TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / a97cb8c303a5d1e12f4169d4bdbdf137c6874b25 / . / tests / suites / test_suite_psa_crypto.function
blob: 653467b3456f284df3ce471b9809c416518b25e1 [file] [log] [blame]
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]1/* BEGIN_HEADER */
2#include "psa/crypto.h"
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]3
4#include "mbedtls/md.h"
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]5/* END_HEADER */
6
7/* BEGIN_DEPENDENCIES
8 * depends_on:MBEDTLS_PSA_CRYPTO_C
9 * END_DEPENDENCIES
10 */
11
12/* BEGIN_CASE */
13void init_deinit()
14{
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]15 psa_status_t status;
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]16 int i;
17 for( i = 0; i <= 1; i++ )
18 {
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]19 status = psa_crypto_init( );
20 TEST_ASSERT( status == PSA_SUCCESS );
21 status = psa_crypto_init( );
22 TEST_ASSERT( status == PSA_SUCCESS );
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]23 mbedtls_psa_crypto_free( );
24 }
25}
26/* END_CASE */
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]27
28/* BEGIN_CASE */
29void import( char *hex, int type, int expected_status )
30{
31 int slot = 1;
32 psa_status_t status;
33 unsigned char *data = NULL;
34 size_t data_size;
35
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]36 data = unhexify_alloc( hex, &data_size );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]37 TEST_ASSERT( data != NULL );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]38 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
39
40 status = psa_import_key( slot, type, data, data_size );
41 TEST_ASSERT( status == (psa_status_t) expected_status );
42 if( status == PSA_SUCCESS )
43 TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
44
45exit:
46 mbedtls_free( data );
47 mbedtls_psa_crypto_free( );
48}
49/* END_CASE */
50
51/* BEGIN_CASE */
52void import_export( char *hex, int type_arg,
53 int expected_bits,
54 int export_size_delta,
55 int expected_export_status,
56 int canonical_input )
57{
58 int slot = 1;
59 int slot2 = slot + 1;
60 psa_key_type_t type = type_arg;
61 psa_status_t status;
62 unsigned char *data = NULL;
63 unsigned char *exported = NULL;
64 unsigned char *reexported = NULL;
65 size_t data_size;
66 size_t export_size;
67 size_t exported_length;
68 size_t reexported_length;
69 psa_key_type_t got_type;
70 size_t got_bits;
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame^]71 psa_key_policy_t policy = {0};
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]72
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]73 data = unhexify_alloc( hex, &data_size );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]74 TEST_ASSERT( data != NULL );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]75 export_size = (ssize_t) data_size + export_size_delta;
76 exported = mbedtls_calloc( 1, export_size );
77 TEST_ASSERT( exported != NULL );
78 if( ! canonical_input )
79 {
80 reexported = mbedtls_calloc( 1, export_size );
81 TEST_ASSERT( reexported != NULL );
82 }
83 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
84
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame^]85 psa_key_policy_init( &policy );
86
87 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
88 PSA_ALG_VENDOR_FLAG );
89
90 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
91
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]92 /* Import the key */
93 TEST_ASSERT( psa_import_key( slot, type,
94 data, data_size ) == PSA_SUCCESS );
95
96 /* Test the key information */
97 TEST_ASSERT( psa_get_key_information( slot,
98 &got_type, &got_bits ) ==
99 PSA_SUCCESS );
100 TEST_ASSERT( got_type == type );
101 TEST_ASSERT( got_bits == (size_t) expected_bits );
102
103 /* Export the key */
104 status = psa_export_key( slot,
105 exported, export_size,
106 &exported_length );
107 TEST_ASSERT( status == (psa_status_t) expected_export_status );
108 if( status != PSA_SUCCESS )
109 goto destroy;
110
111 if( canonical_input )
112 {
113 TEST_ASSERT( exported_length == data_size );
114 TEST_ASSERT( memcmp( exported, data, data_size ) == 0 );
115 }
116 else
117 {
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame^]118 TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS );
119
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]120 TEST_ASSERT( psa_import_key( slot2, type,
121 exported, export_size ) ==
122 PSA_SUCCESS );
123 TEST_ASSERT( psa_export_key( slot2,
124 reexported, export_size,
125 &reexported_length ) ==
126 PSA_SUCCESS );
127 TEST_ASSERT( reexported_length == exported_length );
128 TEST_ASSERT( memcmp( reexported, exported,
129 exported_length ) == 0 );
130 }
131
132destroy:
133 /* Destroy the key */
134 TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
135 TEST_ASSERT( psa_get_key_information(
136 slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
137
138exit:
139 mbedtls_free( data );
140 mbedtls_psa_crypto_free( );
141}
142/* END_CASE */
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]143
144/* BEGIN_CASE */
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]145void hash_finish( int alg_arg, char *input_hex, char *hash_hex )
146{
147 psa_algorithm_t alg = alg_arg;
148 unsigned char *input = NULL;
149 size_t input_size;
150 unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
151 size_t expected_hash_length;
152 unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE];
153 size_t actual_hash_length;
154 psa_hash_operation_t operation;
155
