Merge pull request #142 from ARMmbed/psa-metadata_validation
Algorithm and key type encoding validation
diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile
index 3315a6e..2de5ffa 100644
--- a/crypto/tests/Makefile
+++ b/crypto/tests/Makefile
@@ -15,10 +15,12 @@
APPS := \
test_suite_psa_crypto \
+ test_suite_psa_crypto_metadata \
# Don't delete this line.
# Look up for associated function files
func.test_suite_psa_crypto := test_suite_psa_crypto
+func.test_suite_psa_crypto_metadata := test_suite_psa_crypto_metadata
.SILENT:
@@ -52,6 +54,7 @@
rm -rf data_files/ctr_drbg_seed data_files/hmac_drbg_seed data_files/mpi_write
test: $(APPS)
+ ./test_suite_psa_crypto_metadata
./test_suite_psa_crypto
# Create separate targets for generating embedded tests.
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 0105f7f..62d3920 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -424,9 +424,6 @@
*/
#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \
((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
-/** Whether a key type is an RSA key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_RSA(type) \
- (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
/** Raw data.
*
@@ -483,11 +480,17 @@
#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000)
/** RSA key pair (private and public key). */
#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000)
+/** Whether a key type is an RSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_RSA(type) \
+ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
/** DSA public key. */
#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000)
/** DSA key pair (private and public key). */
#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000)
+/** Whether a key type is an DSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_DSA(type) \
+ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000)
#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000)
@@ -522,7 +525,7 @@
* TLS Supported Groups Registry (formerly known as the
* TLS EC Named Curve Registry)
* https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
- * The values are defined by RFC 4492, RFC 7027 and RFC 7919. */
+ * The values are defined by RFC 8422 and RFC 7027. */
#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001)
#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002)
#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003)
@@ -553,11 +556,6 @@
#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c)
#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d)
#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e)
-#define PSA_ECC_CURVE_FFDHE_2048 ((psa_ecc_curve_t) 0x0100)
-#define PSA_ECC_CURVE_FFDHE_3072 ((psa_ecc_curve_t) 0x0101)
-#define PSA_ECC_CURVE_FFDHE_4096 ((psa_ecc_curve_t) 0x0102)
-#define PSA_ECC_CURVE_FFDHE_6144 ((psa_ecc_curve_t) 0x0103)
-#define PSA_ECC_CURVE_FFDHE_8192 ((psa_ecc_curve_t) 0x0104)
/** The block size of a block cipher.
*
@@ -741,7 +739,7 @@
#define PSA_ALG_HMAC(hash_alg) \
(PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_HMAC_HASH(hmac_alg) \
+#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
(PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
/** Whether the specified algorithm is an HMAC algorithm.
@@ -771,7 +769,7 @@
* This macro may return either 0 or 1 if \p alg is not a supported
* algorithm identifier.
*/
-#define PSA_ALG_IS_CIPHER_MAC(alg) \
+#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
(((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
PSA_ALG_CIPHER_MAC_BASE)
@@ -1636,21 +1634,21 @@
*/
#define PSA_HASH_SIZE(alg) \
( \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD2 ? 16 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD4 ? 16 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD5 ? 16 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \
0)
/** Start a multipart hash operation.
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index c42375b..edb240b 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -58,6 +58,9 @@
* should be the maximum size of a hash supported by the implementation,
* in bytes, and must be no smaller than this maximum.
*/
+/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226,
+ * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for
+ * HMAC-SHA3-512. */
#if defined(MBEDTLS_SHA512_C)
#define PSA_HASH_MAX_SIZE 64
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
@@ -160,9 +163,9 @@
* with the algorithm.
*/
#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \
- (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \
+ (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \
PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
- 0)
+ ((void)(key_type), (void)(key_bits), 0))
/** The maximum size of the output of psa_aead_encrypt(), in bytes.
*
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 29b7711..6fd905c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1555,7 +1555,7 @@
#if defined(MBEDTLS_MD_C)
if( PSA_ALG_IS_HMAC( alg ) )
{
- psa_algorithm_t hash_alg = PSA_ALG_HMAC_HASH( alg );
+ psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
if( hash_alg == 0 )
{
status = PSA_ERROR_NOT_SUPPORTED;
@@ -3265,7 +3265,7 @@
psa_status_t status;
status = psa_hmac_setup_internal( &hkdf->hmac,
salt, salt_length,
- PSA_ALG_HMAC_HASH( hash_alg ) );
+ PSA_ALG_HMAC_GET_HASH( hash_alg ) );
if( status != PSA_SUCCESS )
return( status );
status = psa_hash_update( &hkdf->hmac.hash_ctx,
diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make
index f06bdfb..5da5708 100644
--- a/scripts/mbed_crypto.make
+++ b/scripts/mbed_crypto.make
@@ -150,6 +150,8 @@
tests/suites/target_test.function \
tests/suites/test_suite_psa_crypto.data \
tests/suites/test_suite_psa_crypto.function \
+ tests/suites/test_suite_psa_crypto_metadata.data \
+ tests/suites/test_suite_psa_crypto_metadata.function \
# Don't delete this line.
OTHER_FILES := \
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
new file mode 100644
index 0000000..c9df6c7
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -0,0 +1,404 @@
+Hash: MD2
+depends_on:MBEDTLS_MD2_C
+hash_algorithm:PSA_ALG_MD2:16
+
+Hash: MD4
+depends_on:MBEDTLS_MD4_C
+hash_algorithm:PSA_ALG_MD4:16
+
+Hash: MD5
+depends_on:MBEDTLS_MD5_C
+hash_algorithm:PSA_ALG_MD5:16
+
+Hash: RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
+hash_algorithm:PSA_ALG_RIPEMD160:20
+
+Hash: SHA-1
+depends_on:MBEDTLS_SHA1_C
+hash_algorithm:PSA_ALG_SHA_1:20
+
+Hash: SHA-2 SHA-224
+depends_on:MBEDTLS_SHA256_C
+hash_algorithm:PSA_ALG_SHA_224:28
+
+Hash: SHA-2 SHA-256
+depends_on:MBEDTLS_SHA256_C
+hash_algorithm:PSA_ALG_SHA_256:32
+
+Hash: SHA-2 SHA-384
+depends_on:MBEDTLS_SHA512_C
+hash_algorithm:PSA_ALG_SHA_384:48
+
+Hash: SHA-2 SHA-512
+depends_on:MBEDTLS_SHA512_C
+hash_algorithm:PSA_ALG_SHA_512:64
+
+Hash: SHA-2 SHA-512/224
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
+hash_algorithm:PSA_ALG_SHA_512_224:28
+
+Hash: SHA-2 SHA-512/256
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
+hash_algorithm:PSA_ALG_SHA_512_256:32
+
+Hash: SHA-3 SHA3-224
+depends_on:MBEDTLS_SHA3_C
+hash_algorithm:PSA_ALG_SHA3_224:28
+
+Hash: SHA-3 SHA3-256
+depends_on:MBEDTLS_SHA3_C
+hash_algorithm:PSA_ALG_SHA3_256:32
+
+Hash: SHA-3 SHA3-384
+depends_on:MBEDTLS_SHA3_C
+hash_algorithm:PSA_ALG_SHA3_384:48
+
+Hash: SHA-3 SHA3-512
+depends_on:MBEDTLS_SHA3_C
+hash_algorithm:PSA_ALG_SHA3_512:64
+
+MAC: HMAC-MD2
+depends_on:MBEDTLS_MD2_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64
+
+MAC: HMAC-MD4
+depends_on:MBEDTLS_MD4_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64
+
+MAC: HMAC-MD5
+depends_on:MBEDTLS_MD5_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64
+
+MAC: HMAC-RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):20:64
+
+MAC: HMAC-SHA-1
+depends_on:MBEDTLS_SHA1_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):20:64
+
+MAC: HMAC-SHA-224
+depends_on:MBEDTLS_SHA256_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):28:64
+
+MAC: HMAC-SHA-256
+depends_on:MBEDTLS_SHA256_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):32:64
+
+MAC: HMAC-SHA-384
+depends_on:MBEDTLS_SHA512_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):48:128
+
+MAC: HMAC-SHA-512
+depends_on:MBEDTLS_SHA512_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):64:128
+
+MAC: HMAC-SHA-512/224
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):28:128
+
+MAC: HMAC-SHA-512/256
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):32:128
+
+MAC: HMAC-SHA3-224
+depends_on:MBEDTLS_SHA3_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):28:144
+
+MAC: HMAC-SHA3-256
+depends_on:MBEDTLS_SHA3_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):32:136
+
+MAC: HMAC-SHA3-384
+depends_on:MBEDTLS_SHA3_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):48:104
+
+MAC: HMAC-SHA3-512
