TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 7c173082532b2014cfce0295104fc5be7357a65a^! / . / tests / suites / test_suite_psa_crypto.function
commit7c173082532b2014cfce0295104fc5be7357a65a[log] [tgz]
authorPaul Elliott <paul.elliott@arm.com>Sun Feb 26 18:44:45 2023 +0000
committerPaul Elliott <paul.elliott@arm.com>Tue Feb 28 17:23:29 2023 +0000
tree4ff77c35e5cc53c61b7ebb74a4bc4e3e27c4d817
parent8359c14c14d5ac9b8a6e163319650a8751e0c926 [diff] [blame]
Add num_ops tests to sign and verify interruptible hash

This is the only test usable for non-deterministic ECDSA, thus needs this
code path testing as well.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 844d9bc..0cf1f53 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function

@@ -6864,6 +6864,10 @@
  *
  * 3. Test the number of calls to psa_sign_hash_complete() required are as
  *    expected for different max_ops values.
+ *
+ * 4. Test that the number of ops done prior to starting signing and after abort
+ *    is zero and that each successful signing stage completes some ops (this is
+ *    not mandated by the PSA specification, but is currently the case).
  */
 void sign_verify_hash_interruptible(int key_type_arg, data_t *key_data,
                                     int alg_arg, data_t *input_data,
@@ -6879,6 +6883,8 @@
     psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
     psa_status_t status = PSA_OPERATION_INCOMPLETE;
     uint32_t max_ops = max_ops_arg;
+    uint32_t num_ops = 0;
+    uint32_t num_ops_prior = 0;
     size_t num_completes = 0;
     size_t min_completes = 0;
     size_t max_completes = 0;
@@ -6913,10 +6919,16 @@
     interruptible_signverify_get_minmax_completes(max_ops, PSA_SUCCESS,
                                                   &min_completes, &max_completes);
 
+    num_ops_prior = psa_sign_hash_get_num_ops(&sign_operation);
+    TEST_ASSERT(num_ops_prior == 0);
+
     /* Start performing the signature. */
     PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg,
                                    input_data->x, input_data->len));
 
+    num_ops_prior = psa_sign_hash_get_num_ops(&sign_operation);
+    TEST_ASSERT(num_ops_prior == 0);
+
     /* Continue performing the signature until complete. */
     do {
 
@@ -6925,6 +6937,17 @@
                                         &signature_length);
 
         num_completes++;
+
+        if (status == PSA_SUCCESS || status == PSA_OPERATION_INCOMPLETE) {
+            num_ops = psa_sign_hash_get_num_ops(&sign_operation);
+            /* We are asserting here that every complete makes progress
+             * (completes some ops), which is true of the internal
+             * implementation and probably any implementation, however this is
+             * not mandated by the PSA specification. */
+            TEST_ASSERT(num_ops > num_ops_prior);
+
+            num_ops_prior = num_ops;
+        }
     } while (status == PSA_OPERATION_INCOMPLETE);
 
     TEST_ASSERT(status == PSA_SUCCESS);
@@ -6934,6 +6957,9 @@
 
     PSA_ASSERT(psa_sign_hash_abort(&sign_operation));
 
+    num_ops = psa_sign_hash_get_num_ops(&sign_operation);
+    TEST_ASSERT(num_ops == 0);
+
     /* Check that the signature length looks sensible. */
     TEST_LE_U(signature_length, signature_size);
     TEST_ASSERT(signature_length > 0);