cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Set the key size as an attribute

Browse Source 
Instead of passing a separate parameter for the key size to
psa_generate_key and psa_generator_import_key, set it through the
attributes, like the key type and other metadata.
This commit is contained in:
Gilles Peskine 2019-04-26 13:49:28 +02:00
parent 30afafd527
commit 3a4f1f8e46
7 changed files with 54 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
include/psa/crypto.h
View File

@ -147,6 +147,7 @@ psa_status_t psa_crypto_init(void);
* by the following functions: * by the following functions:
* - psa_make_key_persistent() * - psa_make_key_persistent()
* - psa_set_key_type() * - psa_set_key_type()
* - psa_set_key_bits()
* - psa_set_key_usage_flags() * - psa_set_key_usage_flags()
* - psa_set_key_algorithm() * - psa_set_key_algorithm()
* - psa_reset_key_attributes() * - psa_reset_key_attributes()
@ -293,6 +294,20 @@ static psa_algorithm_t psa_get_key_algorithm(
static void psa_set_key_type(psa_key_attributes_t *attributes, static void psa_set_key_type(psa_key_attributes_t *attributes,
psa_key_type_t type); psa_key_type_t type);
/** Declare the size of a key.
*
* This function overwrites any key size previously set in \p attributes.
*
* This function may be declared as `static` (i.e. without external
* linkage). This function may be provided as a function-like macro,
* but in this case it must evaluate each of its arguments exactly once.
*
* \param[out] attributes The attribute structure to write to.
* \param bits The key size in bits.
*/
static void psa_set_key_bits(psa_key_attributes_t *attributes,
size_t bits);
/** Retrieve the key type from key attributes. /** Retrieve the key type from key attributes.
* *
* This function may be declared as `static` (i.e. without external * This function may be declared as `static` (i.e. without external
@ -331,11 +346,6 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes);
* property may not hold in future versions of this specification or * property may not hold in future versions of this specification or
* for implementation-specific values. * for implementation-specific values.
* *
* In addition to the attributes that were set when creating the key,
* this function reports the following data:
* - The key size in bits, which can be retrieved with
* psa_get_key_bits().
*
* \param[in] handle Handle to the key to query. * \param[in] handle Handle to the key to query.
* \param[in,out] attributes On success, the attributes of the key. * \param[in,out] attributes On success, the attributes of the key.
* On failure, equivalent to a * On failure, equivalent to a
@ -3018,12 +3028,8 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
* The generator's capacity is decreased by the number of bytes read. * The generator's capacity is decreased by the number of bytes read.
* *
* \param[in] attributes The attributes for the new key. * \param[in] attributes The attributes for the new key.
* The key size field in \p attributes is
* ignored; the actual key size is taken
* from the \p bits parameter instead.
* \param[out] handle On success, a handle to the newly created key. * \param[out] handle On success, a handle to the newly created key.
* \c 0 on failure. * \c 0 on failure.
* \param bits Key size in bits.
* \param[in,out] generator The generator object to read from. * \param[in,out] generator The generator object to read from.
* *
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
@ -3054,7 +3060,6 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
*/ */
psa_status_t psa_generator_import_key(const psa_key_attributes_t *attributes, psa_status_t psa_generator_import_key(const psa_key_attributes_t *attributes,
psa_key_handle_t *handle, psa_key_handle_t *handle,
size_t bits,
psa_crypto_generator_t *generator); psa_crypto_generator_t *generator);
/** Abort a generator. /** Abort a generator.
@ -3383,12 +3388,8 @@ typedef struct {
* \brief Generate a key or key pair. * \brief Generate a key or key pair.
* *
* \param[in] attributes The attributes for the new key. * \param[in] attributes The attributes for the new key.
* The key size field in \p attributes is
* ignored; the actual key size is taken
* from the \p bits parameter instead.
* \param[out] handle On success, a handle to the newly created key. * \param[out] handle On success, a handle to the newly created key.
* \c 0 on failure. * \c 0 on failure.
* \param bits Key size in bits.
* \param[in] extra Extra parameters for key generation. The * \param[in] extra Extra parameters for key generation. The
* interpretation of this parameter depends on * interpretation of this parameter depends on
* the key type \c type. All types support \c NULL to * the key type \c type. All types support \c NULL to
@ -3447,7 +3448,6 @@ typedef struct {
*/ */
psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
psa_key_handle_t *handle, psa_key_handle_t *handle,
size_t bits,
const void *extra, const void *extra,
size_t extra_size); size_t extra_size);

6
include/psa/crypto_struct.h
View File

@ -333,6 +333,12 @@ static inline psa_key_type_t psa_get_key_type(
return( attributes->type ); return( attributes->type );
} }
static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
size_t bits)
{
attributes->bits = bits;
}
static inline size_t psa_get_key_bits( static inline size_t psa_get_key_bits(
const psa_key_attributes_t *attributes) const psa_key_attributes_t *attributes)
{ {

9
library/psa_crypto.c
View File

@ -4222,7 +4222,6 @@ exit:
psa_status_t psa_generator_import_key( const psa_key_attributes_t *attributes, psa_status_t psa_generator_import_key( const psa_key_attributes_t *attributes,
psa_key_handle_t *handle, psa_key_handle_t *handle,
size_t bits,
psa_crypto_generator_t *generator ) psa_crypto_generator_t *generator )
{ {
psa_status_t status; psa_status_t status;
@ -4230,7 +4229,9 @@ psa_status_t psa_generator_import_key( const psa_key_attributes_t *attributes,
status = psa_start_key_creation( attributes, handle, &slot ); status = psa_start_key_creation( attributes, handle, &slot );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
{ {
status = psa_generator_import_key_internal( slot, bits, generator ); status = psa_generator_import_key_internal( slot,
attributes->bits,
generator );
} }
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
status = psa_finish_key_creation( slot ); status = psa_finish_key_creation( slot );
@ -5139,7 +5140,6 @@ psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle,
psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_status_t psa_generate_key( const psa_key_attributes_t *attributes,
psa_key_handle_t *handle, psa_key_handle_t *handle,
size_t bits,
const void *extra, const void *extra,
size_t extra_size ) size_t extra_size )
{ {
@ -5148,7 +5148,8 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes,
status = psa_start_key_creation( attributes, handle, &slot ); status = psa_start_key_creation( attributes, handle, &slot );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
{ {
status = psa_generate_key_internal( slot, bits, extra, extra_size ); status = psa_generate_key_internal( slot, attributes->bits,
extra, extra_size );
} }
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
status = psa_finish_key_creation( slot ); status = psa_finish_key_creation( slot );

12
programs/psa/crypto_examples.c
View File

@ -162,9 +162,9 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
psa_set_key_algorithm( &attributes, alg ); psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
psa_set_key_bits( &attributes, key_bits );
status = psa_generate_key( &attributes, &key_handle, key_bits, status = psa_generate_key( &attributes, &key_handle, NULL, 0 );
NULL, 0 );
ASSERT_STATUS( status, PSA_SUCCESS ); ASSERT_STATUS( status, PSA_SUCCESS );
status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
@ -213,9 +213,9 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
psa_set_key_algorithm( &attributes, alg ); psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
psa_set_key_bits( &attributes, key_bits );
status = psa_generate_key( &attributes, &key_handle, key_bits, status = psa_generate_key( &attributes, &key_handle, NULL, 0 );
NULL, 0 );
ASSERT_STATUS( status, PSA_SUCCESS ); ASSERT_STATUS( status, PSA_SUCCESS );
status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
@ -260,9 +260,9 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
psa_set_key_algorithm( &attributes, alg ); psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
psa_set_key_bits( &attributes, key_bits );
status = psa_generate_key( &attributes, &key_handle, key_bits, status = psa_generate_key( &attributes, &key_handle, NULL, 0 );
NULL, 0 );
ASSERT_STATUS( status, PSA_SUCCESS ); ASSERT_STATUS( status, PSA_SUCCESS );
status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),