+depends_on:MBEDTLS_SHA3_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):64:72
+
+MAC: CBC_MAC-AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
+
+MAC: CBC_MAC-AES-192
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
+
+MAC: CBC_MAC-AES-256
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
+
+MAC: CBC_MAC-3DES
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
+
+MAC: CMAC-AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
+
+MAC: CMAC-AES-192
+depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
+
+MAC: CMAC-AES-256
+depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
+
+MAC: CMAC-3DES
+depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
+
+MAC: GMAC-AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
+
+MAC: GMAC-AES-192
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
+
+MAC: GMAC-AES-256
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
+
+Cipher: ARC4
+depends_on:MBEDTLS_ARC4_C
+cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER
+
+Cipher: CTR
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER
+
+Cipher: CFB
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CFB
+cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER
+
+Cipher: OFB
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_OFB
+cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER
+
+Cipher: CBC-nopad
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0
+
+Cipher: CBC-PKCS#7
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+cipher_algorithm:PSA_ALG_CBC_PKCS7:0
+
+Cipher: XTS
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_XTS
+cipher_algorithm:PSA_ALG_XTS:0
+
+AEAD: CCM
+depends_on:MBEDTLS_CCM_C
+aead_algorithm:PSA_ALG_CCM:0:16
+
+AEAD: GCM
+depends_on:MBEDTLS_GCM_C
+aead_algorithm:PSA_ALG_GCM:0:16
+
+Asymmetric signature: RSA PKCS#1 v1.5 raw
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN
+
+Asymmetric signature: RSA PKCS#1 v1.5 SHA-256
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN
+
+Asymmetric signature: RSA PSS SHA-256
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS
+
+Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256
+depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C
+asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA
+
+Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
+depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C:MBEDTLS_DSA_DETERMINISTIC
+asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC
+
+Asymmetric signature: randomized ECDSA (no hashing)
+depends_on:MBEDTLS_ECDSA_C
+asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
+
+Asymmetric signature: SHA-256 + randomized ECDSA
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
+asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
+
+Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
+asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC
+
+Asymmetric encryption: RSA PKCS#1 v1.5
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0
+
+Asymmetric encryption: RSA OAEP using SHA-256
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_OAEP
+
+Key derivation: HKDF using SHA-256
+depends_on:MBEDTLS_SHA256_C
+key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
+
+Key type: raw data
+key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: HMAC
+key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: secret for key derivation
+key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: AES
+depends_on:MBEDTLS_AES_C
+key_type:PSA_KEY_TYPE_AES:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: DES
+depends_on:MBEDTLS_DES_C
+key_type:PSA_KEY_TYPE_DES:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: Camellia
+depends_on:MBEDTLS_CAMELLIA_C
+key_type:PSA_KEY_TYPE_CAMELLIA:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: ARC4
+depends_on:MBEDTLS_ARC4_C
+key_type:PSA_KEY_TYPE_ARC4:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: RSA public key
+depends_on:MBEDTLS_RSA_C
+key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA
+
+Key type: RSA key pair
+depends_on:MBEDTLS_RSA_C
+key_type:PSA_KEY_TYPE_RSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_RSA
+
+Key type: DSA public key
+depends_on:MBEDTLS_DSA_C
+key_type:PSA_KEY_TYPE_DSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_DSA
+
+Key type: DSA key pair
+depends_on:MBEDTLS_DSA_C
+key_type:PSA_KEY_TYPE_DSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_DSA
+
+ECC key types: sect163k1
+depends_on:MBEDTLS_ECP_DP_SECT163K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT163K1:163
+
+ECC key types: sect163r1
+depends_on:MBEDTLS_ECP_DP_SECT163R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT163R1:163
+
+ECC key types: sect163r2
+depends_on:MBEDTLS_ECP_DP_SECT163R2_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT163R2:163
+
+ECC key types: sect193r1
+depends_on:MBEDTLS_ECP_DP_SECT193R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT193R1:193
+
+ECC key types: sect193r2
+depends_on:MBEDTLS_ECP_DP_SECT193R2_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT193R2:193
+
+ECC key types: sect233k1
+depends_on:MBEDTLS_ECP_DP_SECT233K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT233K1:233
+
+ECC key types: sect233r1
+depends_on:MBEDTLS_ECP_DP_SECT233R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT233R1:233
+
+ECC key types: sect239k1
+depends_on:MBEDTLS_ECP_DP_SECT239K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT239K1:239
+
+ECC key types: sect283k1
+depends_on:MBEDTLS_ECP_DP_SECT283K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT283K1:283
+
+ECC key types: sect283r1
+depends_on:MBEDTLS_ECP_DP_SECT283R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT283R1:283
+
+ECC key types: sect409k1
+depends_on:MBEDTLS_ECP_DP_SECT409K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT409K1:409
+
+ECC key types: sect409r1
+depends_on:MBEDTLS_ECP_DP_SECT409R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT409R1:409
+
+ECC key types: sect571k1
+depends_on:MBEDTLS_ECP_DP_SECT571K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT571K1:571
+
+ECC key types: sect571r1
+depends_on:MBEDTLS_ECP_DP_SECT571R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT571R1:571
+
+ECC key types: secp160k1
+depends_on:MBEDTLS_ECP_DP_SECP160K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP160K1:160
+
+ECC key types: secp160r1
+depends_on:MBEDTLS_ECP_DP_SECP160R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP160R1:160
+
+ECC key types: secp160r2
+depends_on:MBEDTLS_ECP_DP_SECP160R2_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP160R2:160
+
+ECC key types: secp192k1
+depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP192K1:192
+
+ECC key types: secp192r1
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP192R1:192
+
+ECC key types: secp224k1
+depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP224K1:224
+
+ECC key types: secp224r1
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP224R1:224
+
+ECC key types: secp256k1
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP256K1:256
+
+ECC key types: secp256r1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP256R1:256
+
+ECC key types: secp384r1
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP384R1:384
+
+ECC key types: secp521r1
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP521R1:521
+
+ECC key types: Brainpool P256R1
+depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1:256
+
+ECC key types: Brainpool P384R1
+depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1:384
+
+ECC key types: Brainpool P512R1
+depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1:512
+
+ECC key types: Curve25519
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecc_key_types:PSA_ECC_CURVE_CURVE25519:255
+
+ECC key types: Curve448
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecc_key_types:PSA_ECC_CURVE_CURVE448:448
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
new file mode 100644
index 0000000..ca9d557
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -0,0 +1,356 @@
+/* BEGIN_HEADER */
+/* Test macros that provide metadata about algorithms and key types.
+ * This test suite only contains tests that don't require executing
+ * code. Other test suites validate macros that require creating a key
+ * and using it. */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+
+#include "psa/crypto.h"
+
+/* Flags for algorithm classification macros. There is a flag for every
+ * algorithm classification macro PSA_ALG_IS_xxx except for the
+ * category test macros, which are hard-coded in each
+ * category-specific function. The name of the flag is the name of the
+ * classification macro without the PSA_ prefix. */
+#define ALG_IS_VENDOR_DEFINED ( 1u << 0 )
+#define ALG_IS_HMAC ( 1u << 1 )
+#define ALG_IS_BLOCK_CIPHER_MAC ( 1u << 2 )
+#define ALG_IS_STREAM_CIPHER ( 1u << 3 )
+#define ALG_IS_RSA_PKCS1V15_SIGN ( 1u << 4 )
+#define ALG_IS_RSA_PSS ( 1u << 5 )
+#define ALG_IS_DSA ( 1u << 6 )
+#define ALG_DSA_IS_DETERMINISTIC ( 1u << 7 )
+#define ALG_IS_DETERMINISTIC_DSA ( 1u << 8 )
+#define ALG_IS_RANDOMIZED_DSA ( 1u << 9 )
+#define ALG_IS_ECDSA ( 1u << 10 )
+#define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 11 )
+#define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 12 )
+#define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 )
+#define ALG_IS_RSA_OAEP ( 1u << 14 )
+#define ALG_IS_HKDF ( 1u << 15 )
+
+/* Flags for key type classification macros. There is a flag for every
+ * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that
+ * are tested as derived from other macros. The name of the flag is
+ * the name of the classification macro without the PSA_ prefix. */
+#define KEY_TYPE_IS_VENDOR_DEFINED ( 1u << 0 )
+#define KEY_TYPE_IS_UNSTRUCTURED ( 1u << 1 )
+#define KEY_TYPE_IS_PUBLIC_KEY ( 1u << 2 )
+#define KEY_TYPE_IS_KEYPAIR ( 1u << 3 )
+#define KEY_TYPE_IS_RSA ( 1u << 4 )
+#define KEY_TYPE_IS_DSA ( 1u << 5 )
+#define KEY_TYPE_IS_ECC ( 1u << 6 )
+
+#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \
+ TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) )
+
+void algorithm_classification( psa_algorithm_t alg, unsigned flags )
+{
+ TEST_CLASSIFICATION_MACRO( ALG_IS_VENDOR_DEFINED, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_HMAC, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_BLOCK_CIPHER_MAC, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_STREAM_CIPHER, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PKCS1V15_SIGN, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PSS, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_DSA, alg, flags );
+ if ( PSA_ALG_IS_DSA( alg ) )
+ TEST_CLASSIFICATION_MACRO( ALG_DSA_IS_DETERMINISTIC, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_DSA, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_DSA, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_ECDSA, alg, flags );
+ if ( PSA_ALG_IS_ECDSA( alg ) )
+ TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags );
+exit: ;
+}
+
+void key_type_classification( psa_key_type_t type, unsigned flags )
+{
+ /* Macros tested based on the test case parameter */
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_VENDOR_DEFINED, type, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_UNSTRUCTURED, type, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_PUBLIC_KEY, type, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_KEYPAIR, type, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_RSA, type, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_ECC, type, flags );
+
+ /* Macros with derived semantics */
+ TEST_ASSERT( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ==
+ ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ||
+ PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
+ TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ==
+ ( PSA_KEY_TYPE_IS_ECC( type ) &&
+ PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
+ TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ==
+ ( PSA_KEY_TYPE_IS_ECC( type ) &&
+ PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) );
+
+exit: ;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void hash_algorithm( int alg_arg, int length_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ size_t length = length_arg;
+ psa_algorithm_t hmac_alg = PSA_ALG_HMAC( alg );
+ psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN( alg );
+ psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS( alg );
+ psa_algorithm_t dsa_alg = PSA_ALG_DSA( alg );
+ psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA( alg );
+ psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA( alg );
+ psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA( alg );
+ psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP( alg );
+ psa_algorithm_t hkdf_alg = PSA_ALG_HKDF( alg );
+
+ /* Algorithm classification */
+ TEST_ASSERT( PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ algorithm_classification( alg, 0 );
+
+ /* Dependent algorithms */
+ TEST_ASSERT( PSA_ALG_HMAC_GET_HASH( hmac_alg ) == alg );
+ TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ) == alg );
+ TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ) == alg );
+ TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( dsa_alg ) == alg );
+ TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ) == alg );
+ TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ) == alg );
+ TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ) == alg );
+ TEST_ASSERT( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ) == alg );
+ TEST_ASSERT( PSA_ALG_HKDF_GET_HASH( hkdf_alg ) == alg );
+
+ /* Hash length */
+ TEST_ASSERT( length == PSA_HASH_SIZE( alg ) );
+ TEST_ASSERT( length <= PSA_HASH_MAX_SIZE );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_algorithm( int alg_arg, int classification_flags,
+ int length_arg,
+ int key_type_arg, int key_bits_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ size_t length = length_arg;
+ size_t key_type = key_type_arg;
+ size_t key_bits = key_bits_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ algorithm_classification( alg, classification_flags );
+
+ /* Length */
+ TEST_ASSERT( length == PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
+ TEST_ASSERT( length <= PSA_MAC_MAX_SIZE );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hmac_algorithm( int alg_arg,
+ int length_arg,
+ int block_size_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
+ size_t block_size = block_size_arg;
+
+ TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) );
+ TEST_ASSERT( PSA_ALG_HMAC( hash_alg ) == alg );
+
+ TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE );
+
+ test_mac_algorithm( alg_arg, ALG_IS_HMAC, length_arg,
+ PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length_arg ) );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_algorithm( int alg_arg, int classification_flags )
+{
+ psa_algorithm_t alg = alg_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_algorithm( int alg_arg, int classification_flags,
+ int tag_length_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ size_t tag_length = tag_length_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ algorithm_classification( alg, classification_flags );
+
+ /* Tag length */
+ TEST_ASSERT( tag_length == PSA_AEAD_TAG_SIZE( alg ) );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_signature_algorithm( int alg_arg, int classification_flags )
+{
+ psa_algorithm_t alg = alg_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encryption_algorithm( int alg_arg, int classification_flags )
+{
+ psa_algorithm_t alg = alg_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_algorithm( int alg_arg, int classification_flags )
+{
+ psa_algorithm_t alg = alg_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_derivation_algorithm( int alg_arg, int classification_flags )
+{
+ psa_algorithm_t alg = alg_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_type( int type_arg, int classification_flags )
+{
+ psa_key_type_t type = type_arg;
+
+ key_type_classification( type, classification_flags );
+
+ /* For asymmetric types, check the corresponding pair/public type */
+ if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY )
+ {
+ psa_key_type_t pair_type = PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type );
+ TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( pair_type ) == type );
+ key_type_classification( pair_type,
+ ( classification_flags
+ & ~KEY_TYPE_IS_PUBLIC_KEY )
+ | KEY_TYPE_IS_KEYPAIR );
+ TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ) == type );
+ }
+ if( classification_flags & KEY_TYPE_IS_KEYPAIR )
+ {
+ psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
+ TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( public_type ) == type );
+ key_type_classification( public_type,
+ ( classification_flags
+ & ~KEY_TYPE_IS_KEYPAIR )
+ | KEY_TYPE_IS_PUBLIC_KEY );
+ TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ) == type );
+ }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecc_key_types( int curve_arg, int curve_bits_arg )
+{
+ psa_ecc_curve_t curve = curve_arg;
+ size_t curve_bits = curve_bits_arg;
+ psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
+ psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEYPAIR( curve );
+
+ test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY );
+ test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEYPAIR );
+
+ TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( public_type ) == curve );
+ TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( pair_type ) == curve );
+
+ /* Validate that the bit size is less than the maximum ECC bit size
+ * in this implementation. There's no parameter that should be equal
+ * to curve_bits and can be validated without creating a key. */
+ TEST_ASSERT( curve_bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS );
+}
+/* END_CASE */