Apply review feedback
* Reworked the cipher context once again to be more robustly defined
* Removed redundant memset
* Unified behaviour on failure between driver and software in cipher_finish
* Cipher test driver setup function now also returns early when its status
is overridden, like the other test driver functions
* Removed redundant test cases
* Added bad-order checking to verify the driver doesn't get called where
the spec says it won't.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
diff --git a/tests/src/drivers/cipher.c b/tests/src/drivers/cipher.c
index f9106d1..fa7c6a9 100644
--- a/tests/src/drivers/cipher.c
+++ b/tests/src/drivers/cipher.c
@@ -225,6 +225,10 @@
* struct. */
memset( operation, 0, sizeof( *operation ) );
+ /* Allow overriding return value for testing purposes */
+ if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
+ return( test_driver_cipher_hooks.forced_status );
+
/* Test driver supports AES-CTR only, to verify operation calls. */
if( alg != PSA_ALG_CTR ||
psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
@@ -258,10 +262,6 @@
operation->iv_required = 1;
operation->key_set = 1;
- /* Allow overriding return value for testing purposes */
- if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
- mbedtls_cipher_free( &operation->cipher );
-
return( test_driver_cipher_hooks.forced_status );
}
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
index 7b5d6bd..7abc256 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
@@ -56,14 +56,6 @@
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
-PSA symmetric encrypt: AES-CTR, 16 bytes, fallback w/ fake
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":1:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
-
-PSA symmetric encrypt: AES-CTR, 15 bytes, fallback w/ fake
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":1:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
-
PSA symmetric encrypt: AES-CTR, 16 bytes, fake
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
@@ -80,10 +72,6 @@
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
-PSA symmetric decrypt: AES-CTR, 16 bytes, fallback w/ fake
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":1:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
-
PSA symmetric decrypt: AES-CTR, 16 bytes, fake
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index af0c7ee..951670d 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -558,6 +558,9 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
test_driver_cipher_hooks = test_driver_cipher_hooks_init();
+ ASSERT_ALLOC( output, input->len + 16 );
+ output_buffer_size = input->len + 16;
+
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
@@ -574,6 +577,9 @@
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
+ status = psa_cipher_set_iv( &operation, iv->x, iv->len );
+ TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
/* Test setup call failure, decrypt */
status = psa_cipher_decrypt_setup( &operation,
@@ -582,6 +588,9 @@
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
+ status = psa_cipher_set_iv( &operation, iv->x, iv->len );
+ TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
/* Test IV setting failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
@@ -596,8 +605,15 @@
/* When setting the IV fails, it should call abort too */
TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- psa_cipher_abort( &operation );
+ /* Failure should prevent further operations from executing on the driver */
test_driver_cipher_hooks.hits = 0;
+ status = psa_cipher_update( &operation,
+ input->x, input->len,
+ output, output_buffer_size,
+ &function_output_length );
+ TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ psa_cipher_abort( &operation );
/* Test IV generation failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
@@ -608,15 +624,19 @@
test_driver_cipher_hooks.hits = 0;
test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
- ASSERT_ALLOC( output, 16 );
- status = psa_cipher_generate_iv( &operation, output, 16, &output_buffer_size );
- /* When setting the IV fails, it should call abort too */
+ status = psa_cipher_generate_iv( &operation, output, 16, &function_output_length );
+ /* When generating the IV fails, it should call abort too */
TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- mbedtls_free( output );
- output = NULL;
- psa_cipher_abort( &operation );
+ /* Failure should prevent further operations from executing on the driver */
test_driver_cipher_hooks.hits = 0;
+ status = psa_cipher_update( &operation,
+ input->x, input->len,
+ output, output_buffer_size,
+ &function_output_length );
+ TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ psa_cipher_abort( &operation );
/* Test update failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
@@ -632,8 +652,6 @@
test_driver_cipher_hooks.hits = 0;
test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
- ASSERT_ALLOC( output, input->len + 16 );
- output_buffer_size = input->len + 16;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
@@ -641,10 +659,15 @@
/* When the update call fails, it should call abort too */
TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- mbedtls_free( output );
- output = NULL;
- psa_cipher_abort( &operation );
+ /* Failure should prevent further operations from executing on the driver */
test_driver_cipher_hooks.hits = 0;
+ status = psa_cipher_update( &operation,
+ input->x, input->len,
+ output, output_buffer_size,
+ &function_output_length );
+ TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ psa_cipher_abort( &operation );
/* Test finish failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
@@ -659,8 +682,6 @@
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
- ASSERT_ALLOC( output, input->len + 16 );
- output_buffer_size = input->len + 16;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
@@ -677,10 +698,15 @@
/* When the finish call fails, it should call abort too */
TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
- mbedtls_free( output );
- output = NULL;
- psa_cipher_abort( &operation );
+ /* Failure should prevent further operations from executing on the driver */
test_driver_cipher_hooks.hits = 0;
+ status = psa_cipher_update( &operation,
+ input->x, input->len,
+ output, output_buffer_size,
+ &function_output_length );
+ TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
+ psa_cipher_abort( &operation );
exit:
psa_cipher_abort( &operation );