Changing methods names, adding NVSTORE_ENABLED check for compilation and fixing doxygen issues

pull/6642/head
Yossi Levy 2018-04-16 16:12:51 +03:00
parent a8febd57a1
commit 206ca6cbf5
3 changed files with 55 additions and 46 deletions

View File

@ -20,6 +20,10 @@
#include "greentea-client/test_env.h" #include "greentea-client/test_env.h"
#include "nvstore.h" #include "nvstore.h"
#if !NVSTORE_ENABLED
#error [NOT_SUPPORTED] NVSTORE needs to be enabled for this test
#endif
using namespace utest::v1; using namespace utest::v1;
#define MSG_VALUE_DUMMY "0" #define MSG_VALUE_DUMMY "0"
@ -34,8 +38,8 @@ using namespace utest::v1;
#define MSG_KEY_DEVICE_TEST_STEP4 "check_consistency_step4" #define MSG_KEY_DEVICE_TEST_STEP4 "check_consistency_step4"
#define MSG_KEY_DEVICE_TEST_SUITE_ENDED "Test suite ended" #define MSG_KEY_DEVICE_TEST_SUITE_ENDED "Test suite ended"
void device_key_derived_key_consistency_16_byte_key_reset_test(char *key); void generate_derived_key_consistency_16_byte_key_reset_test(char *key);
void device_key_derived_key_consistency_32_byte_key_reset_test(char *key); void generate_derived_key_consistency_32_byte_key_reset_test(char *key);
/* /*
* Injection of a dummy key when there is no TRNG * Injection of a dummy key when there is no TRNG
@ -55,7 +59,7 @@ int inject_dummy_rot_key()
#endif #endif
} }
void device_key_derived_key_reset_test() void generate_derived_key_reset_test()
{ {
greentea_send_kv(MSG_KEY_DEVICE_READY, MSG_VALUE_DUMMY); greentea_send_kv(MSG_KEY_DEVICE_READY, MSG_VALUE_DUMMY);
@ -67,12 +71,12 @@ void device_key_derived_key_reset_test()
greentea_parse_kv(key, value, MSG_KEY_LEN, MSG_VALUE_LEN); greentea_parse_kv(key, value, MSG_KEY_LEN, MSG_VALUE_LEN);
if (strcmp(key, MSG_KEY_DEVICE_TEST_STEP1) == 0 || strcmp(key, MSG_KEY_DEVICE_TEST_STEP2) == 0) { if (strcmp(key, MSG_KEY_DEVICE_TEST_STEP1) == 0 || strcmp(key, MSG_KEY_DEVICE_TEST_STEP2) == 0) {
device_key_derived_key_consistency_16_byte_key_reset_test(key); generate_derived_key_consistency_16_byte_key_reset_test(key);
return device_key_derived_key_reset_test(); return generate_derived_key_reset_test();
} }
if (strcmp(key, MSG_KEY_DEVICE_TEST_STEP3) == 0 || strcmp(key, MSG_KEY_DEVICE_TEST_STEP4) == 0) { if (strcmp(key, MSG_KEY_DEVICE_TEST_STEP3) == 0 || strcmp(key, MSG_KEY_DEVICE_TEST_STEP4) == 0) {
return device_key_derived_key_consistency_32_byte_key_reset_test(key); return generate_derived_key_consistency_32_byte_key_reset_test(key);
} }
TEST_ASSERT_MESSAGE(false, key); //Indicates error!!! TEST_ASSERT_MESSAGE(false, key); //Indicates error!!!
@ -81,7 +85,7 @@ void device_key_derived_key_reset_test()
/* /*
* Test the consistency of derived 16 byte key result after device reset. * Test the consistency of derived 16 byte key result after device reset.
*/ */
void device_key_derived_key_consistency_16_byte_key_reset_test(char *key) void generate_derived_key_consistency_16_byte_key_reset_test(char *key)
{ {
unsigned char output1[DEVICE_KEY_16BYTE]; unsigned char output1[DEVICE_KEY_16BYTE];
unsigned char output2[DEVICE_KEY_16BYTE]; unsigned char output2[DEVICE_KEY_16BYTE];
@ -104,7 +108,7 @@ void device_key_derived_key_consistency_16_byte_key_reset_test(char *key)
TEST_ASSERT_EQUAL_INT(DEVICEKEY_SUCCESS, ret); TEST_ASSERT_EQUAL_INT(DEVICEKEY_SUCCESS, ret);
memset(output1, 0, sizeof(output1)); memset(output1, 0, sizeof(output1));
ret = devkey.device_key_derived_key(salt, salt_size, output1, key_type); ret = devkey.generate_derived_key(salt, salt_size, output1, key_type);
TEST_ASSERT_EQUAL_INT32(0, ret); TEST_ASSERT_EQUAL_INT32(0, ret);
bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1)); bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1));
TEST_ASSERT_FALSE(is_empty); TEST_ASSERT_FALSE(is_empty);
@ -125,7 +129,7 @@ void device_key_derived_key_consistency_16_byte_key_reset_test(char *key)
for (int i = 0; i < 100; i++) { for (int i = 0; i < 100; i++) {
memset(output2, 0, sizeof(output2)); memset(output2, 0, sizeof(output2));
ret = devkey.device_key_derived_key(salt, salt_size, output2, key_type); ret = devkey.generate_derived_key(salt, salt_size, output2, key_type);
TEST_ASSERT_EQUAL_INT32(0, ret); TEST_ASSERT_EQUAL_INT32(0, ret);
TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_16BYTE); TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_16BYTE);
} }
@ -142,7 +146,7 @@ void device_key_derived_key_consistency_16_byte_key_reset_test(char *key)
/* /*
* Test the consistency of derived 32 byte key result after device reset. * Test the consistency of derived 32 byte key result after device reset.
*/ */
void device_key_derived_key_consistency_32_byte_key_reset_test(char *key) void generate_derived_key_consistency_32_byte_key_reset_test(char *key)
{ {
unsigned char output1[DEVICE_KEY_32BYTE]; unsigned char output1[DEVICE_KEY_32BYTE];
unsigned char output2[DEVICE_KEY_32BYTE]; unsigned char output2[DEVICE_KEY_32BYTE];
@ -165,7 +169,7 @@ void device_key_derived_key_consistency_32_byte_key_reset_test(char *key)
TEST_ASSERT_EQUAL_INT(DEVICEKEY_SUCCESS, ret); TEST_ASSERT_EQUAL_INT(DEVICEKEY_SUCCESS, ret);
memset(output1, 0, sizeof(output1)); memset(output1, 0, sizeof(output1));
ret = devkey.device_key_derived_key(salt, salt_size, output1, key_type); ret = devkey.generate_derived_key(salt, salt_size, output1, key_type);
TEST_ASSERT_EQUAL_INT32(0, ret); TEST_ASSERT_EQUAL_INT32(0, ret);
bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1)); bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1));
TEST_ASSERT_FALSE(is_empty); TEST_ASSERT_FALSE(is_empty);
@ -186,7 +190,7 @@ void device_key_derived_key_consistency_32_byte_key_reset_test(char *key)
for (int i = 0; i < 100; i++) { for (int i = 0; i < 100; i++) {
memset(output2, 0, sizeof(output2)); memset(output2, 0, sizeof(output2));
ret = devkey.device_key_derived_key(salt, salt_size, output2, key_type); ret = devkey.generate_derived_key(salt, salt_size, output2, key_type);
TEST_ASSERT_EQUAL_INT32(0, ret); TEST_ASSERT_EQUAL_INT32(0, ret);
TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_32BYTE); TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_32BYTE);
} }
@ -299,7 +303,7 @@ void device_inject_root_of_trust_several_times_test()
/* /*
* Test the consistency of derived 16 byte key result. * Test the consistency of derived 16 byte key result.
*/ */
void device_key_derived_key_consistency_16_byte_key_test() void generate_derived_key_consistency_16_byte_key_test()
{ {
unsigned char output1[DEVICE_KEY_16BYTE]; unsigned char output1[DEVICE_KEY_16BYTE];
unsigned char output2[DEVICE_KEY_16BYTE]; unsigned char output2[DEVICE_KEY_16BYTE];
@ -317,14 +321,14 @@ void device_key_derived_key_consistency_16_byte_key_test()
size_t salt_size = sizeof(salt); size_t salt_size = sizeof(salt);
memset(output1, 0, sizeof(output1)); memset(output1, 0, sizeof(output1));
ret = devkey.device_key_derived_key(salt, salt_size, output1, key_type); ret = devkey.generate_derived_key(salt, salt_size, output1, key_type);
TEST_ASSERT_EQUAL_INT32(0, ret); TEST_ASSERT_EQUAL_INT32(0, ret);
bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1)); bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1));
TEST_ASSERT_FALSE(is_empty); TEST_ASSERT_FALSE(is_empty);
for (int i = 0; i < 100; i++) { for (int i = 0; i < 100; i++) {
memset(output2, 0, sizeof(output2)); memset(output2, 0, sizeof(output2));
ret = devkey.device_key_derived_key(salt, salt_size, output2, key_type); ret = devkey.generate_derived_key(salt, salt_size, output2, key_type);
TEST_ASSERT_EQUAL_INT32(0, ret); TEST_ASSERT_EQUAL_INT32(0, ret);
TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_16BYTE); TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_16BYTE);
} }
@ -333,7 +337,7 @@ void device_key_derived_key_consistency_16_byte_key_test()
/* /*
* Test the consistency of derived 32 byte key result. * Test the consistency of derived 32 byte key result.
*/ */
void device_key_derived_key_consistency_32_byte_key_test() void generate_derived_key_consistency_32_byte_key_test()
{ {
unsigned char output1[DEVICE_KEY_32BYTE]; unsigned char output1[DEVICE_KEY_32BYTE];
unsigned char output2[DEVICE_KEY_32BYTE]; unsigned char output2[DEVICE_KEY_32BYTE];
@ -351,14 +355,14 @@ void device_key_derived_key_consistency_32_byte_key_test()
size_t salt_size = sizeof(salt); size_t salt_size = sizeof(salt);
memset(output1, 0, sizeof(output1)); memset(output1, 0, sizeof(output1));
ret = devkey.device_key_derived_key(salt, salt_size, output1, key_type); ret = devkey.generate_derived_key(salt, salt_size, output1, key_type);
TEST_ASSERT_EQUAL_INT32(0, ret); TEST_ASSERT_EQUAL_INT32(0, ret);
bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1)); bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1));
TEST_ASSERT_FALSE(is_empty); TEST_ASSERT_FALSE(is_empty);
for (int i = 0; i < 100; i++) { for (int i = 0; i < 100; i++) {
memset(output2, 0, sizeof(output2)); memset(output2, 0, sizeof(output2));
ret = devkey.device_key_derived_key(salt, salt_size, output2, key_type); ret = devkey.generate_derived_key(salt, salt_size, output2, key_type);
TEST_ASSERT_EQUAL_INT32(0, ret); TEST_ASSERT_EQUAL_INT32(0, ret);
TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_32BYTE); TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_32BYTE);
} }
@ -367,7 +371,7 @@ void device_key_derived_key_consistency_32_byte_key_test()
/* /*
* Test request for 16 byte key is returning a correct key size. * Test request for 16 byte key is returning a correct key size.
*/ */
void device_key_derived_key_key_type_16_test() void generate_derived_key_key_type_16_test()
{ {
unsigned char output[DEVICE_KEY_16BYTE * 2]; unsigned char output[DEVICE_KEY_16BYTE * 2];
unsigned char salt[] = "The quick brown fox jumps over the lazy dog"; unsigned char salt[] = "The quick brown fox jumps over the lazy dog";
@ -387,7 +391,7 @@ void device_key_derived_key_key_type_16_test()
memcpy(output + DEVICE_KEY_16BYTE - sizeof(expectedString), expectedString, sizeof(expectedString)); memcpy(output + DEVICE_KEY_16BYTE - sizeof(expectedString), expectedString, sizeof(expectedString));
memcpy(output + DEVICE_KEY_16BYTE + 1, expectedString, sizeof(expectedString)); memcpy(output + DEVICE_KEY_16BYTE + 1, expectedString, sizeof(expectedString));
ret = devkey.device_key_derived_key(salt, salt_size, output, key_type); ret = devkey.generate_derived_key(salt, salt_size, output, key_type);
TEST_ASSERT_EQUAL_INT32(0, ret); TEST_ASSERT_EQUAL_INT32(0, ret);
//Test that we didn't override the buffer after the 16 byte size //Test that we didn't override the buffer after the 16 byte size
TEST_ASSERT_EQUAL_UINT8_ARRAY(output + DEVICE_KEY_16BYTE + 1, expectedString, sizeof(expectedString)); TEST_ASSERT_EQUAL_UINT8_ARRAY(output + DEVICE_KEY_16BYTE + 1, expectedString, sizeof(expectedString));
@ -398,7 +402,7 @@ void device_key_derived_key_key_type_16_test()
/* /*
* Test request for 32 byte key is returning a correct key size. * Test request for 32 byte key is returning a correct key size.