16
programs/psa/key_ladder_demo.c
View File

@ -206,10 +206,9 @@ static psa_status_t generate( const char *key_file_name )
PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT );
psa_set_key_algorithm( &attributes, KDF_ALG ); psa_set_key_algorithm( &attributes, KDF_ALG );
psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) );
PSA_CHECK( psa_generate_key( &attributes, &key_handle, PSA_CHECK( psa_generate_key( &attributes, &key_handle, NULL, 0 ) );
PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
NULL, 0 ) );
PSA_CHECK( save_key( key_handle, key_file_name ) ); PSA_CHECK( save_key( key_handle, key_file_name ) );
@ -287,6 +286,7 @@ static psa_status_t derive_key_ladder( const char *ladder[],
PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT );
psa_set_key_algorithm( &attributes, KDF_ALG ); psa_set_key_algorithm( &attributes, KDF_ALG );
psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) );
/* For each label in turn, ... */ /* For each label in turn, ... */
for( i = 0; i < ladder_depth; i++ ) for( i = 0; i < ladder_depth; i++ )
@ -306,10 +306,8 @@ static psa_status_t derive_key_ladder( const char *ladder[],
*key_handle = 0; *key_handle = 0;
/* Use the generator obtained from the parent key to create /* Use the generator obtained from the parent key to create
* the next intermediate key. */ * the next intermediate key. */
PSA_CHECK( psa_generator_import_key( PSA_CHECK( psa_generator_import_key( &attributes, key_handle,
&attributes, key_handle, &generator ) );
PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
&generator ) );
PSA_CHECK( psa_generator_abort( &generator ) ); PSA_CHECK( psa_generator_abort( &generator ) );
} }
@ -336,6 +334,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage,
psa_set_key_usage_flags( &attributes, usage ); psa_set_key_usage_flags( &attributes, usage );
psa_set_key_algorithm( &attributes, WRAPPING_ALG ); psa_set_key_algorithm( &attributes, WRAPPING_ALG );
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
psa_set_key_bits( &attributes, WRAPPING_KEY_BITS );
PSA_CHECK( psa_key_derivation( PSA_CHECK( psa_key_derivation(
&generator, &generator,
@ -345,8 +344,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage,
NULL, 0, NULL, 0,
PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) ); PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) );
PSA_CHECK( psa_generator_import_key( &attributes, wrapping_key_handle, PSA_CHECK( psa_generator_import_key( &attributes, wrapping_key_handle,
WRAPPING_KEY_BITS, &generator ) );
&generator ) );
exit: exit:
psa_generator_abort( &generator ); psa_generator_abort( &generator );

2
tests/suites/test_suite_psa_crypto.data
View File

@ -2,7 +2,7 @@ PSA compile-time sanity checks
static_checks: static_checks:
PSA key attributes structure PSA key attributes structure
attributes_set_get:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES attributes_set_get:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128
PSA import/export raw: 0 bytes PSA import/export raw: 0 bytes
import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1

23
tests/suites/test_suite_psa_crypto.function
View File

@ -1157,7 +1157,7 @@ void static_checks( )
/* BEGIN_CASE */ /* BEGIN_CASE */
void attributes_set_get( int id_arg, int lifetime_arg, void attributes_set_get( int id_arg, int lifetime_arg,
int usage_flags_arg, int alg_arg, int usage_flags_arg, int alg_arg,
int type_arg ) int type_arg, int bits_arg )
{ {
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_id_t id = id_arg; psa_key_id_t id = id_arg;
@ -1165,23 +1165,27 @@ void attributes_set_get( int id_arg, int lifetime_arg,
psa_key_usage_t usage_flags = usage_flags_arg; psa_key_usage_t usage_flags = usage_flags_arg;
psa_algorithm_t alg = alg_arg; psa_algorithm_t alg = alg_arg;
psa_key_type_t type = type_arg; psa_key_type_t type = type_arg;
size_t bits = bits_arg;
TEST_EQUAL( psa_get_key_id( &attributes ), 0 ); TEST_EQUAL( psa_get_key_id( &attributes ), 0 );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
psa_make_key_persistent( &attributes, id, lifetime ); psa_make_key_persistent( &attributes, id, lifetime );
psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_usage_flags( &attributes, usage_flags );
psa_set_key_algorithm( &attributes, alg ); psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, type ); psa_set_key_type( &attributes, type );
psa_set_key_bits( &attributes, bits );
TEST_EQUAL( psa_get_key_id( &attributes ), id ); TEST_EQUAL( psa_get_key_id( &attributes ), id );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
TEST_EQUAL( psa_get_key_type( &attributes ), type ); TEST_EQUAL( psa_get_key_type( &attributes ), type );
TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
psa_reset_key_attributes( &attributes ); psa_reset_key_attributes( &attributes );
@ -1190,6 +1194,7 @@ void attributes_set_get( int id_arg, int lifetime_arg,
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
} }
/* END_CASE */ /* END_CASE */
@ -4294,8 +4299,8 @@ void derive_key_exercise( int alg_arg,
psa_set_key_usage_flags( &attributes, derived_usage ); psa_set_key_usage_flags( &attributes, derived_usage );
psa_set_key_algorithm( &attributes, derived_alg ); psa_set_key_algorithm( &attributes, derived_alg );
psa_set_key_type( &attributes, derived_type ); psa_set_key_type( &attributes, derived_type );
psa_set_key_bits( &attributes, derived_bits );
PSA_ASSERT( psa_generator_import_key( &attributes, &derived_handle, PSA_ASSERT( psa_generator_import_key( &attributes, &derived_handle,
derived_bits,
&generator ) ); &generator ) );
/* Test the key information */ /* Test the key information */
@ -4327,7 +4332,6 @@ void derive_key_export( int alg_arg,
psa_key_handle_t derived_handle = 0; psa_key_handle_t derived_handle = 0;
psa_algorithm_t alg = alg_arg; psa_algorithm_t alg = alg_arg;
size_t bytes1 = bytes1_arg; size_t bytes1 = bytes1_arg;
size_t derived_bits = PSA_BYTES_TO_BITS( bytes1 );
size_t bytes2 = bytes2_arg; size_t bytes2 = bytes2_arg;
size_t capacity = bytes1 + bytes2; size_t capacity = bytes1 + bytes2;
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
@ -4365,16 +4369,16 @@ void derive_key_export( int alg_arg,
psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT );
psa_set_key_algorithm( &derived_attributes, 0 ); psa_set_key_algorithm( &derived_attributes, 0 );
psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA );
psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) );
PSA_ASSERT( psa_generator_import_key( &derived_attributes, &derived_handle, PSA_ASSERT( psa_generator_import_key( &derived_attributes, &derived_handle,
derived_bits,
&generator ) ); &generator ) );
PSA_ASSERT( psa_export_key( derived_handle, PSA_ASSERT( psa_export_key( derived_handle,
export_buffer, bytes1, export_buffer, bytes1,
&length ) ); &length ) );
TEST_EQUAL( length, bytes1 ); TEST_EQUAL( length, bytes1 );
PSA_ASSERT( psa_destroy_key( derived_handle ) ); PSA_ASSERT( psa_destroy_key( derived_handle ) );
psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) );
PSA_ASSERT( psa_generator_import_key( &derived_attributes, &derived_handle, PSA_ASSERT( psa_generator_import_key( &derived_attributes, &derived_handle,
PSA_BYTES_TO_BITS( bytes2 ),
&generator ) ); &generator ) );
PSA_ASSERT( psa_export_key( derived_handle, PSA_ASSERT( psa_export_key( derived_handle,
export_buffer + bytes1, bytes2, export_buffer + bytes1, bytes2,
@ -4667,9 +4671,10 @@ void generate_key( int type_arg,
psa_set_key_usage_flags( &attributes, usage ); psa_set_key_usage_flags( &attributes, usage );
psa_set_key_algorithm( &attributes, alg ); psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, type ); psa_set_key_type( &attributes, type );
psa_set_key_bits( &attributes, bits );
/* Generate a key */ /* Generate a key */
TEST_EQUAL( psa_generate_key( &attributes, &handle, bits, NULL, 0 ), TEST_EQUAL( psa_generate_key( &attributes, &handle, NULL, 0 ),
expected_status ); expected_status );
if( expected_info_status != PSA_SUCCESS ) if( expected_info_status != PSA_SUCCESS )
goto exit; goto exit;
@ -4722,6 +4727,7 @@ void persistent_key_load_key_from_storage( data_t *data,
psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_usage_flags( &attributes, usage_flags );
psa_set_key_algorithm( &attributes, alg ); psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, type ); psa_set_key_type( &attributes, type );
psa_set_key_bits( &attributes, bits );
switch( generation_method ) switch( generation_method )
{ {
@ -4733,8 +4739,7 @@ void persistent_key_load_key_from_storage( data_t *data,
case GENERATE_KEY: case GENERATE_KEY:
/* Generate a key */ /* Generate a key */
PSA_ASSERT( psa_generate_key( &attributes, &handle, PSA_ASSERT( psa_generate_key( &attributes, &handle, NULL, 0 ) );
bits, NULL, 0 ) );
break; break;
case DERIVE_KEY: case DERIVE_KEY:
@ -4757,7 +4762,7 @@ void persistent_key_load_key_from_storage( data_t *data,
&generator, PSA_KDF_STEP_INFO, &generator, PSA_KDF_STEP_INFO,
NULL, 0 ) ); NULL, 0 ) );
PSA_ASSERT( psa_generator_import_key( &attributes, &handle, PSA_ASSERT( psa_generator_import_key( &attributes, &handle,
bits, &generator ) ); &generator ) );
PSA_ASSERT( psa_generator_abort( &generator ) ); PSA_ASSERT( psa_generator_abort( &generator ) );
PSA_ASSERT( psa_destroy_key( base_key ) ); PSA_ASSERT( psa_destroy_key( base_key ) );
base_key = 0; base_key = 0;