TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / a7ec95f1ea08139290184dcaf2f5b450da51a4af / . / tests / suites / test_suite_psa_crypto.function
blob: 6be41c350461184fbef2842fcbb6bb3539aba99a [file] [log] [blame]
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]1/* BEGIN_HEADER */
2#include "psa/crypto.h"
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]3
4#include "mbedtls/md.h"
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]5/* END_HEADER */
6
7/* BEGIN_DEPENDENCIES
8 * depends_on:MBEDTLS_PSA_CRYPTO_C
9 * END_DEPENDENCIES
10 */
11
12/* BEGIN_CASE */
13void init_deinit()
14{
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]15 psa_status_t status;
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]16 int i;
17 for( i = 0; i <= 1; i++ )
18 {
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]19 status = psa_crypto_init( );
20 TEST_ASSERT( status == PSA_SUCCESS );
21 status = psa_crypto_init( );
22 TEST_ASSERT( status == PSA_SUCCESS );
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]23 mbedtls_psa_crypto_free( );
24 }
25}
26/* END_CASE */
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]27
28/* BEGIN_CASE */
29void import( char *hex, int type, int expected_status )
30{
31 int slot = 1;
32 psa_status_t status;
33 unsigned char *data = NULL;
34 size_t data_size;
35
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]36 data = unhexify_alloc( hex, &data_size );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]37 TEST_ASSERT( data != NULL );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]38 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
39
40 status = psa_import_key( slot, type, data, data_size );
41 TEST_ASSERT( status == (psa_status_t) expected_status );
42 if( status == PSA_SUCCESS )
43 TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
44
45exit:
46 mbedtls_free( data );
47 mbedtls_psa_crypto_free( );
48}
49/* END_CASE */
50
51/* BEGIN_CASE */
52void import_export( char *hex, int type_arg,
53 int expected_bits,
54 int export_size_delta,
55 int expected_export_status,
56 int canonical_input )
57{
58 int slot = 1;
59 int slot2 = slot + 1;
60 psa_key_type_t type = type_arg;
61 psa_status_t status;
62 unsigned char *data = NULL;
63 unsigned char *exported = NULL;
64 unsigned char *reexported = NULL;
65 size_t data_size;
66 size_t export_size;
67 size_t exported_length;
68 size_t reexported_length;
69 psa_key_type_t got_type;
70 size_t got_bits;
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]71 psa_key_policy_t policy = {0};
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]72
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]73 data = unhexify_alloc( hex, &data_size );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]74 TEST_ASSERT( data != NULL );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]75 export_size = (ssize_t) data_size + export_size_delta;
76 exported = mbedtls_calloc( 1, export_size );
77 TEST_ASSERT( exported != NULL );
78 if( ! canonical_input )
79 {
80 reexported = mbedtls_calloc( 1, export_size );
81 TEST_ASSERT( reexported != NULL );
82 }
83 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
84
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]85 psa_key_policy_init( &policy );
86
87 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
88 PSA_ALG_VENDOR_FLAG );
89
90 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
91
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]92 /* Import the key */
93 TEST_ASSERT( psa_import_key( slot, type,
94 data, data_size ) == PSA_SUCCESS );
95
96 /* Test the key information */
97 TEST_ASSERT( psa_get_key_information( slot,
98 &got_type, &got_bits ) ==
99 PSA_SUCCESS );
100 TEST_ASSERT( got_type == type );
101 TEST_ASSERT( got_bits == (size_t) expected_bits );
102
103 /* Export the key */
104 status = psa_export_key( slot,
105 exported, export_size,
106 &exported_length );
107 TEST_ASSERT( status == (psa_status_t) expected_export_status );
108 if( status != PSA_SUCCESS )
109 goto destroy;
110
111 if( canonical_input )
112 {
113 TEST_ASSERT( exported_length == data_size );
114 TEST_ASSERT( memcmp( exported, data, data_size ) == 0 );
115 }
116 else
117 {
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]118 TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS );
119
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]120 TEST_ASSERT( psa_import_key( slot2, type,
121 exported, export_size ) ==
122 PSA_SUCCESS );
123 TEST_ASSERT( psa_export_key( slot2,
124 reexported, export_size,
125 &reexported_length ) ==
126 PSA_SUCCESS );
127 TEST_ASSERT( reexported_length == exported_length );
128 TEST_ASSERT( memcmp( reexported, exported,
129 exported_length ) == 0 );
130 }
131
132destroy:
133 /* Destroy the key */
134 TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
135 TEST_ASSERT( psa_get_key_information(
136 slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