*/ */
void device_key_derived_key_key_type_32_test() void generate_derived_key_key_type_32_test()
{ {
unsigned char output[DEVICE_KEY_32BYTE * 2]; unsigned char output[DEVICE_KEY_32BYTE * 2];
unsigned char salt[] = "The quick brown fox jumps over the lazy dog"; unsigned char salt[] = "The quick brown fox jumps over the lazy dog";
@ -418,7 +422,7 @@ void device_key_derived_key_key_type_32_test()
memcpy(output + DEVICE_KEY_32BYTE - sizeof(expectedString), expectedString, sizeof(expectedString)); memcpy(output + DEVICE_KEY_32BYTE - sizeof(expectedString), expectedString, sizeof(expectedString));
memcpy(output + DEVICE_KEY_32BYTE + 1, expectedString, sizeof(expectedString)); memcpy(output + DEVICE_KEY_32BYTE + 1, expectedString, sizeof(expectedString));
ret = devkey.device_key_derived_key(salt, salt_size, output, key_type); ret = devkey.generate_derived_key(salt, salt_size, output, key_type);
TEST_ASSERT_EQUAL_INT32(0, ret); TEST_ASSERT_EQUAL_INT32(0, ret);
//Test that we didn't override the buffer after the 32 byte size //Test that we didn't override the buffer after the 32 byte size
TEST_ASSERT_EQUAL_UINT8_ARRAY(output + DEVICE_KEY_32BYTE + 1, expectedString, sizeof(expectedString)); TEST_ASSERT_EQUAL_UINT8_ARRAY(output + DEVICE_KEY_32BYTE + 1, expectedString, sizeof(expectedString));
@ -429,7 +433,7 @@ void device_key_derived_key_key_type_32_test()
/* /*
* Test request for unknown key size returns an error * Test request for unknown key size returns an error
*/ */
void device_key_derived_key_wrong_key_type_test() void generate_derived_key_wrong_key_type_test()
{ {
unsigned char output[DEVICE_KEY_16BYTE]; unsigned char output[DEVICE_KEY_16BYTE];
unsigned char salt[] = "The quick brown fox jumps over the lazy dog"; unsigned char salt[] = "The quick brown fox jumps over the lazy dog";
@ -445,7 +449,7 @@ void device_key_derived_key_wrong_key_type_test()
TEST_ASSERT_EQUAL_INT(DEVICEKEY_SUCCESS, ret); TEST_ASSERT_EQUAL_INT(DEVICEKEY_SUCCESS, ret);
memset(output, 0, DEVICE_KEY_32BYTE); memset(output, 0, DEVICE_KEY_32BYTE);
ret = devkey.device_key_derived_key(salt, salt_size, output, 12);//96 bit key type is not supported ret = devkey.generate_derived_key(salt, salt_size, output, 12);//96 bit key type is not supported
TEST_ASSERT_EQUAL_INT32(DEVICEKEY_INVALID_KEY_TYPE, ret); TEST_ASSERT_EQUAL_INT32(DEVICEKEY_INVALID_KEY_TYPE, ret);
} }
@ -458,16 +462,16 @@ utest::v1::status_t greentea_failure_handler(const Case *const source, const fai
//Currently there can be only one test that contains reset and it has to be the first test! //Currently there can be only one test that contains reset and it has to be the first test!
