_name;
 
-  if ((err = hal_rpc_pkey_generate_rsa(client, session, &private_key, &private_name,
-                                       tc->size, tc->e.val, tc->e.len, flags)) != HAL_OK)
-    return printf("Could not generate RSA private key: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_generate_rsa(client, session, &private_key, &private_name,
+                                         tc->size, tc->e.val, tc->e.len, flags)) != HAL_OK)
+      lose("Could not generate RSA private key: %s\n", hal_error_string(err));
 
-  uint8_t public_der[hal_rpc_pkey_get_public_key_len(private_key)];
+    uint8_t public_der[hal_rpc_pkey_get_public_key_len(private_key)];
 
-  if ((err = hal_rpc_pkey_get_public_key(private_key, public_der, &len, sizeof(public_der))) != HAL_OK)
-    return printf("Could not DER encode RPC RSA public key from RPC RSA private key: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_get_public_key(private_key, public_der, &len, sizeof(public_der))) != HAL_OK)
+      lose("Could not DER encode RPC RSA public key from RPC RSA private key: %s\n", hal_error_string(err));
 
-  assert(len == sizeof(public_der));
+    assert(len == sizeof(public_der));
 
-  if ((err = hal_rpc_pkey_load(client, session, &public_key, HAL_KEY_TYPE_RSA_PUBLIC, HAL_CURVE_NONE,
-                               &public_name, public_der, sizeof(public_der), flags)) != HAL_OK)
-    return printf("Could not load public key into RPC: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_load(client, session, &public_key, HAL_KEY_TYPE_RSA_PUBLIC, HAL_CURVE_NONE,
+                                 &public_name, public_der, sizeof(public_der), flags)) != HAL_OK)
+      lose("Could not load public key into RPC: %s\n", hal_error_string(err));
 
-  uint8_t sig[tc->s.len];
+    uint8_t sig[tc->s.len];
 
-  /*
-   * Raw RSA test cases include PKCS #1.5 padding, we need to drill down to the DigestInfo.
-   */
-  assert(tc->m.len > 4 && tc->m.val[0] == 0x00 && tc->m.val[1] == 0x01 && tc->m.val[2] == 0xff);
-  const uint8_t *digestinfo = memchr(tc->m.val + 2, 0x00, tc->m.len - 2);
-  assert(digestinfo != NULL);
-  const size_t digestinfo_len = tc->m.val + tc->m.len - ++digestinfo;
+    /*
+     * Raw RSA test cases include PKCS #1.5 padding, we need to drill down to the DigestInfo.
+     */
+    assert(tc->m.len > 4 && tc->m.val[0] == 0x00 && tc->m.val[1] == 0x01 && tc->m.val[2] == 0xff);
+    const uint8_t *digestinfo = memchr(tc->m.val + 2, 0x00, tc->m.len - 2);
+    assert(digestinfo != NULL);
+    const size_t digestinfo_len = tc->m.val + tc->m.len - ++digestinfo;
 
-  if ((err = hal_rpc_pkey_sign(session, private_key, hal_hash_handle_none,
-                               digestinfo, digestinfo_len, sig, &len, sizeof(sig))) != HAL_OK)
-    return printf("Could not sign: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_sign(private_key, hal_hash_handle_none,
+                                 digestinfo, digestinfo_len, sig, &len, sizeof(sig))) != HAL_OK)
+      lose("Could not sign: %s\n", hal_error_string(err));
 
-  if ((err = hal_rpc_pkey_verify(session, public_key, hal_hash_handle_none,
-                                 digestinfo, digestinfo_len, sig, len)) != HAL_OK)
-    return printf("Could not verify: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
+                                   digestinfo, digestinfo_len, sig, len)) != HAL_OK)
+      lose("Could not verify: %s\n", hal_error_string(err));
 
-  if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
-    return printf("Could not delete private key: %s\n", hal_error_string(err)), 0;
+    if (!test_attributes(private_key) || !test_attributes(public_key))
+      goto fail;
 
-  if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
-    return printf("Could not delete public key: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+      lose("Could not delete private key: %s\n", hal_error_string(err));
 
-  printf("OK\n");
-  return 1;
+    if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+      lose("Could not delete public key: %s\n", hal_error_string(err));
+
+    printf("OK\n");
+    return 1;
+  }
+
+ fail:
+  if (private_key.handle != HAL_HANDLE_NONE &&
+      (err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+    printf("Warning: could not delete private key: %s\n", hal_error_string(err));
+
+  if (public_key.handle != HAL_HANDLE_NONE &&
+      (err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+    printf("Warning: could not delete public key: %s\n", hal_error_string(err));
+
+  return 0;
 }
 
 static int test_ecdsa_generate(const ecdsa_tc_t * const tc, hal_key_flags_t flags)
 {
-  const hal_client_handle_t client = {0};
-  const hal_session_handle_t session = {0};
-  hal_pkey_handle_t private_key, public_key;
+  const hal_client_handle_t client = {HAL_HANDLE_NONE};
+  const hal_session_handle_t session = {HAL_HANDLE_NONE};
+  hal_pkey_handle_t private_key = {HAL_HANDLE_NONE};
+  hal_pkey_handle_t public_key = {HAL_HANDLE_NONE};
   hal_error_t err;
   size_t len;
 
   assert(tc != NULL);
 
-  flags |= HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE;
+  {
+    flags |= HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE;
 
-  printf("Starting ECDSA %s key generation tests, flags 0x%lx\n",
-         ecdsa_curve_to_string(tc->curve), (unsigned long) flags);
+    printf("Starting ECDSA %s key generation tests, flags 0x%lx\n",
+           ecdsa_curve_to_string(tc->curve), (unsigned long) flags);
 
-  hal_uuid_t private_name, public_name;
+    hal_uuid_t private_name, public_name;
 
-  if ((err = hal_rpc_pkey_generate_ec(client, session, &private_key, &private_name, tc->curve, flags)) != HAL_OK)
-    return printf("Could not generate EC key pair: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_generate_ec(client, session, &private_key, &private_name, tc->curve, flags)) != HAL_OK)
+      lose("Could not generate EC key pair: %s\n", hal_error_string(err));
 
-  uint8_t public_der[hal_rpc_pkey_get_public_key_len(private_key)];
+    uint8_t public_der[hal_rpc_pkey_get_public_key_len(private_key)];
 
-  if ((err = hal_rpc_pkey_get_public_key(private_key, public_der, &len, sizeof(public_der))) != HAL_OK)
-    return printf("Could not DER encode public key from test vector: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_get_public_key(private_key, public_der, &len, sizeof(public_der))) != HAL_OK)
+      lose("Could not DER encode public key from test vector: %s\n", hal_error_string(err));
 
-  assert(len == sizeof(public_der));
+    assert(len == sizeof(public_der));
 
-  if ((err = hal_rpc_pkey_load(client, session, &public_key, HAL_KEY_TYPE_EC_PUBLIC, tc->curve,
-                               &public_name, public_der, sizeof(public_der), flags)) != HAL_OK)
-    return printf("Could not load public key into RPC: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_load(client, session, &public_key, HAL_KEY_TYPE_EC_PUBLIC, tc->curve,
+                                 &public_name, public_der, sizeof(public_der), flags)) != HAL_OK)
+      lose("Could not load public key into RPC: %s\n", hal_error_string(err));
 
-  uint8_t sig[tc->sig_len + 4];
+    uint8_t sig[tc->sig_len + 4];
 
-  if ((err = hal_rpc_pkey_sign(session, private_key, hal_hash_handle_none,
-                               tc->H, tc->H_len, sig, &len, sizeof(sig))) != HAL_OK)
-    return printf("Could not sign: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_sign(private_key, hal_hash_handle_none,
+                                 tc->H, tc->H_len, sig, &len, sizeof(sig))) != HAL_OK)
+      lose("Could not sign: %s\n", hal_error_string(err));
 
-  if ((err = hal_rpc_pkey_verify(session, public_key, hal_hash_handle_none,
-                                 tc->H, tc->H_len, sig, len)) != HAL_OK)
-    return printf("Could not verify own signature: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
+                                   tc->H, tc->H_len, sig, len)) != HAL_OK)
+      lose("Could not verify own signature: %s\n", hal_error_string(err));
 
-  if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
-    return printf("Could not delete private key: %s\n", hal_error_string(err)), 0;
+    if (!test_attributes(private_key) || !test_attributes(public_key))
+      goto fail;
 
-  if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
-    return printf("Could not delete public key: %s\n", hal_error_string(err)), 0;
+    if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+      lose("Could not delete private key: %s\n", hal_error_string(err));
 
-  printf("OK\n");
-  return 1;
+    if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+      lose("Could not delete public key: %s\n", hal_error_string(err));
+
+    printf("OK\n");
+    return 1;
+  }
+
+ fail:
+  if (private_key.handle != HAL_HANDLE_NONE &&
+      (err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+    printf("Warning: could not delete private key: %s\n", hal_error_string(err));
+
+  if (public_key.handle != HAL_HANDLE_NONE &&
+      (err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+    printf("Warning: could not delete public key: %s\n", hal_error_string(err));
+
+  return 0;
 }
 
 int main (int argc, char *argv[])



More information about the Commits mailing list