137
138exit:
139 mbedtls_free( data );
140 mbedtls_psa_crypto_free( );
141}
142/* END_CASE */
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]143
144/* BEGIN_CASE */
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]145void hash_finish( int alg_arg, char *input_hex, char *hash_hex )
146{
147 psa_algorithm_t alg = alg_arg;
148 unsigned char *input = NULL;
149 size_t input_size;
150 unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
151 size_t expected_hash_length;
152 unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE];
153 size_t actual_hash_length;
154 psa_hash_operation_t operation;
155
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]156 input = unhexify_alloc( input_hex, &input_size );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]157 TEST_ASSERT( input != NULL );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]158 expected_hash_length = unhexify( expected_hash, hash_hex );
159
160 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
161
162 TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
163 TEST_ASSERT( psa_hash_update( &operation,
164 input, input_size ) == PSA_SUCCESS );
165 TEST_ASSERT( psa_hash_finish( &operation,
166 actual_hash, sizeof( actual_hash ),
167 &actual_hash_length ) == PSA_SUCCESS );
168 TEST_ASSERT( actual_hash_length == expected_hash_length );
169 TEST_ASSERT( memcmp( expected_hash, actual_hash,
170 expected_hash_length ) == 0 );
171
172exit:
173 mbedtls_free( input );
174 mbedtls_psa_crypto_free( );
175}
176/* END_CASE */
177
178/* BEGIN_CASE */
179void hash_verify( int alg_arg, char *input_hex, char *hash_hex )
180{
181 psa_algorithm_t alg = alg_arg;
182 unsigned char *input = NULL;
183 size_t input_size;
184 unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
185 size_t expected_hash_length;
186 psa_hash_operation_t operation;
187
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]188 input = unhexify_alloc( input_hex, &input_size );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]189 TEST_ASSERT( input != NULL );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]190 expected_hash_length = unhexify( expected_hash, hash_hex );
191
192 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
193
194 TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
195 TEST_ASSERT( psa_hash_update( &operation,
196 input, input_size ) == PSA_SUCCESS );
197 TEST_ASSERT( psa_hash_verify( &operation,
198 expected_hash,
199 expected_hash_length ) == PSA_SUCCESS );
200
201exit:
202 mbedtls_free( input );
203 mbedtls_psa_crypto_free( );
204}
205/* END_CASE */
206
207/* BEGIN_CASE */
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]208void mac_verify( int key_type_arg, char *key_hex,
209 int alg_arg, char *iv_hex,
210 char *input_hex, char *mac_hex )
211{
212 int key_slot = 1;
213 psa_key_type_t key_type = key_type_arg;
214 psa_algorithm_t alg = alg_arg;
215 unsigned char *key = NULL;
216 size_t key_size;
217 unsigned char *iv = NULL;
218 size_t iv_size;
219 unsigned char *input = NULL;
220 size_t input_size;
221 unsigned char *expected_mac = NULL;
222 size_t expected_mac_size;
223 psa_mac_operation_t operation;
mohammad16036df908f2018-04-02 08:34:15 -0700[diff] [blame]224 psa_key_policy_t policy;
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]225
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]226 key = unhexify_alloc( key_hex, &key_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]227 TEST_ASSERT( key != NULL );
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]228 if( iv_hex[0] != 0 )
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]229 {
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]230 iv = unhexify_alloc( iv_hex, &iv_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]231 TEST_ASSERT( iv != NULL );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]232 }
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]233 input = unhexify_alloc( input_hex, &input_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]234 TEST_ASSERT( input != NULL );
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]235 expected_mac = unhexify_alloc( mac_hex, &expected_mac_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]236 TEST_ASSERT( expected_mac != NULL );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]237
238 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
239
mohammad16036df908f2018-04-02 08:34:15 -0700[diff] [blame]240 psa_key_policy_init( &policy );
241
242 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
243
244 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
245
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]246 TEST_ASSERT( psa_import_key( key_slot, key_type,
247 key, key_size ) == PSA_SUCCESS );
248 // TODO: support IV
249 TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
250 TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