Case cases[] = { Case cases[] = {
Case("Device Key - derived key reset", device_key_derived_key_reset_test, greentea_failure_handler), Case("Device Key - derived key reset", generate_derived_key_reset_test, greentea_failure_handler),
Case("Device Key - inject value wrong size", device_inject_root_of_trust_wrong_size_test, greentea_failure_handler), Case("Device Key - inject value wrong size", device_inject_root_of_trust_wrong_size_test, greentea_failure_handler),
Case("Device Key - inject value 16 byte size", device_inject_root_of_trust_16_byte_size_test, greentea_failure_handler), Case("Device Key - inject value 16 byte size", device_inject_root_of_trust_16_byte_size_test, greentea_failure_handler),
Case("Device Key - inject value 32 byte size", device_inject_root_of_trust_32_byte_size_test, greentea_failure_handler), Case("Device Key - inject value 32 byte size", device_inject_root_of_trust_32_byte_size_test, greentea_failure_handler),
Case("Device Key - inject value several times", device_inject_root_of_trust_several_times_test, greentea_failure_handler), Case("Device Key - inject value several times", device_inject_root_of_trust_several_times_test, greentea_failure_handler),
Case("Device Key - derived key consistency 16 byte key", device_key_derived_key_consistency_16_byte_key_test, greentea_failure_handler), Case("Device Key - derived key consistency 16 byte key", generate_derived_key_consistency_16_byte_key_test, greentea_failure_handler),
Case("Device Key - derived key consistency 32 byte key", device_key_derived_key_consistency_32_byte_key_test, greentea_failure_handler), Case("Device Key - derived key consistency 32 byte key", generate_derived_key_consistency_32_byte_key_test, greentea_failure_handler),
Case("Device Key - derived key key type 16", device_key_derived_key_key_type_16_test, greentea_failure_handler), Case("Device Key - derived key key type 16", generate_derived_key_key_type_16_test, greentea_failure_handler),
Case("Device Key - derived key key type 32", device_key_derived_key_key_type_32_test, greentea_failure_handler), Case("Device Key - derived key key type 32", generate_derived_key_key_type_32_test, greentea_failure_handler),
Case("Device Key - derived key wrong key type", device_key_derived_key_wrong_key_type_test, greentea_failure_handler) Case("Device Key - derived key wrong key type", generate_derived_key_wrong_key_type_test, greentea_failure_handler)
}; };
utest::v1::status_t greentea_test_setup(const size_t number_of_cases) utest::v1::status_t greentea_test_setup(const size_t number_of_cases)

View File

@ -24,6 +24,8 @@
#error [NOT_SUPPORTED] MBEDTLS_CMAC_C needs to be enabled for this driver #error [NOT_SUPPORTED] MBEDTLS_CMAC_C needs to be enabled for this driver
#else #else
#if NVSTORE_ENABLED
namespace mbed { namespace mbed {
DeviceKey::DeviceKey() DeviceKey::DeviceKey()
@ -36,8 +38,8 @@ DeviceKey::~DeviceKey()
return; return;
} }
int DeviceKey::device_key_derived_key(const unsigned char *salt, size_t isalt_size, unsigned char *output, int DeviceKey::generate_derived_key(const unsigned char *salt, size_t isalt_size, unsigned char *output,
uint16_t ikey_type) uint16_t ikey_type)
{ {
uint32_t key_buff[DEVICE_KEY_32BYTE / sizeof(uint32_t)]; uint32_t key_buff[DEVICE_KEY_32BYTE / sizeof(uint32_t)];
size_t actual_size = DEVICE_KEY_32BYTE; size_t actual_size = DEVICE_KEY_32BYTE;
@ -135,8 +137,8 @@ int DeviceKey::read_key_from_nvstore(uint32_t *output, size_t& size)
} }
// Calculate CMAC functions - wrapper for mbedtls start/update and finish // Calculate CMAC functions - wrapper for mbedtls start/update and finish
int DeviceKey::calc_cmac(const unsigned char *input, size_t isize, uint32_t *ikey_buff, int ikey_size, int DeviceKey::calculate_cmac(const unsigned char *input, size_t isize, uint32_t *ikey_buff, int ikey_size,
unsigned char *output) unsigned char *output)
{ {
int ret; int ret;
mbedtls_cipher_context_t ctx; mbedtls_cipher_context_t ctx;
@ -183,14 +185,14 @@ int DeviceKey::get_derived_key(uint32_t *ikey_buff, size_t ikey_size, const unsi
unsigned char *double_size_salt = NULL; unsigned char *double_size_salt = NULL;
if (DEVICE_KEY_16BYTE == ikey_type) { if (DEVICE_KEY_16BYTE == ikey_type) {
ret = calc_cmac(isalt, isalt_size, ikey_buff, ikey_size, output); ret = calculate_cmac(isalt, isalt_size, ikey_buff, ikey_size, output);
if (DEVICEKEY_SUCCESS != ret) { if (DEVICEKEY_SUCCESS != ret) {
goto finish; goto finish;
} }
} }
if (DEVICE_KEY_32BYTE == ikey_type) { if (DEVICE_KEY_32BYTE == ikey_type) {
ret = this->calc_cmac(isalt, isalt_size, ikey_buff, ikey_size, output); ret = this->calculate_cmac(isalt, isalt_size, ikey_buff, ikey_size, output);
if (DEVICEKEY_SUCCESS != ret) { if (DEVICEKEY_SUCCESS != ret) {
goto finish; goto finish;
} }
@ -200,7 +202,7 @@ int DeviceKey::get_derived_key(uint32_t *ikey_buff, size_t ikey_size, const unsi
memcpy(double_size_salt, isalt, isalt_size); memcpy(double_size_salt, isalt, isalt_size);
memcpy(double_size_salt + isalt_size, isalt, isalt_size); memcpy(double_size_salt + isalt_size, isalt, isalt_size);
ret = this->calc_cmac(double_size_salt, isalt_size * 2, ikey_buff, ikey_size, output + 16); ret = this->calculate_cmac(double_size_salt, isalt_size * 2, ikey_buff, ikey_size, output + 16);
} }
finish: finish:
@ -247,6 +249,7 @@ int DeviceKey::generate_key_by_trng(uint32_t *output, size_t& size)
} // namespace mbed } // namespace mbed
#endif //NVSTORE_ENABLED
#endif #endif

View File

@ -20,6 +20,8 @@
#include "stdint.h" #include "stdint.h"
#include "platform/NonCopyable.h" #include "platform/NonCopyable.h"
#if (NVSTORE_ENABLED)
namespace mbed { namespace mbed {
/** \addtogroup drivers */ /** \addtogroup drivers */
@ -44,8 +46,7 @@ enum DeviceKeyStatus {
/** Use this singleton if you need to derive a new key from the device root of trust. /** Use this singleton if you need to derive a new key from the device root of trust.
* *
* * @note Synchronization level: Thread safe
* @endcode
* @ingroup drivers * @ingroup drivers
*/ */
@ -69,7 +70,7 @@ public:
return instance; return instance;
} }
virtual ~DeviceKey(); ~DeviceKey();
/** Derive a new key based on the salt string. key type can be with values 16 bytes and 32 bytes /** Derive a new key based on the salt string. key type can be with values 16 bytes and 32 bytes
* @param isalt input buffer used to create the new key. Same input will generate always the same key * @param isalt input buffer used to create the new key. Same input will generate always the same key
@ -79,7 +80,7 @@ public:
* @param ikey_type type of the required key. Type must be 16 bytes or 32 bytes. * @param ikey_type type of the required key. Type must be 16 bytes or 32 bytes.
* @return 0 on success, negative error code on failure * @return 0 on success, negative error code on failure
*/ */
int device_key_derived_key(const unsigned char *isalt, size_t isalt_size, unsigned char *output, uint16_t ikey_type); int generate_derived_key(const unsigned char *isalt, size_t isalt_size, unsigned char *output, uint16_t ikey_type);
/** Set a device key into the NVStore. In case TRNG support is missing, Call this method /** Set a device key into the NVStore. In case TRNG support is missing, Call this method
* before calling device_key_derived_key. This method should be called only once! * before calling device_key_derived_key. This method should be called only once!
@ -101,7 +102,7 @@ private:
* @param output buffer for the CMAC result. * @param output buffer for the CMAC result.
* @return 0 on success, negative error code on failure * @return 0 on success, negative error code on failure
*/ */
int calc_cmac(const unsigned char *input, size_t isize, uint32_t *ikey_buff, int ikey_size, unsigned char *output); int calculate_cmac(const unsigned char *input, size_t isize, uint32_t *ikey_buff, int ikey_size, unsigned char *output);
/** Read a device key from the NVStore /** Read a device key from the NVStore
* @param output buffer for the returned key. * @param output buffer for the returned key.
@ -145,4 +146,5 @@ private:
} }
#endif //NVSTORE_ENABLED
#endif #endif