commit 9468bb241c5c4ad9d7353966cb2db93eff540dd5
author Netanel Gonen <netanel.gonen@arm.com> Mon Nov 19 11:53:55 2018 +0200
committer avolinski <alex.volinski@arm.com> Wed Nov 21 16:23:41 2018 +0200
tree 7701e9ec4c9de17411a6e088085e6c9287bb4894
parent 2bcd312cda2f1eafaf827ae389963f2591d8f043

Add Tests for psa crypto entropy incjection

tests/CMakeLists.txt

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 34658c8..95d60ff 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -111,6 +111,7 @@
 add_test_suite(pkwrite)
 add_test_suite(poly1305)
 add_test_suite(psa_crypto)
+add_test_suite(psa_crypto_entropy)
 add_test_suite(psa_crypto_hash)
 add_test_suite(psa_crypto_metadata)
 add_test_suite(psa_crypto_persistent_key)

tests/suites/test_suite_psa_crypto_entropy.data

diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data
new file mode 100644
index 0000000..1fc972a
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_entropy.data
@@ -0,0 +1,14 @@
+PSA validate entropy injection: good, minimum size
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_ERROR_NOT_PERMITTED
+
+PSA validate entropy injection: good, max size
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED
+
+PSA validate entropy injection: bad, too big
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
+
+PSA validate entropy injection: bad, too small
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
+
+PSA validate entropy injection: before and after crypto_init
+run_entropy_inject_with_crypto_init:
\ No newline at end of file

tests/suites/test_suite_psa_crypto_entropy.function

diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
new file mode 100644
index 0000000..a134abe
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -0,0 +1,88 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+#include "psa/crypto.h"
+#include "psa_prot_internal_storage.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_HAS_ITS_IO:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void validate_entropy_seed_injection( int seed_length_a,
+                                      int expected_status_a,
+                                      int seed_length_b,
+                                      int expected_status_b )
+{
+    psa_its_status_t its_status;
+    psa_status_t status;
+    uint8_t output[32] = { 0 };
+    uint8_t zeros[32] = { 0 };
+    uint8_t *seed = NULL;
+    int i;
+    int seed_size;
+    if( seed_length_a > seed_length_b)
+    {
+        seed_size = seed_length_a;
+    }
+    else
+    {
+        seed_size = seed_length_b;
+    }
+    ASSERT_ALLOC( seed, seed_size );
+    /* fill seed in some data */
+    for( i = 0; i < seed_size; ++i)
+    {
+        seed[i] = i;
+    }
+    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
+    status = mbedtls_psa_inject_entropy( seed, seed_length_a );
+    TEST_ASSERT( status == expected_status_a );
+    status = mbedtls_psa_inject_entropy( seed, seed_length_b );
+    TEST_ASSERT( status == expected_status_b );
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generate_random( output, sizeof( output ) ) == PSA_SUCCESS );
+    TEST_ASSERT( memcmp( output , zeros, sizeof( output ) ) != 0 );
+exit:
+    mbedtls_free( seed );
+    psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void run_entropy_inject_with_crypto_init( )
+{
+    psa_its_status_t its_status;
+    psa_status_t status;
+    int i;
+    uint8_t seed[MBEDTLS_ENTROPY_MIN_PLATFORM] = {0};
+    /* fill seed in some data */
+    for( i = 0; i < MBEDTLS_ENTROPY_MIN_PLATFORM; ++i)
+    {
+        seed[i] = i;
+    }
+    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    TEST_ASSERT( status == PSA_SUCCESS );
+    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+    mbedtls_psa_crypto_free( );
+    /* The seed is written by nv_seed callback functions therefore the injection will fail */
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+exit:
+    psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */