Add Tests for psa crypto entropy incjection
Adjust code to handle and work with MBEDTLS_ENTROPY_BLOCK_SIZE definition option
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index c7accd1..1313492 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -91,8 +91,10 @@
*
* \param seed[in] Buffer containing the seed value to inject.
* \param seed_size Size of the \p seed buffer.
- * The size of the seed must be
- * at least #MBEDTLS_ENTROPY_MIN_PLATFORM bytes
+ * The size of the seed must be equal or larger than any
+ * of the values defined both in
+ * #MBEDTLS_ENTROPY_MIN_PLATFORM
+ * and in the #MBEDTLS_ENTROPY_BLOCK_SIZE defines
* and at most #MBEDTLS_ENTROPY_MAX_SEED_SIZE bytes.
*
* \retval #PSA_SUCCESS
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 77314f2..26bea19 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4234,8 +4234,12 @@
struct psa_its_info_t p_info;
if( global_data.initialized )
return( PSA_ERROR_NOT_PERMITTED );
- if( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) || ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+
+ if( ( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) ||
+ ( seed_size < MBEDTLS_ENTROPY_BLOCK_SIZE ) ) ||
+ ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
status = psa_its_get_info( MBED_RANDOM_SEED_ITS_UID, &p_info );
if( PSA_ITS_ERROR_KEY_NOT_FOUND == status ) /* No seed exists */
{
diff --git a/library/version_features.c b/library/version_features.c
index af81490..590f949 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -402,6 +402,9 @@
#if defined(MBEDTLS_ENTROPY_NV_SEED)
"MBEDTLS_ENTROPY_NV_SEED",
#endif /* MBEDTLS_ENTROPY_NV_SEED */
+#if defined(MBEDTLS_PSA_HAS_ITS_IO)
+ "MBEDTLS_PSA_HAS_ITS_IO",
+#endif /* MBEDTLS_PSA_HAS_ITS_IO */
#if defined(MBEDTLS_MEMORY_DEBUG)
"MBEDTLS_MEMORY_DEBUG",
#endif /* MBEDTLS_MEMORY_DEBUG */
diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data
index 1fc972a..bbc056d 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.data
+++ b/tests/suites/test_suite_psa_crypto_entropy.data
@@ -1,14 +1,15 @@
PSA validate entropy injection: good, minimum size
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_ERROR_NOT_PERMITTED
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_ERROR_NOT_PERMITTED
PSA validate entropy injection: good, max size
validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED
PSA validate entropy injection: bad, too big
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
PSA validate entropy injection: bad, too small
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
PSA validate entropy injection: before and after crypto_init
-run_entropy_inject_with_crypto_init:
\ No newline at end of file
+run_entropy_inject_with_crypto_init:
+
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index a134abe..1cb58b9 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -62,24 +62,24 @@
psa_its_status_t its_status;
psa_status_t status;
int i;
- uint8_t seed[MBEDTLS_ENTROPY_MIN_PLATFORM] = {0};
+ uint8_t seed[MBEDTLS_ENTROPY_BLOCK_SIZE] = {0};
/* fill seed in some data */
- for( i = 0; i < MBEDTLS_ENTROPY_MIN_PLATFORM; ++i)
+ for( i = 0; i < MBEDTLS_ENTROPY_BLOCK_SIZE; ++i)
{
seed[i] = i;
}
its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
- status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+ status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
TEST_ASSERT( status == PSA_SUCCESS );
its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
- status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+ status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
mbedtls_psa_crypto_free( );
/* The seed is written by nv_seed callback functions therefore the injection will fail */
- status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+ status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
exit:
psa_its_remove(MBED_RANDOM_SEED_ITS_UID);