251 TEST_ASSERT( psa_mac_update( &operation,
252 input, input_size ) == PSA_SUCCESS );
253 TEST_ASSERT( psa_mac_verify( &operation,
254 expected_mac,
255 expected_mac_size ) == PSA_SUCCESS );
256
257exit:
258 mbedtls_free( key );
259 mbedtls_free( iv );
260 mbedtls_free( input );
261 mbedtls_free( expected_mac );
262 psa_destroy_key( key_slot );
263 mbedtls_psa_crypto_free( );
264}
265/* END_CASE */
266
Moran Peker7f878502018-06-06 17:09:40 +0300[diff] [blame]267
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]268/* BEGIN_CASE */
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]269void cipher_encrypt( int alg_arg, int key_type_arg,
270 char *key_hex,
271 char *input_hex, char *output_hex,
272 int expected_status )
273{
274 int key_slot = 1;
275 psa_status_t status;
276 psa_key_type_t key_type = key_type_arg;
277 psa_algorithm_t alg = alg_arg;
278 unsigned char *key = NULL;
279 size_t key_size;
280 unsigned char iv[16] = {0};
281 unsigned char *input = NULL;
282 size_t input_size = 0;
283 unsigned char *output;
284 unsigned char *expected_output;
285 size_t expected_output_size;
286 size_t output_buffer_size = 0;
287 size_t function_output_length = 0;
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]288 size_t total_output_length = 0;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]289 psa_cipher_operation_t operation;
290
291
292 key = unhexify_alloc( key_hex, &key_size );
293 TEST_ASSERT( key != NULL );
294
295 input = unhexify_alloc( input_hex, &input_size );
296 TEST_ASSERT( input != NULL );
297
298 expected_output = unhexify_alloc( output_hex, &expected_output_size );
299 TEST_ASSERT( expected_output != NULL );
300
301 memset( iv, 0x2a, sizeof( iv ) );
302
303 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
304
305 TEST_ASSERT( psa_import_key( key_slot, key_type,
306 key, key_size ) == PSA_SUCCESS );
307
308 TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
309
310 TEST_ASSERT( psa_encrypt_set_iv( &operation,
311 iv, sizeof( iv ) ) == PSA_SUCCESS );
312 output_buffer_size = input_size + operation.block_size;
313 output = mbedtls_calloc( 1, output_buffer_size );
314
315 TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
316 output, output_buffer_size,
317 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]318 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]319 status = psa_cipher_finish( &operation,
320 output + function_output_length,
321 output_buffer_size,
322 &function_output_length );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]323 total_output_length += function_output_length;
324
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]325 TEST_ASSERT( status == (psa_status_t) expected_status );
326 if( expected_status == PSA_SUCCESS )
327 {
328 TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]329 TEST_ASSERT( total_output_length == expected_output_size );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]330 TEST_ASSERT( memcmp( expected_output, output,
331 expected_output_size ) == 0 );
332 }
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]333
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]334exit:
335 mbedtls_free( key );
336 mbedtls_free( input );
337 psa_destroy_key( key_slot );
338 mbedtls_psa_crypto_free( );
339}
340/* END_CASE */
341
342/* BEGIN_CASE */
343void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
344 char *key_hex,
345 char *input_hex,
346 int first_part_size, char *output_hex )
347{
348 int key_slot = 1;
349 psa_key_type_t key_type = key_type_arg;
350 psa_algorithm_t alg = alg_arg;
351 unsigned char *key = NULL;
352 size_t key_size;
353 unsigned char iv[16] = {0};
354 unsigned char *input = NULL;
355 size_t input_size = 0;
356 unsigned char *output;
357 unsigned char *expected_output;
358 size_t expected_output_size;
359 size_t output_buffer_size = 0;
360 size_t function_output_length = 0;
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]361 size_t total_output_length = 0;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]362 psa_cipher_operation_t operation;
363
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]364 key = unhexify_alloc( key_hex, &key_size );
365 TEST_ASSERT( key != NULL );
366
367 input = unhexify_alloc( input_hex, &input_size );
368 TEST_ASSERT( input != NULL );
369
370 expected_output = unhexify_alloc( output_hex, &expected_output_size );
371 TEST_ASSERT( expected_output != NULL );
372
373 memset( iv, 0x2a, sizeof( iv ) );
374
375 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
376
377 TEST_ASSERT( psa_import_key( key_slot, key_type,
378 key, key_size ) == PSA_SUCCESS );
379
380 TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
381
382 TEST_ASSERT( psa_encrypt_set_iv( &operation,
383 iv, sizeof( iv ) ) == PSA_SUCCESS );
384 output_buffer_size = input_size + operation.block_size;
385 output = mbedtls_calloc( 1, output_buffer_size );
386
387 TEST_ASSERT( (unsigned int) first_part_size < input_size );
