TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7268afc29e5fadfc7ade62a8dfa3dcf54aecef70 / . / tests / suites / test_suite_psa_crypto.function
blob: 5ac87214f16647a1bcdf21c82dd7cc7334dd4f41 [file] [log] [blame]
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]1/* BEGIN_HEADER */
2#include "psa/crypto.h"
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]3
4#include "mbedtls/md.h"
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]5/* END_HEADER */
6
7/* BEGIN_DEPENDENCIES
8 * depends_on:MBEDTLS_PSA_CRYPTO_C
9 * END_DEPENDENCIES
10 */
11
12/* BEGIN_CASE */
13void init_deinit()
14{
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]15 psa_status_t status;
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]16 int i;
17 for( i = 0; i <= 1; i++ )
18 {
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]19 status = psa_crypto_init( );
20 TEST_ASSERT( status == PSA_SUCCESS );
21 status = psa_crypto_init( );
22 TEST_ASSERT( status == PSA_SUCCESS );
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]23 mbedtls_psa_crypto_free( );
24 }
25}
26/* END_CASE */
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]27
28/* BEGIN_CASE */
29void import( char *hex, int type, int expected_status )
30{
31 int slot = 1;
32 psa_status_t status;
33 unsigned char *data = NULL;
34 size_t data_size;
35
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]36 data = unhexify_alloc( hex, &data_size );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]37 TEST_ASSERT( data != NULL );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]38 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
39
40 status = psa_import_key( slot, type, data, data_size );
41 TEST_ASSERT( status == (psa_status_t) expected_status );
42 if( status == PSA_SUCCESS )
43 TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
44
45exit:
46 mbedtls_free( data );
47 mbedtls_psa_crypto_free( );
48}
49/* END_CASE */
50
51/* BEGIN_CASE */
52void import_export( char *hex, int type_arg,
53 int expected_bits,
54 int export_size_delta,
55 int expected_export_status,
56 int canonical_input )
57{
58 int slot = 1;
59 int slot2 = slot + 1;
60 psa_key_type_t type = type_arg;
61 psa_status_t status;
62 unsigned char *data = NULL;
63 unsigned char *exported = NULL;
64 unsigned char *reexported = NULL;
65 size_t data_size;
66 size_t export_size;
67 size_t exported_length;
68 size_t reexported_length;
69 psa_key_type_t got_type;
70 size_t got_bits;
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]71 psa_key_policy_t policy = {0};
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]72
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]73 data = unhexify_alloc( hex, &data_size );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]74 TEST_ASSERT( data != NULL );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]75 export_size = (ssize_t) data_size + export_size_delta;
76 exported = mbedtls_calloc( 1, export_size );
77 TEST_ASSERT( exported != NULL );
78 if( ! canonical_input )
79 {
80 reexported = mbedtls_calloc( 1, export_size );
81 TEST_ASSERT( reexported != NULL );
82 }
83 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
84
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]85 psa_key_policy_init( &policy );
86
87 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
88 PSA_ALG_VENDOR_FLAG );
89
90 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
91
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]92 /* Import the key */
93 TEST_ASSERT( psa_import_key( slot, type,
94 data, data_size ) == PSA_SUCCESS );
95
96 /* Test the key information */
97 TEST_ASSERT( psa_get_key_information( slot,
98 &got_type, &got_bits ) ==
99 PSA_SUCCESS );
100 TEST_ASSERT( got_type == type );
101 TEST_ASSERT( got_bits == (size_t) expected_bits );
102
103 /* Export the key */
104 status = psa_export_key( slot,
105 exported, export_size,
106 &exported_length );
107 TEST_ASSERT( status == (psa_status_t) expected_export_status );
108 if( status != PSA_SUCCESS )
109 goto destroy;
110
111 if( canonical_input )
112 {
113 TEST_ASSERT( exported_length == data_size );
114 TEST_ASSERT( memcmp( exported, data, data_size ) == 0 );
115 }
116 else
117 {
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]118 TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS );
119
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]120 TEST_ASSERT( psa_import_key( slot2, type,
121 exported, export_size ) ==
122 PSA_SUCCESS );
123 TEST_ASSERT( psa_export_key( slot2,
124 reexported, export_size,
125 &reexported_length ) ==
126 PSA_SUCCESS );
127 TEST_ASSERT( reexported_length == exported_length );
128 TEST_ASSERT( memcmp( reexported, exported,
129 exported_length ) == 0 );
130 }
131
132destroy:
133 /* Destroy the key */
134 TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
135 TEST_ASSERT( psa_get_key_information(
136 slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
137
138exit:
139 mbedtls_free( data );
140 mbedtls_psa_crypto_free( );
141}
142/* END_CASE */
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]143
144/* BEGIN_CASE */
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]145void hash_finish( int alg_arg, char *input_hex, char *hash_hex )
146{
147 psa_algorithm_t alg = alg_arg;
148 unsigned char *input = NULL;
149 size_t input_size;
150 unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
151 size_t expected_hash_length;
152 unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE];
153 size_t actual_hash_length;
154 psa_hash_operation_t operation;
155
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]156 input = unhexify_alloc( input_hex, &input_size );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]157 TEST_ASSERT( input != NULL );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]158 expected_hash_length = unhexify( expected_hash, hash_hex );
159
160 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
161
162 TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
163 TEST_ASSERT( psa_hash_update( &operation,
164 input, input_size ) == PSA_SUCCESS );
165 TEST_ASSERT( psa_hash_finish( &operation,
166 actual_hash, sizeof( actual_hash ),
167 &actual_hash_length ) == PSA_SUCCESS );
168 TEST_ASSERT( actual_hash_length == expected_hash_length );
169 TEST_ASSERT( memcmp( expected_hash, actual_hash,
170 expected_hash_length ) == 0 );
171
172exit:
173 mbedtls_free( input );
174 mbedtls_psa_crypto_free( );
175}
176/* END_CASE */
177
178/* BEGIN_CASE */
179void hash_verify( int alg_arg, char *input_hex, char *hash_hex )
180{
181 psa_algorithm_t alg = alg_arg;
182 unsigned char *input = NULL;
183 size_t input_size;
184 unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
185 size_t expected_hash_length;
186 psa_hash_operation_t operation;
187
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]188 input = unhexify_alloc( input_hex, &input_size );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]189 TEST_ASSERT( input != NULL );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]190 expected_hash_length = unhexify( expected_hash, hash_hex );
191
192 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
193
194 TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
195 TEST_ASSERT( psa_hash_update( &operation,
196 input, input_size ) == PSA_SUCCESS );
197 TEST_ASSERT( psa_hash_verify( &operation,
198 expected_hash,
199 expected_hash_length ) == PSA_SUCCESS );
200
201exit:
202 mbedtls_free( input );
203 mbedtls_psa_crypto_free( );
204}
205/* END_CASE */
206
207/* BEGIN_CASE */
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]208void mac_verify( int key_type_arg, char *key_hex,
209 int alg_arg, char *iv_hex,
210 char *input_hex, char *mac_hex )
211{
212 int key_slot = 1;
213 psa_key_type_t key_type = key_type_arg;
214 psa_algorithm_t alg = alg_arg;
215 unsigned char *key = NULL;
216 size_t key_size;
217 unsigned char *iv = NULL;
218 size_t iv_size;
219 unsigned char *input = NULL;
220 size_t input_size;
221 unsigned char *expected_mac = NULL;
222 size_t expected_mac_size;
223 psa_mac_operation_t operation;
mohammad16036df908f2018-04-02 08:34:15 -0700[diff] [blame]224 psa_key_policy_t policy;
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]225
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]226 key = unhexify_alloc( key_hex, &key_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]227 TEST_ASSERT( key != NULL );
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]228 if( iv_hex[0] != 0 )
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]229 {
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]230 iv = unhexify_alloc( iv_hex, &iv_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]231 TEST_ASSERT( iv != NULL );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]232 }
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]233 input = unhexify_alloc( input_hex, &input_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]234 TEST_ASSERT( input != NULL );
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]235 expected_mac = unhexify_alloc( mac_hex, &expected_mac_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]236 TEST_ASSERT( expected_mac != NULL );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]237
238 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
239
mohammad16036df908f2018-04-02 08:34:15 -0700[diff] [blame]240 psa_key_policy_init( &policy );
241
242 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
243
244 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
245
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]246 TEST_ASSERT( psa_import_key( key_slot, key_type,
247 key, key_size ) == PSA_SUCCESS );
248 // TODO: support IV
249 TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
250 TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
251 TEST_ASSERT( psa_mac_update( &operation,
252 input, input_size ) == PSA_SUCCESS );
253 TEST_ASSERT( psa_mac_verify( &operation,
254 expected_mac,
255 expected_mac_size ) == PSA_SUCCESS );
256
257exit:
258 mbedtls_free( key );
259 mbedtls_free( iv );
260 mbedtls_free( input );
261 mbedtls_free( expected_mac );
262 psa_destroy_key( key_slot );
263 mbedtls_psa_crypto_free( );
264}
265/* END_CASE */
266
267/* BEGIN_CASE */
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]268void cipher_test_encrypt( int alg_arg, int key_type_arg,
269 char *key_hex,
270 char *input_hex, char *output_hex )
Moran Peker96cc00a2018-05-31 14:03:56 +0300[diff] [blame]271{
272 int key_slot = 1;
273 psa_key_type_t key_type = key_type_arg;
274 psa_algorithm_t alg = alg_arg;
275 unsigned char *key = NULL;
276 size_t key_size;
277 unsigned char iv[16] = {0};
278 unsigned char *input = NULL;
279 size_t input_size = 0;
280 unsigned char *output;
281 unsigned char *expected_output;
282 size_t output_size = 0;
283 size_t output_length = 0;
284 psa_cipher_operation_t operation;
285
286
287 key = unhexify_alloc( key_hex, &key_size );
288 TEST_ASSERT( key != NULL );
289
290 input = unhexify_alloc( input_hex, &input_size );
291 TEST_ASSERT( input != NULL );
292
293 expected_output = unhexify_alloc( output_hex, &output_size );
294 TEST_ASSERT( expected_output != NULL );
295
296 memset( iv, 0x2a, sizeof( iv ) );
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]297
Moran Peker96cc00a2018-05-31 14:03:56 +0300[diff] [blame]298 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
299
300 TEST_ASSERT( psa_import_key( key_slot, key_type,
301 key, key_size ) == PSA_SUCCESS );
302
303 TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
304
305 TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
306 sizeof( iv ) ) == PSA_SUCCESS );
307
308 output = mbedtls_calloc(0, output_size);
309
310 TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]311 output, output_size,
Moran Peker96cc00a2018-05-31 14:03:56 +0300[diff] [blame]312 &output_length) == PSA_SUCCESS );
313 TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
314 output_size, &output_length) == PSA_SUCCESS );
315
316 TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
317
318 TEST_ASSERT( input_size == output_size );
319 TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
320
321exit:
322 mbedtls_free( key );
323 mbedtls_free( input );
324 psa_destroy_key( key_slot );
325 mbedtls_psa_crypto_free( );
326}
327/* END_CASE */
mohammad1603b152d4d2018-04-11 23:51:20 -0700[diff] [blame]328
329/* BEGIN_CASE */
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]330void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
Moran Peker7691fb72018-05-31 16:15:31 +0300[diff] [blame]331 char *key_hex,
332 char *input_hex,
333 int first_part_size, char *output_hex )
334{
335 int key_slot = 1;
336 psa_key_type_t key_type = key_type_arg;
337 psa_algorithm_t alg = alg_arg;
338 unsigned char *key = NULL;
339 size_t key_size;
340 unsigned char iv[16] = {0};
341 unsigned char *input = NULL;
342 size_t input_size = 0;
343 unsigned char *output;
344 unsigned char *expected_output;
345 size_t output_size = 0;
346 size_t output_length = 0;
347 psa_cipher_operation_t operation;
348
349
350 key = unhexify_alloc( key_hex, &key_size );
351 TEST_ASSERT( key != NULL );
352
353 input = unhexify_alloc( input_hex, &input_size );
354 TEST_ASSERT( input != NULL );
355
356 expected_output = unhexify_alloc( output_hex, &output_size );
357 TEST_ASSERT( expected_output != NULL );
358
359 memset( iv, 0x2a, sizeof( iv ) );
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]360
Moran Peker7691fb72018-05-31 16:15:31 +0300[diff] [blame]361 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
362
363 TEST_ASSERT( psa_import_key( key_slot, key_type,
364 key, key_size ) == PSA_SUCCESS );
365
366 TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
367
368 TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]369 sizeof( iv ) ) == PSA_SUCCESS );
Moran Peker7691fb72018-05-31 16:15:31 +0300[diff] [blame]370
371 output = mbedtls_calloc(0, output_size);
372
373 TEST_ASSERT( (unsigned int)first_part_size < input_size );
374 TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]375 output, output_size,
Moran Peker7691fb72018-05-31 16:15:31 +0300[diff] [blame]376 &output_length) == PSA_SUCCESS );
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]377 TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size,
378 input_size - first_part_size,
379 output, output_size,
Moran Peker7691fb72018-05-31 16:15:31 +0300[diff] [blame]380 &output_length) == PSA_SUCCESS );
381 TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
382 output_size, &output_length) == PSA_SUCCESS );
383
384 TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
385
386 TEST_ASSERT( input_size == output_size );
387 TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
388
389exit:
390 mbedtls_free( key );
391 mbedtls_free( input );
392 psa_destroy_key( key_slot );
393 mbedtls_psa_crypto_free( );
394}
395/* END_CASE */
396
397/* BEGIN_CASE */
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]398void cipher_test_decrypt( int alg_arg, int key_type_arg,
mohammad1603b152d4d2018-04-11 23:51:20 -0700[diff] [blame]399 char *key_hex,
400 char *input_hex, char *output_hex )
401{
402 int key_slot = 1;
403 psa_key_type_t key_type = key_type_arg;
404 psa_algorithm_t alg = alg_arg;
405 unsigned char *key = NULL;
406 size_t key_size;
407 unsigned char iv[16] = {0};
408 unsigned char *input = NULL;
409 size_t input_size = 0;
410 unsigned char *output;
411 unsigned char *expected_output;
412 size_t output_size = 0;
413 size_t output_length = 0;
414 psa_cipher_operation_t operation;
415
416
417 key = unhexify_alloc( key_hex, &key_size );
418 TEST_ASSERT( key != NULL );
419
420 input = unhexify_alloc( input_hex, &input_size );
421 TEST_ASSERT( input != NULL );
422
423 expected_output = unhexify_alloc( output_hex, &output_size );
424 TEST_ASSERT( expected_output != NULL );
425
426 memset( iv, 0x2a, sizeof( iv ) );
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]427
mohammad1603b152d4d2018-04-11 23:51:20 -0700[diff] [blame]428 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
429
430 TEST_ASSERT( psa_import_key( key_slot, key_type,
431 key, key_size ) == PSA_SUCCESS );
432
433 TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
434
435 TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
436 sizeof( iv ) ) == PSA_SUCCESS );
437
Moran Pekerf55e8042018-05-29 16:28:28 +0300[diff] [blame]438 output = mbedtls_calloc(0, output_size);
mohammad1603b152d4d2018-04-11 23:51:20 -0700[diff] [blame]439
440 TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]441 output, output_size,
mohammad1603b152d4d2018-04-11 23:51:20 -0700[diff] [blame]442 &output_length) == PSA_SUCCESS );
Moran Pekerf55e8042018-05-29 16:28:28 +0300[diff] [blame]443 TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
Moran Peker0071b872018-04-22 20:16:58 +0300[diff] [blame]444 output_size, &output_length) == PSA_SUCCESS );
mohammad1603b152d4d2018-04-11 23:51:20 -0700[diff] [blame]445
446 TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
447
448 TEST_ASSERT( input_size == output_size );
449 TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
450
451exit:
452 mbedtls_free( key );
453 mbedtls_free( input );
454 psa_destroy_key( key_slot );
455 mbedtls_psa_crypto_free( );
456}
457/* END_CASE */
458
459
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]460/* BEGIN_CASE */
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]461void cipher_test_verify_output( int alg_arg, int key_type_arg,
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]462 char *key_hex,
463 char *input_hex )
464{
465 int key_slot = 1;
466 psa_key_type_t key_type = key_type_arg;
467 psa_algorithm_t alg = alg_arg;
468 unsigned char *key = NULL;
469 size_t key_size;
mohammad1603e6b67a12018-03-12 10:38:49 -0700[diff] [blame]470 unsigned char iv[16] = {0};
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]471 size_t iv_size = 16;
472 size_t iv_length = 0;
473 unsigned char *input = NULL;
474 size_t input_size = 0;
Moran Peker3205a652018-03-20 17:09:59 +0200[diff] [blame]475 unsigned char *output1;
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]476 size_t output1_size = 0;
477 size_t output1_length = 0;
Moran Peker3205a652018-03-20 17:09:59 +0200[diff] [blame]478 unsigned char *output2;
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]479 size_t output2_size = 0;
480 size_t output2_length = 0;
481 size_t tmp_output_length = 0;
482 psa_cipher_operation_t operation1;
483 psa_cipher_operation_t operation2;
484
485 key = unhexify_alloc( key_hex, &key_size );
486 TEST_ASSERT( key != NULL );
487
488 input = unhexify_alloc( input_hex, &input_size );
489 TEST_ASSERT( input != NULL );
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]490
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]491 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
492
493 TEST_ASSERT( psa_import_key( key_slot, key_type,
494 key, key_size ) == PSA_SUCCESS );
495
Moran Pekerf55e8042018-05-29 16:28:28 +0300[diff] [blame]496 TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
497 TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]498
mohammad16038481e742018-03-18 13:57:31 +0200[diff] [blame]499 TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv,
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]500 iv_size, &iv_length) == PSA_SUCCESS );
Moran Pekerf55e8042018-05-29 16:28:28 +0300[diff] [blame]501 output1_size = input_size;
502 output1 = mbedtls_calloc(0, output1_size);
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]503 TEST_ASSERT( psa_cipher_update( &operation1, input, input_size,
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]504 output1, output1_size,
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]505 &output1_length) == PSA_SUCCESS );
Moran Pekerf55e8042018-05-29 16:28:28 +0300[diff] [blame]506 TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]507 output1_size, &tmp_output_length) == PSA_SUCCESS );
508
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]509 output1_length += tmp_output_length;
510
511 TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
512
Moran Pekerf55e8042018-05-29 16:28:28 +0300[diff] [blame]513 output2_size = output1_length;
514 output2 = mbedtls_calloc(0, output2_size);
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]515
Moran Pekerf55e8042018-05-29 16:28:28 +0300[diff] [blame]516 TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]517 iv_length) == PSA_SUCCESS );
518 TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]519 output2, output2_size, &output2_length) == PSA_SUCCESS );
520 tmp_output_length = 0;
Moran Pekerf55e8042018-05-29 16:28:28 +0300[diff] [blame]521 TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]522 output2_size, &tmp_output_length) == PSA_SUCCESS );
Moran Pekerf55e8042018-05-29 16:28:28 +0300[diff] [blame]523
524 output2_length += tmp_output_length;
Gilles Peskine691dfb32018-06-06 15:18:02 +0200[diff] [blame]525
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]526 TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
527
528 TEST_ASSERT( input_size == output1_length );
529 TEST_ASSERT( output1_length == output2_length );
mohammad1603e6b67a12018-03-12 10:38:49 -0700[diff] [blame]530 TEST_ASSERT( memcmp( input, output2, input_size ) == 0 );
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]531
532exit:
533 mbedtls_free( key );
534 mbedtls_free( input );
535 psa_destroy_key( key_slot );
536 mbedtls_psa_crypto_free( );
537}
538/* END_CASE */
Gilles Peskine7268afc2018-06-06 15:19:24 +0200[diff] [blame^]539
540/* BEGIN_CASE */
541void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
542{
543 psa_key_type_t type = type_arg;
544 psa_algorithm_t alg = alg_arg;
545 size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg);
546 TEST_ASSERT( actual_size == (size_t) expected_size_arg );
547exit:
548 ;
549}
550/* END_CASE */
551
552/* BEGIN_CASE */
553void sign_deterministic( int key_type_arg, char *key_hex,
554 int alg_arg, char *input_hex, char *output_hex )
555{
556 int slot = 1;
557 psa_key_type_t key_type = key_type_arg;
558 psa_algorithm_t alg = alg_arg;
559 unsigned char *key_data = NULL;
560 size_t key_size;
561 size_t key_bits;
562 unsigned char *input_data = NULL;
563 size_t input_size;
564 unsigned char *output_data = NULL;
565 size_t output_size;
566 unsigned char *signature = NULL;
567 size_t signature_size;
568 size_t signature_length = 0xdeadbeef;
569 psa_key_policy_t policy = {0};
570
571 key_data = unhexify_alloc( key_hex, &key_size );
572 TEST_ASSERT( key_data != NULL );
573 input_data = unhexify_alloc( input_hex, &input_size );
574 TEST_ASSERT( input_data != NULL );
575 output_data = unhexify_alloc( output_hex, &output_size );
576 TEST_ASSERT( output_data != NULL );
577
578 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
579
580 psa_key_policy_init( &policy );
581
582 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
583
584 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
585
586 TEST_ASSERT( psa_import_key( slot, key_type,
587 key_data, key_size ) == PSA_SUCCESS );
588 TEST_ASSERT( psa_get_key_information( slot,
589 NULL,
590 &key_bits ) == PSA_SUCCESS );
591
592 signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits );
593 TEST_ASSERT( signature_size != 0 );
594 signature = mbedtls_calloc( 1, signature_size );
595 TEST_ASSERT( signature != NULL );
596
597 TEST_ASSERT( psa_asymmetric_sign( slot, alg,
598 input_data, input_size,
599 NULL, 0,
600 signature, signature_size,
601 &signature_length ) == PSA_SUCCESS );
602 TEST_ASSERT( signature_length == output_size );
603 TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 );
604
605exit:
606 psa_destroy_key( slot );
607 mbedtls_free( key_data );
608 mbedtls_free( input_data );
609 mbedtls_free( output_data );
610 mbedtls_free( signature );
611 mbedtls_psa_crypto_free( );
612}
613/* END_CASE */
614
615/* BEGIN_CASE */
616void sign_fail( int key_type_arg, char *key_hex,
617 int alg_arg, char *input_hex,
618 int signature_size, int expected_status_arg )
619{
620 int slot = 1;
621 psa_key_type_t key_type = key_type_arg;
622 psa_algorithm_t alg = alg_arg;
623 unsigned char *key_data = NULL;
624 size_t key_size;
625 unsigned char *input_data = NULL;
626 size_t input_size;
627 psa_status_t actual_status;
628 psa_status_t expected_status = expected_status_arg;
629 unsigned char *signature = NULL;
630 size_t signature_length = 0xdeadbeef;
631 psa_key_policy_t policy = {0};
632
633 key_data = unhexify_alloc( key_hex, &key_size );
634 TEST_ASSERT( key_data != NULL );
635 input_data = unhexify_alloc( input_hex, &input_size );
636 TEST_ASSERT( input_data != NULL );
637 signature = mbedtls_calloc( 1, signature_size );
638 TEST_ASSERT( signature != NULL );
639
640 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
641
642 psa_key_policy_init( &policy );
643
644 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
645
646 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
647
648 TEST_ASSERT( psa_import_key( slot, key_type,
649 key_data, key_size ) == PSA_SUCCESS );
650
651 actual_status = psa_asymmetric_sign( slot, alg,
652 input_data, input_size,
653 NULL, 0,
654 signature, signature_size,
655 &signature_length );
656 TEST_ASSERT( actual_status == expected_status );
657 TEST_ASSERT( signature_length == 0 );
658
659exit:
660 psa_destroy_key( slot );
661 mbedtls_free( key_data );
662 mbedtls_free( input_data );
663 mbedtls_free( signature );
664 mbedtls_psa_crypto_free( );
665}
666/* END_CASE */
667
668/* BEGIN_CASE */
669void key_policy( int usage_arg, int alg_arg )
670{
671 int key_slot = 1;
672 psa_key_type_t key_type = PSA_KEY_TYPE_AES;
673 unsigned char key[32] = {0};
674 psa_key_policy_t policy_set = {0};
675 psa_key_policy_t policy_get = {0};
676
677 memset( key, 0x2a, sizeof( key ) );
678
679 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
680
681 psa_key_policy_init(& policy_set );
682 psa_key_policy_init(& policy_get );
683
684 psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
685
686 TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg );
687
688 TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg );
689
690 TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
691
692 TEST_ASSERT( psa_import_key( key_slot, key_type,
693 key, sizeof( key ) ) == PSA_SUCCESS );
694
695 TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
696
697 TEST_ASSERT( policy_get.usage == policy_set.usage );
698 TEST_ASSERT( policy_get.alg == policy_set.alg );
699
700exit:
701 psa_destroy_key( key_slot );
702 mbedtls_psa_crypto_free( );
703}
704/* END_CASE */
705
706/* BEGIN_CASE */
707void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex )
708{
709 int key_slot = 1;
710 unsigned char* keypair = NULL;
711 size_t key_size = 0;
712 size_t signature_length = 0;
713 psa_key_policy_t policy = {0};
714 int actual_status = PSA_SUCCESS;
715
716 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
717
718 psa_key_policy_init( &policy );
719
720 psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
721
722 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
723
724 if( usage_arg & PSA_KEY_USAGE_EXPORT )
725 {
726 keypair = unhexify_alloc( key_hex, &key_size );
727 TEST_ASSERT( keypair != NULL );
728 TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
729 keypair, key_size ) == PSA_SUCCESS );
730 actual_status = psa_asymmetric_sign( key_slot,
731 ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0,
732 NULL, 0, &signature_length );
733 }
734
735 if( usage_arg & PSA_KEY_USAGE_SIGN )
736 {
737 keypair = unhexify_alloc( key_hex, &key_size );
738 TEST_ASSERT( keypair != NULL );
739 TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
740 keypair, key_size ) == PSA_SUCCESS );
741 actual_status = psa_export_key( key_slot, NULL, 0, NULL );
742 }
743
744 TEST_ASSERT( actual_status == expected_status );
745
746exit:
747 psa_destroy_key( key_slot );
748 mbedtls_free( keypair );
749 mbedtls_psa_crypto_free( );
750}
751/* END_CASE */
752
753/* BEGIN_CASE */
754void key_lifetime( int lifetime_arg )
755{
756 int key_slot = 1;
757 psa_key_type_t key_type = PSA_ALG_CBC_BASE;
758 unsigned char key[32] = {0};
759 psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
760 psa_key_lifetime_t lifetime_get;
761
762 memset( key, 0x2a, sizeof( key ) );
763
764 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
765
766 TEST_ASSERT( psa_set_key_lifetime( key_slot,
767 lifetime_set ) == PSA_SUCCESS );
768
769 TEST_ASSERT( psa_import_key( key_slot, key_type,
770 key, sizeof( key ) ) == PSA_SUCCESS );
771
772 TEST_ASSERT( psa_get_key_lifetime( key_slot,
773 &lifetime_get ) == PSA_SUCCESS );
774
775 TEST_ASSERT( lifetime_get == lifetime_set );
776
777exit:
778 psa_destroy_key( key_slot );
779 mbedtls_psa_crypto_free( );
780}
781/* END_CASE */
782
783
784/* BEGIN_CASE */
785void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg )
786{
787 int key_slot = 1;
788 psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
789 psa_status_t actual_status;
790 psa_status_t expected_status = expected_status_arg;
791
792 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
793
794 actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
795
796 if( actual_status == PSA_SUCCESS )
797 actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
798
799 TEST_ASSERT( expected_status == actual_status );
800
801exit:
802 psa_destroy_key( key_slot );
803 mbedtls_psa_crypto_free( );
804}
805/* END_CASE */