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]156 input = unhexify_alloc( input_hex, &input_size );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]157 TEST_ASSERT( input != NULL );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]158 expected_hash_length = unhexify( expected_hash, hash_hex );
159
160 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
161
162 TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
163 TEST_ASSERT( psa_hash_update( &operation,
164 input, input_size ) == PSA_SUCCESS );
165 TEST_ASSERT( psa_hash_finish( &operation,
166 actual_hash, sizeof( actual_hash ),
167 &actual_hash_length ) == PSA_SUCCESS );
168 TEST_ASSERT( actual_hash_length == expected_hash_length );
169 TEST_ASSERT( memcmp( expected_hash, actual_hash,
170 expected_hash_length ) == 0 );
171
172exit:
173 mbedtls_free( input );
174 mbedtls_psa_crypto_free( );
175}
176/* END_CASE */
177
178/* BEGIN_CASE */
179void hash_verify( int alg_arg, char *input_hex, char *hash_hex )
180{
181 psa_algorithm_t alg = alg_arg;
182 unsigned char *input = NULL;
183 size_t input_size;
184 unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
185 size_t expected_hash_length;
186 psa_hash_operation_t operation;
187
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]188 input = unhexify_alloc( input_hex, &input_size );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]189 TEST_ASSERT( input != NULL );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]190 expected_hash_length = unhexify( expected_hash, hash_hex );
191
192 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
193
194 TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
195 TEST_ASSERT( psa_hash_update( &operation,
196 input, input_size ) == PSA_SUCCESS );
197 TEST_ASSERT( psa_hash_verify( &operation,
198 expected_hash,
199 expected_hash_length ) == PSA_SUCCESS );
200
201exit:
202 mbedtls_free( input );
203 mbedtls_psa_crypto_free( );
204}
205/* END_CASE */
206
207/* BEGIN_CASE */
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]208void mac_verify( int key_type_arg, char *key_hex,
209 int alg_arg, char *iv_hex,
210 char *input_hex, char *mac_hex )
211{
212 int key_slot = 1;
213 psa_key_type_t key_type = key_type_arg;
214 psa_algorithm_t alg = alg_arg;
215 unsigned char *key = NULL;
216 size_t key_size;
217 unsigned char *iv = NULL;
218 size_t iv_size;
219 unsigned char *input = NULL;
220 size_t input_size;
221 unsigned char *expected_mac = NULL;
222 size_t expected_mac_size;
223 psa_mac_operation_t operation;
224
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]225 key = unhexify_alloc( key_hex, &key_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]226 TEST_ASSERT( key != NULL );
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]227 if( iv_hex[0] != 0 )
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]228 {
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]229 iv = unhexify_alloc( iv_hex, &iv_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]230 TEST_ASSERT( iv != NULL );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]231 }
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]232 input = unhexify_alloc( input_hex, &input_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]233 TEST_ASSERT( input != NULL );
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]234 expected_mac = unhexify_alloc( mac_hex, &expected_mac_size );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]235 TEST_ASSERT( expected_mac != NULL );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]236
237 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
238
239 TEST_ASSERT( psa_import_key( key_slot, key_type,
240 key, key_size ) == PSA_SUCCESS );
241 // TODO: support IV
242 TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
243 TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
244 TEST_ASSERT( psa_mac_update( &operation,
245 input, input_size ) == PSA_SUCCESS );
246 TEST_ASSERT( psa_mac_verify( &operation,
247 expected_mac,
248 expected_mac_size ) == PSA_SUCCESS );
249
250exit:
251 mbedtls_free( key );
252 mbedtls_free( iv );
253 mbedtls_free( input );
254 mbedtls_free( expected_mac );
255 psa_destroy_key( key_slot );
256 mbedtls_psa_crypto_free( );
257}
258/* END_CASE */
259
260/* BEGIN_CASE */
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame]261void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
262{
263 psa_key_type_t type = type_arg;
264 psa_algorithm_t alg = alg_arg;
265 size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg);
266 TEST_ASSERT( actual_size == (size_t) expected_size_arg );
267exit:
268 ;
269}
270/* END_CASE */
271
272/* BEGIN_CASE */
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]273void sign_deterministic( int key_type_arg, char *key_hex,
274 int alg_arg, char *input_hex, char *output_hex )
275{
276 int slot = 1;
277 psa_key_type_t key_type = key_type_arg;
278 psa_algorithm_t alg = alg_arg;
279 unsigned char *key_data = NULL;
280 size_t key_size;
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame]281 size_t key_bits;
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]282 unsigned char *input_data = NULL;
283 size_t input_size;
284 unsigned char *output_data = NULL;
285 size_t output_size;
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame]286 unsigned char *signature = NULL;
287 size_t signature_size;
Gilles Peskine93aa0332018-02-03 23:58:03 +0100[diff] [blame]288 size_t signature_length = 0xdeadbeef;
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame^]289 psa_key_policy_t policy = {0};
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]290
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]291 key_data = unhexify_alloc( key_hex, &key_size );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]292 TEST_ASSERT( key_data != NULL );
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]293 input_data = unhexify_alloc( input_hex, &input_size );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]294 TEST_ASSERT( input_data != NULL );
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]295 output_data = unhexify_alloc( output_hex, &output_size );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]296 TEST_ASSERT( output_data != NULL );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]297
298 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
299
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame^]300 psa_key_policy_init( &policy );
301
302 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
303
304 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
305
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]306 TEST_ASSERT( psa_import_key( slot, key_type,
307 key_data, key_size ) == PSA_SUCCESS );
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame]308 TEST_ASSERT( psa_get_key_information( slot,
309 NULL,
310 &key_bits ) == PSA_SUCCESS );
311
312 signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits );
313 TEST_ASSERT( signature_size != 0 );
314 signature = mbedtls_calloc( 1, signature_size );
315 TEST_ASSERT( signature != NULL );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]316
317 TEST_ASSERT( psa_asymmetric_sign( slot, alg,
318 input_data, input_size,
319 NULL, 0,
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame]320 signature, signature_size,
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]321 &signature_length ) == PSA_SUCCESS );
322 TEST_ASSERT( signature_length == output_size );
323 TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 );
324
325exit:
326 psa_destroy_key( slot );
327 mbedtls_free( key_data );
328 mbedtls_free( input_data );
329 mbedtls_free( output_data );
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame]330 mbedtls_free( signature );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]331 mbedtls_psa_crypto_free( );
332}
333/* END_CASE */
334
335/* BEGIN_CASE */
336void sign_fail( int key_type_arg, char *key_hex,
337 int alg_arg, char *input_hex,
338 int signature_size, int expected_status_arg )
339{
340 int slot = 1;
341 psa_key_type_t key_type = key_type_arg;
342 psa_algorithm_t alg = alg_arg;
343 unsigned char *key_data = NULL;
344 size_t key_size;
345 unsigned char *input_data = NULL;
346 size_t input_size;
347 psa_status_t actual_status;
348 psa_status_t expected_status = expected_status_arg;
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]349 unsigned char *signature = NULL;
Gilles Peskine93aa0332018-02-03 23:58:03 +0100[diff] [blame]350 size_t signature_length = 0xdeadbeef;
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame^]351 psa_key_policy_t policy = {0};
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]352
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]353 key_data = unhexify_alloc( key_hex, &key_size );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]354 TEST_ASSERT( key_data != NULL );
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]355 input_data = unhexify_alloc( input_hex, &input_size );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]356 TEST_ASSERT( input_data != NULL );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]357 signature = mbedtls_calloc( 1, signature_size );
358 TEST_ASSERT( signature != NULL );
359
360 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
361
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame^]362 psa_key_policy_init( &policy );
363
364 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
365
366 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
367
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]368 TEST_ASSERT( psa_import_key( slot, key_type,
369 key_data, key_size ) == PSA_SUCCESS );
370
371 actual_status = psa_asymmetric_sign( slot, alg,
372 input_data, input_size,
373 NULL, 0,
374 signature, signature_size,
375 &signature_length );
376 TEST_ASSERT( actual_status == expected_status );
Gilles Peskine93aa0332018-02-03 23:58:03 +0100[diff] [blame]377 TEST_ASSERT( signature_length == 0 );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]378
379exit:
380 psa_destroy_key( slot );
381 mbedtls_free( key_data );
382 mbedtls_free( input_data );
383 mbedtls_free( signature );
384 mbedtls_psa_crypto_free( );
385}
386/* END_CASE */
mohammad16038cc1cee2018-03-28 01:21:33 +0300[diff] [blame]387
388/* BEGIN_CASE */
389void key_policy( int usage_arg, int alg_arg )
390{
391 int key_slot = 1;
392 psa_key_type_t key_type = PSA_ALG_CBC_BASE;
393 unsigned char key[32] = {0};
394 psa_key_policy_t policy_set = {0};
395 psa_key_policy_t policy_get = {0};
396
397 memset( key, 0x2a, sizeof( key ) );
398
399 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
400
401 psa_key_policy_init(& policy_set );
402 psa_key_policy_init(& policy_get );
403
404 psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
405
406 TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg );
407
408 TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg );
409
410 TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
411
412 TEST_ASSERT( psa_import_key( key_slot, key_type,
413 key, sizeof( key ) ) == PSA_SUCCESS );
414
415 TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
416
417 TEST_ASSERT( policy_get.usage == policy_set.usage );
418 TEST_ASSERT( policy_get.alg == policy_set.alg );
419
420exit:
421 psa_destroy_key( key_slot );
422 mbedtls_psa_crypto_free( );
423}
424/* END_CASE */
425