388 TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
389 output, output_buffer_size,
390 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]391 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]392 TEST_ASSERT( psa_cipher_update( &operation,
393 input + first_part_size,
394 input_size - first_part_size,
395 output, output_buffer_size,
396 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]397 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]398 TEST_ASSERT( psa_cipher_finish( &operation,
399 output + function_output_length,
400 output_buffer_size,
401 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]402 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]403 TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
404
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]405 TEST_ASSERT( total_output_length == expected_output_size );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]406 TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
407
408exit:
409 mbedtls_free( key );
410 mbedtls_free( input );
411 psa_destroy_key( key_slot );
412 mbedtls_psa_crypto_free( );
413}
414/* END_CASE */
415
416/* BEGIN_CASE */
417void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
418 char *key_hex,
419 char *input_hex,
420 int first_part_size, char *output_hex )
421{
422 int key_slot = 1;
423
424 psa_key_type_t key_type = key_type_arg;
425 psa_algorithm_t alg = alg_arg;
426 unsigned char *key = NULL;
427 size_t key_size;
428 unsigned char iv[16] = {0};
429 unsigned char *input = NULL;
430 size_t input_size = 0;
431 unsigned char *output;
432 unsigned char *expected_output;
433 size_t expected_output_size;
434 size_t output_buffer_size = 0;
435 size_t function_output_length = 0;
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]436 size_t total_output_length = 0;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]437 psa_cipher_operation_t operation;
438
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]439 key = unhexify_alloc( key_hex, &key_size );
440 TEST_ASSERT( key != NULL );
441
442 input = unhexify_alloc( input_hex, &input_size );
443 TEST_ASSERT( input != NULL );
444
445 expected_output = unhexify_alloc( output_hex, &expected_output_size );
446 TEST_ASSERT( expected_output != NULL );
447
448 memset( iv, 0x2a, sizeof( iv ) );
449
450 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
451
452 TEST_ASSERT( psa_import_key( key_slot, key_type,
453 key, key_size ) == PSA_SUCCESS );
454
455 TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
456
457 TEST_ASSERT( psa_encrypt_set_iv( &operation,
458 iv, sizeof( iv ) ) == PSA_SUCCESS );
459
460 output_buffer_size = input_size + operation.block_size;
461 output = mbedtls_calloc( 1, output_buffer_size );
462
463 TEST_ASSERT( (unsigned int) first_part_size < input_size );
464 TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
465 output, output_buffer_size,
466 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]467 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]468 TEST_ASSERT( psa_cipher_update( &operation,
469 input + first_part_size,
470 input_size - first_part_size,
471 output, output_buffer_size,
472 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]473 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]474 TEST_ASSERT( psa_cipher_finish( &operation,
475 output + function_output_length,
476 output_buffer_size,
477 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]478 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]479 TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
480
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]481 TEST_ASSERT( total_output_length == expected_output_size );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]482 TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
483
484exit:
485 mbedtls_free( key );
486 mbedtls_free( input );
487 psa_destroy_key( key_slot );
488 mbedtls_psa_crypto_free( );
489}
490/* END_CASE */
491
492
493/* BEGIN_CASE */
494void cipher_decrypt( int alg_arg, int key_type_arg,
495 char *key_hex,
496 char *input_hex, char *output_hex,
497 int expected_status )
498{
499 int key_slot = 1;
500 psa_status_t status;
501 psa_key_type_t key_type = key_type_arg;
502 psa_algorithm_t alg = alg_arg;
503 unsigned char *key = NULL;
504 size_t key_size;
505 unsigned char iv[16] = {0};
506 unsigned char *input = NULL;
507 size_t input_size = 0;
508 unsigned char *output;
509 unsigned char *expected_output;
510 size_t expected_output_size;
511 size_t output_buffer_size = 0;
512 size_t function_output_length = 0;
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]513 size_t total_output_length = 0;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]514 psa_cipher_operation_t operation;
515
516
517 key = unhexify_alloc( key_hex, &key_size );
518 TEST_ASSERT( key != NULL );
519
520 input = unhexify_alloc( input_hex, &input_size );
521 TEST_ASSERT( input != NULL );
522
523 expected_output = unhexify_alloc( output_hex, &expected_output_size );
524 TEST_ASSERT( expected_output != NULL );
525
526 memset( iv, 0x2a, sizeof( iv ) );
527
528 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
529
530 TEST_ASSERT( psa_import_key( key_slot, key_type,
531 key, key_size ) == PSA_SUCCESS );
532
533 TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
534
535 TEST_ASSERT( psa_encrypt_set_iv( &operation,
536 iv, sizeof( iv ) ) == PSA_SUCCESS );
537
538 output_buffer_size = input_size + operation.block_size;
539 output = mbedtls_calloc( 1, output_buffer_size );
540
541 TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
542 output, output_buffer_size,
543 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]544 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]545 status = psa_cipher_finish( &operation,
546 output + function_output_length,
547 output_buffer_size,
548 &function_output_length );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]549 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]550 TEST_ASSERT( status == (psa_status_t) expected_status );
551
552 if( expected_status == PSA_SUCCESS )
553 {
554 TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame^]555 TEST_ASSERT( total_output_length == expected_output_size );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]556 TEST_ASSERT( memcmp( expected_output, output,
557 expected_output_size ) == 0 );
558 }
559
560
561exit:
562 mbedtls_free( key );
563 mbedtls_free( input );
564 psa_destroy_key( key_slot );
565 mbedtls_psa_crypto_free( );
566}
567/* END_CASE */
568
569
570/* BEGIN_CASE */
571void cipher_verify_output( int alg_arg, int key_type_arg,
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]572 char *key_hex,
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]573 char *input_hex )
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]574{
575 int key_slot = 1;
576 psa_key_type_t key_type = key_type_arg;
577 psa_algorithm_t alg = alg_arg;
578 unsigned char *key = NULL;
579 size_t key_size;
mohammad1603e6b67a12018-03-12 10:38:49 -0700[diff] [blame]580 unsigned char iv[16] = {0};
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]581 size_t iv_size = 16;
582 size_t iv_length = 0;
583 unsigned char *input = NULL;
584 size_t input_size = 0;
Moran Peker3205a652018-03-20 17:09:59 +0200[diff] [blame]585 unsigned char *output1;
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]586 size_t output1_size = 0;
587 size_t output1_length = 0;
Moran Peker3205a652018-03-20 17:09:59 +0200[diff] [blame]588 unsigned char *output2;
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]589 size_t output2_size = 0;
590 size_t output2_length = 0;
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]591 size_t function_output_length = 0;
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]592 psa_cipher_operation_t operation1;
593 psa_cipher_operation_t operation2;
594
595 key = unhexify_alloc( key_hex, &key_size );
596 TEST_ASSERT( key != NULL );
597
598 input = unhexify_alloc( input_hex, &input_size );
599 TEST_ASSERT( input != NULL );
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]600
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]601 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
602
603 TEST_ASSERT( psa_import_key( key_slot, key_type,
604 key, key_size ) == PSA_SUCCESS );
605
Moran Pekerf55e8042018-05-29 16:28:28 +0300[diff] [blame]606 TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
607 TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]608
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]609 TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
610 iv, iv_size,
611 &iv_length ) == PSA_SUCCESS );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]612 output1_size = input_size + operation1.block_size;
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]613 output1 = mbedtls_calloc( 1, output1_size );
614 TEST_ASSERT( output1 != NULL );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]615
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]616 TEST_ASSERT( psa_cipher_update( &operation1, input, input_size,
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]617 output1, output1_size,
618 &output1_length ) == PSA_SUCCESS );
619 TEST_ASSERT( psa_cipher_finish( &operation1,
620 output1 + output1_length, output1_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]621 &function_output_length ) == PSA_SUCCESS );
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]622
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]623 output1_length += function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]624
625 TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
626
627 output2_size = output1_length;
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]628 output2 = mbedtls_calloc( 1, output2_size );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]629
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]630 TEST_ASSERT( psa_encrypt_set_iv( &operation2,
631 iv, iv_length ) == PSA_SUCCESS );
632 TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
633 output2, output2_size,
634 &output2_length ) == PSA_SUCCESS );
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]635 function_output_length = 0;
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]636 TEST_ASSERT( psa_cipher_finish( &operation2,
637 output2 + output2_length,
638 output2_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]639 &function_output_length ) == PSA_SUCCESS );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]640
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]641 output2_length += function_output_length;
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]642
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]643 TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
644
645 TEST_ASSERT( input_size == output2_length );
646 TEST_ASSERT( memcmp( input, output2, input_size ) == 0 );
647
648exit:
649 mbedtls_free( key );
650 mbedtls_free( input );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]651 psa_destroy_key( key_slot );
652 mbedtls_psa_crypto_free( );
653}
654/* END_CASE */
655
656/* BEGIN_CASE */
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]657void cipher_verify_output_multipart( int alg_arg,
658 int key_type_arg,
659 char *key_hex,
660 char *input_hex,
661 int first_part_size )
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]662{
663 int key_slot = 1;
664 psa_key_type_t key_type = key_type_arg;
665 psa_algorithm_t alg = alg_arg;
666 unsigned char *key = NULL;
667 size_t key_size;
668 unsigned char iv[16] = {0};
669 size_t iv_size = 16;
670 size_t iv_length = 0;
671 unsigned char *input = NULL;
672 size_t input_size = 0;
673 unsigned char *output1;
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]674 size_t output1_buffer_size = 0;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]675 size_t output1_length = 0;
676 unsigned char *output2;
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]677 size_t output2_buffer_size = 0;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]678 size_t output2_length = 0;
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]679 size_t function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]680 psa_cipher_operation_t operation1;
681 psa_cipher_operation_t operation2;
682
683 key = unhexify_alloc( key_hex, &key_size );
684 TEST_ASSERT( key != NULL );
685
686 input = unhexify_alloc( input_hex, &input_size );
687 TEST_ASSERT( input != NULL );
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]688
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]689 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
690
691 TEST_ASSERT( psa_import_key( key_slot, key_type,
692 key, key_size ) == PSA_SUCCESS );
693
694 TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
695 TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
696
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]697 TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
698 iv, iv_size,
699 &iv_length ) == PSA_SUCCESS );
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]700 output1_buffer_size = input_size + operation1.block_size;
701 output1 = mbedtls_calloc( 1, output1_buffer_size );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]702
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]703 TEST_ASSERT( (unsigned int) first_part_size < input_size );
704
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]705 TEST_ASSERT( psa_cipher_update( &operation1, input, first_part_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]706 output1, output1_buffer_size,
707 &function_output_length ) == PSA_SUCCESS );
708 output1_length += function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]709
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]710 TEST_ASSERT( psa_cipher_update( &operation1,
711 input + first_part_size,
712 input_size - first_part_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]713 output1, output1_buffer_size,
714 &function_output_length ) == PSA_SUCCESS );
715 output1_length += function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]716
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]717 TEST_ASSERT( psa_cipher_finish( &operation1,
718 output1 + output1_length,
719 output1_buffer_size - output1_length,
720 &function_output_length ) == PSA_SUCCESS );
721 output1_length += function_output_length;
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]722
723 TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
724
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]725 output2_buffer_size = output1_length;
726 output2 = mbedtls_calloc( 1, output2_buffer_size );
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]727
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]728 TEST_ASSERT( psa_encrypt_set_iv( &operation2,
729 iv, iv_length ) == PSA_SUCCESS );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]730
731 TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]732 output2, output2_buffer_size,
733 &function_output_length ) == PSA_SUCCESS );
734 output2_length += function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]735
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]736 TEST_ASSERT( psa_cipher_update( &operation2,
737 output1 + first_part_size,
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]738 output1_length - first_part_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]739 output2, output2_buffer_size,
740 &function_output_length ) == PSA_SUCCESS );
741 output2_length += function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]742
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]743 TEST_ASSERT( psa_cipher_finish( &operation2,
744 output2 + output2_length,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]745 output2_buffer_size - output2_length,
746 &function_output_length ) == PSA_SUCCESS );
747 output2_length += function_output_length;
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]748
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]749 TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
750
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]751 TEST_ASSERT( input_size == output2_length );
mohammad1603e6b67a12018-03-12 10:38:49 -0700[diff] [blame]752 TEST_ASSERT( memcmp( input, output2, input_size ) == 0 );
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]753
754exit:
755 mbedtls_free( key );
756 mbedtls_free( input );
757 psa_destroy_key( key_slot );
758 mbedtls_psa_crypto_free( );
759}
760/* END_CASE */
Gilles Peskine7268afc2018-06-06 15:19:24 +0200[diff] [blame]761
762/* BEGIN_CASE */
763void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
764{
765 psa_key_type_t type = type_arg;
766 psa_algorithm_t alg = alg_arg;
767 size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg);
768 TEST_ASSERT( actual_size == (size_t) expected_size_arg );
769exit:
770 ;
771}
772/* END_CASE */
773
774/* BEGIN_CASE */
775void sign_deterministic( int key_type_arg, char *key_hex,
776 int alg_arg, char *input_hex, char *output_hex )
777{
778 int slot = 1;
779 psa_key_type_t key_type = key_type_arg;
780 psa_algorithm_t alg = alg_arg;
781 unsigned char *key_data = NULL;
782 size_t key_size;
783 size_t key_bits;
784 unsigned char *input_data = NULL;
785 size_t input_size;
786 unsigned char *output_data = NULL;
787 size_t output_size;
788 unsigned char *signature = NULL;
789 size_t signature_size;
790 size_t signature_length = 0xdeadbeef;
791 psa_key_policy_t policy = {0};
792
793 key_data = unhexify_alloc( key_hex, &key_size );
794 TEST_ASSERT( key_data != NULL );
795 input_data = unhexify_alloc( input_hex, &input_size );
796 TEST_ASSERT( input_data != NULL );
797 output_data = unhexify_alloc( output_hex, &output_size );
798 TEST_ASSERT( output_data != NULL );
799
800 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
801
802 psa_key_policy_init( &policy );
803
804 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
805
806 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
807
808 TEST_ASSERT( psa_import_key( slot, key_type,
809 key_data, key_size ) == PSA_SUCCESS );
810 TEST_ASSERT( psa_get_key_information( slot,
811 NULL,
812 &key_bits ) == PSA_SUCCESS );
813
814 signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits );
815 TEST_ASSERT( signature_size != 0 );
816 signature = mbedtls_calloc( 1, signature_size );
817 TEST_ASSERT( signature != NULL );
818
819 TEST_ASSERT( psa_asymmetric_sign( slot, alg,
820 input_data, input_size,
821 NULL, 0,
822 signature, signature_size,
823 &signature_length ) == PSA_SUCCESS );
824 TEST_ASSERT( signature_length == output_size );
825 TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 );
826
827exit:
828 psa_destroy_key( slot );
829 mbedtls_free( key_data );
830 mbedtls_free( input_data );
831 mbedtls_free( output_data );
832 mbedtls_free( signature );
833 mbedtls_psa_crypto_free( );
834}
835/* END_CASE */
836
837/* BEGIN_CASE */
838void sign_fail( int key_type_arg, char *key_hex,
839 int alg_arg, char *input_hex,
840 int signature_size, int expected_status_arg )
841{
842 int slot = 1;
843 psa_key_type_t key_type = key_type_arg;
844 psa_algorithm_t alg = alg_arg;
845 unsigned char *key_data = NULL;
846 size_t key_size;
847 unsigned char *input_data = NULL;
848 size_t input_size;
849 psa_status_t actual_status;
850 psa_status_t expected_status = expected_status_arg;
851 unsigned char *signature = NULL;
852 size_t signature_length = 0xdeadbeef;
853 psa_key_policy_t policy = {0};
854
855 key_data = unhexify_alloc( key_hex, &key_size );
856 TEST_ASSERT( key_data != NULL );
857 input_data = unhexify_alloc( input_hex, &input_size );
858 TEST_ASSERT( input_data != NULL );
859 signature = mbedtls_calloc( 1, signature_size );
860 TEST_ASSERT( signature != NULL );
861
862 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
863
864 psa_key_policy_init( &policy );
865
866 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
867
868 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
869
870 TEST_ASSERT( psa_import_key( slot, key_type,
871 key_data, key_size ) == PSA_SUCCESS );
872
873 actual_status = psa_asymmetric_sign( slot, alg,
874 input_data, input_size,
875 NULL, 0,
876 signature, signature_size,
877 &signature_length );
878 TEST_ASSERT( actual_status == expected_status );
879 TEST_ASSERT( signature_length == 0 );
880
881exit:
882 psa_destroy_key( slot );
883 mbedtls_free( key_data );
884 mbedtls_free( input_data );
885 mbedtls_free( signature );
886 mbedtls_psa_crypto_free( );
887}
888/* END_CASE */
889
890/* BEGIN_CASE */
891void key_policy( int usage_arg, int alg_arg )
892{
893 int key_slot = 1;
894 psa_key_type_t key_type = PSA_KEY_TYPE_AES;
895 unsigned char key[32] = {0};
896 psa_key_policy_t policy_set = {0};
897 psa_key_policy_t policy_get = {0};
898
899 memset( key, 0x2a, sizeof( key ) );
900
901 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
902
903 psa_key_policy_init(& policy_set );
904 psa_key_policy_init(& policy_get );
905
906 psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
907
908 TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg );
909
910 TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg );
911
912 TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
913
914 TEST_ASSERT( psa_import_key( key_slot, key_type,
915 key, sizeof( key ) ) == PSA_SUCCESS );
916
917 TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
918
919 TEST_ASSERT( policy_get.usage == policy_set.usage );
920 TEST_ASSERT( policy_get.alg == policy_set.alg );
921
922exit:
923 psa_destroy_key( key_slot );
924 mbedtls_psa_crypto_free( );
925}
926/* END_CASE */
927
928/* BEGIN_CASE */
929void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex )
930{
931 int key_slot = 1;
932 unsigned char* keypair = NULL;
933 size_t key_size = 0;
934 size_t signature_length = 0;
935 psa_key_policy_t policy = {0};
936 int actual_status = PSA_SUCCESS;
937
938 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
939
940 psa_key_policy_init( &policy );
941
942 psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
943
944 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
945
946 if( usage_arg & PSA_KEY_USAGE_EXPORT )
947 {
948 keypair = unhexify_alloc( key_hex, &key_size );
949 TEST_ASSERT( keypair != NULL );
950 TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
951 keypair, key_size ) == PSA_SUCCESS );
952 actual_status = psa_asymmetric_sign( key_slot,
953 ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0,
954 NULL, 0, &signature_length );
955 }
956
957 if( usage_arg & PSA_KEY_USAGE_SIGN )
958 {
959 keypair = unhexify_alloc( key_hex, &key_size );
960 TEST_ASSERT( keypair != NULL );
961 TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
962 keypair, key_size ) == PSA_SUCCESS );
963 actual_status = psa_export_key( key_slot, NULL, 0, NULL );
964 }
965
966 TEST_ASSERT( actual_status == expected_status );
967
968exit:
969 psa_destroy_key( key_slot );
970 mbedtls_free( keypair );
971 mbedtls_psa_crypto_free( );
972}
973/* END_CASE */
974
975/* BEGIN_CASE */
976void key_lifetime( int lifetime_arg )
977{
978 int key_slot = 1;
979 psa_key_type_t key_type = PSA_ALG_CBC_BASE;
980 unsigned char key[32] = {0};
981 psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
982 psa_key_lifetime_t lifetime_get;
983
984 memset( key, 0x2a, sizeof( key ) );
985
986 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
987
988 TEST_ASSERT( psa_set_key_lifetime( key_slot,
989 lifetime_set ) == PSA_SUCCESS );
990
991 TEST_ASSERT( psa_import_key( key_slot, key_type,
992 key, sizeof( key ) ) == PSA_SUCCESS );
993
994 TEST_ASSERT( psa_get_key_lifetime( key_slot,
995 &lifetime_get ) == PSA_SUCCESS );
996
997 TEST_ASSERT( lifetime_get == lifetime_set );
998
999exit:
1000 psa_destroy_key( key_slot );
1001 mbedtls_psa_crypto_free( );
1002}
1003/* END_CASE */
1004
1005
1006/* BEGIN_CASE */
1007void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg )
1008{
1009 int key_slot = 1;
1010 psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
1011 psa_status_t actual_status;
1012 psa_status_t expected_status = expected_status_arg;
1013
1014 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1015
1016 actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
1017
1018 if( actual_status == PSA_SUCCESS )
1019 actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
1020
1021 TEST_ASSERT( expected_status == actual_status );
1022
1023exit:
1024 psa_destroy_key( key_slot );
1025 mbedtls_psa_crypto_free( );
1026}
1027/* END_CASE */