tf_fuzz: fix key import and export simulation
Fix the simulation of psa_import_key() and psa_export_key(). This fixes
demo/28.test.
* This patch moves the existing simulation code for these calls from
code generation methods to a new simulate() method, as described in
ub52d00b (tf_fuzz: add new crypto key generation model, 2024-08-02).
* Extend the simulation code for `import_key_call` to check whether the
key policy is valid when calculating the expected result of the call.
This uses the new crypto simulation methods introduced in b52d00b
(tf_fuzz: add new crypto key generation model, 2024-08-02).
* Extend the simulation code for `read_key_call` (the call for
`psa_export_key()`).
* Allow `copy_policy_to_call` to fetch policy information from key
assets as well as policy assets.
Previously if a call used the policy of another policy or key asset,
the details of that policy was not stored in the call at all. To fix
this, b52d00b (tf_fuzz: add new crypto key generation model,
2024-08-02) added `copy_policy_to_call`, which copies policy
information into a call at simulation time from a named policy asset.
To correctly calculate the expected result of `read_key_call`, the
keys policy needs to be checked for the exportable usage flag. This
patch makes `copy_policy_to_call` able to fetch the policy of both a
key asset and a policy asset and copy it into the call, providing the
information necessary to do this check.
* Since the `create_key_call` was named, psa_create_key() has been
removed from PSA Crypto, and replaced with psa_import_key(). Rename
`create_key_call` to `import_key_call` to reflect this.
* In tests that use import (demo/28 and demo/32), set policy key size to
0.
In a key policy, size=0 means that the size of the key does not
matter. This change is necessary for the functioning of
psa_import_key, as the size of the data to be imported to the key is
unknown at policy-creation time.
Change-Id: I49ca3a6fa2d7d2e0deb958a15f9671f3d7c1365c
Signed-off-by: Nik Dewally <Nik.Dewally@arm.com>
diff --git a/tf_fuzz/tfz-cpp/calls/crypto_call.hpp b/tf_fuzz/tfz-cpp/calls/crypto_call.hpp
index 9d6b457..93eb0be 100644
--- a/tf_fuzz/tfz-cpp/calls/crypto_call.hpp
+++ b/tf_fuzz/tfz-cpp/calls/crypto_call.hpp
@@ -484,17 +484,16 @@
};
-class create_key_call : public key_call
+class import_key_call : public key_call
{
public:
- // Data members:
- // Methods:
- bool copy_call_to_asset (void) override;
- void fill_in_prep_code (void) override;
- void fill_in_command (void) override;
- create_key_call (tf_fuzz_info *test_state, long &asset_ser_no,
+ bool copy_call_to_asset (void) override;
+ void fill_in_prep_code (void) override;
+ void fill_in_command (void) override;
+ bool simulate (void) override;
+ import_key_call (tf_fuzz_info *test_state, long &asset_ser_no,
asset_search how_asset_found); // (constructor)
- ~create_key_call (void);
+ ~import_key_call (void);
protected:
@@ -533,14 +532,13 @@
class read_key_data_call : public key_call
{
public:
- // Data members:
- // Methods:
- bool copy_call_to_asset (void) override;
- void fill_in_prep_code (void) override;
- void fill_in_command (void) override;
- read_key_data_call (tf_fuzz_info *test_state, long &asset_ser_no,
- asset_search how_asset_found); // (constructor)
- ~read_key_data_call (void);
+ bool copy_call_to_asset (void) override;
+ bool simulate (void) override;
+ void fill_in_prep_code (void) override;
+ void fill_in_command (void) override;
+ read_key_data_call (tf_fuzz_info *test_state, long &asset_ser_no,
+ asset_search how_asset_found); // (constructor)
+ ~read_key_data_call (void);
protected: