TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / ed34695e08f01dcee3e6079cc103301efbb16a39 / . / tests / suites / test_suite_psa_crypto.function
blob: 9128e8fc554a11a65a246f9c859d27bd30ec5b79 [file] [log] [blame]
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]1/* BEGIN_HEADER */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]2#include <stdint.h>
mohammad160327010052018-07-03 13:16:15 +0300[diff] [blame]3
4#if defined(MBEDTLS_PSA_CRYPTO_SPM)
5#include "spm/psa_defs.h"
6#endif
7
Gilles Peskine0b352bc2018-06-28 00:16:11 +0200[diff] [blame]8#include "mbedtls/asn1write.h"
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]9#include "psa/crypto.h"
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]10
11#if(UINT32_MAX > SIZE_MAX)
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]12#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX )
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]13#else
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]14#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) 1
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]15#endif
Gilles Peskinee66ca3b2018-06-20 00:11:45 +0200[diff] [blame]16
Jaeden Amerof24c7f82018-06-27 17:20:43 +0100[diff] [blame]17/** An invalid export length that will never be set by psa_export_key(). */
18static const size_t INVALID_EXPORT_LENGTH = ~0U;
19
Gilles Peskined35a1cc2018-06-26 21:26:10 +0200[diff] [blame]20/** Test if a buffer is all-bits zero.
Gilles Peskinee66ca3b2018-06-20 00:11:45 +0200[diff] [blame]21 *
22 * \param buffer Pointer to the beginning of the buffer.
23 * \param size Size of the buffer in bytes.
24 *
Gilles Peskine3f669c32018-06-21 09:21:51 +0200[diff] [blame]25 * \return 1 if the buffer is all-bits-zero.
26 * \return 0 if there is at least one nonzero byte.
Gilles Peskinee66ca3b2018-06-20 00:11:45 +0200[diff] [blame]27 */
Gilles Peskine3f669c32018-06-21 09:21:51 +0200[diff] [blame]28static int mem_is_zero( void *buffer, size_t size )
Gilles Peskinee66ca3b2018-06-20 00:11:45 +0200[diff] [blame]29{
30 size_t i;
31 for( i = 0; i < size; i++ )
32 {
33 if( ( (unsigned char *) buffer )[i] != 0 )
Gilles Peskine3f669c32018-06-21 09:21:51 +0200[diff] [blame]34 return( 0 );
Gilles Peskinee66ca3b2018-06-20 00:11:45 +0200[diff] [blame]35 }
Gilles Peskine3f669c32018-06-21 09:21:51 +0200[diff] [blame]36 return( 1 );
Gilles Peskinee66ca3b2018-06-20 00:11:45 +0200[diff] [blame]37}
Gilles Peskine818ca122018-06-20 18:16:48 +0200[diff] [blame]38
Gilles Peskine48c0ea12018-06-21 14:15:31 +0200[diff] [blame]39static int key_type_is_raw_bytes( psa_key_type_t type )
40{
41 psa_key_type_t category = type & PSA_KEY_TYPE_CATEGORY_MASK;
42 return( category == PSA_KEY_TYPE_RAW_DATA ||
43 category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
44}
45
Gilles Peskine0b352bc2018-06-28 00:16:11 +0200[diff] [blame]46/* Write the ASN.1 INTEGER with the value 2^(bits-1)+x backwards from *p. */
47static int asn1_write_10x( unsigned char **p,
48 unsigned char *start,
49 size_t bits,
50 unsigned char x )
51{
52 int ret;
53 int len = bits / 8 + 1;
Gilles Peskine480416a2018-06-28 19:04:07 +0200[diff] [blame]54 if( bits == 0 )
55 return( MBEDTLS_ERR_ASN1_INVALID_DATA );
56 if( bits <= 8 && x >= 1 << ( bits - 1 ) )
Gilles Peskine0b352bc2018-06-28 00:16:11 +0200[diff] [blame]57 return( MBEDTLS_ERR_ASN1_INVALID_DATA );
58 if( *p < start || *p - start < (ssize_t) len )
59 return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
60 *p -= len;
61 ( *p )[len-1] = x;
62 if( bits % 8 == 0 )
63 ( *p )[1] |= 1;
64 else
65 ( *p )[0] |= 1 << ( bits % 8 );
66 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
67 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
68 MBEDTLS_ASN1_INTEGER ) );
69 return( len );
70}
71
72static int construct_fake_rsa_key( unsigned char *buffer,
73 size_t buffer_size,
74 unsigned char **p,
75 size_t bits,
76 int keypair )
77{
78 size_t half_bits = ( bits + 1 ) / 2;
79 int ret;
80 int len = 0;
81 /* Construct something that looks like a DER encoding of
82 * as defined by PKCS#1 v2.2 (RFC 8017) section A.1.2:
83 * RSAPrivateKey ::= SEQUENCE {
84 * version Version,
85 * modulus INTEGER, -- n
86 * publicExponent INTEGER, -- e
87 * privateExponent INTEGER, -- d
88 * prime1 INTEGER, -- p
89 * prime2 INTEGER, -- q
90 * exponent1 INTEGER, -- d mod (p-1)
91 * exponent2 INTEGER, -- d mod (q-1)
92 * coefficient INTEGER, -- (inverse of q) mod p
93 * otherPrimeInfos OtherPrimeInfos OPTIONAL
94 * }
95 * Or, for a public key, the same structure with only
96 * version, modulus and publicExponent.
97 */
98 *p = buffer + buffer_size;
99 if( keypair )
100 {
101 MBEDTLS_ASN1_CHK_ADD( len, /* pq */
102 asn1_write_10x( p, buffer, half_bits, 1 ) );
103 MBEDTLS_ASN1_CHK_ADD( len, /* dq */
104 asn1_write_10x( p, buffer, half_bits, 1 ) );
105 MBEDTLS_ASN1_CHK_ADD( len, /* dp */
106 asn1_write_10x( p, buffer, half_bits, 1 ) );
107 MBEDTLS_ASN1_CHK_ADD( len, /* q */
108 asn1_write_10x( p, buffer, half_bits, 1 ) );
109 MBEDTLS_ASN1_CHK_ADD( len, /* p != q to pass mbedtls sanity checks */
110 asn1_write_10x( p, buffer, half_bits, 3 ) );
111 MBEDTLS_ASN1_CHK_ADD( len, /* d */
112 asn1_write_10x( p, buffer, bits, 1 ) );
113 }
114 MBEDTLS_ASN1_CHK_ADD( len, /* e = 65537 */
115 asn1_write_10x( p, buffer, 17, 1 ) );
116 MBEDTLS_ASN1_CHK_ADD( len, /* n */
117 asn1_write_10x( p, buffer, bits, 1 ) );
118 if( keypair )
119 MBEDTLS_ASN1_CHK_ADD( len, /* version = 0 */
120 mbedtls_asn1_write_int( p, buffer, 0 ) );
121 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, buffer, len ) );
122 {
123 const unsigned char tag =
124 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE;
125 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, buffer, tag ) );
126 }
127 return( len );
128}
129
Gilles Peskine818ca122018-06-20 18:16:48 +0200[diff] [blame]130static int exercise_mac_key( psa_key_slot_t key,
131 psa_key_usage_t usage,
132 psa_algorithm_t alg )
133{
134 psa_mac_operation_t operation;
135 const unsigned char input[] = "foo";
Gilles Peskine69c12672018-06-28 00:07:19 +0200[diff] [blame]136 unsigned char mac[PSA_MAC_MAX_SIZE] = {0};
Gilles Peskine818ca122018-06-20 18:16:48 +0200[diff] [blame]137 size_t mac_length = sizeof( mac );
138
139 if( usage & PSA_KEY_USAGE_SIGN )
140 {
141 TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS );
142 TEST_ASSERT( psa_mac_update( &operation,
143 input, sizeof( input ) ) == PSA_SUCCESS );
144 TEST_ASSERT( psa_mac_finish( &operation,
145 mac, sizeof( input ),
146 &mac_length ) == PSA_SUCCESS );
147 }
148
149 if( usage & PSA_KEY_USAGE_VERIFY )
150 {
151 psa_status_t verify_status =
152 ( usage & PSA_KEY_USAGE_SIGN ?
153 PSA_SUCCESS :
154 PSA_ERROR_INVALID_SIGNATURE );
155 TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS );
156 TEST_ASSERT( psa_mac_update( &operation,
157 input, sizeof( input ) ) == PSA_SUCCESS );
158 TEST_ASSERT( psa_mac_verify( &operation, mac, mac_length ) == verify_status );
159 }
160
161 return( 1 );
162
163exit:
164 psa_mac_abort( &operation );
165 return( 0 );
166}
167
168static int exercise_cipher_key( psa_key_slot_t key,
169 psa_key_usage_t usage,
170 psa_algorithm_t alg )
171{
172 psa_cipher_operation_t operation;
173 unsigned char iv[16] = {0};
174 size_t iv_length = sizeof( iv );
175 const unsigned char plaintext[16] = "Hello, world...";
176 unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)";
177 size_t ciphertext_length = sizeof( ciphertext );
178 unsigned char decrypted[sizeof( ciphertext )];
179 size_t part_length;
180
181 if( usage & PSA_KEY_USAGE_ENCRYPT )
182 {
183 TEST_ASSERT( psa_encrypt_setup( &operation, key, alg ) == PSA_SUCCESS );
184 TEST_ASSERT( psa_encrypt_generate_iv( &operation,
185 iv, sizeof( iv ),
186 &iv_length ) == PSA_SUCCESS );
187 TEST_ASSERT( psa_cipher_update( &operation,
188 plaintext, sizeof( plaintext ),
189 ciphertext, sizeof( ciphertext ),
190 &ciphertext_length ) == PSA_SUCCESS );
191 TEST_ASSERT( psa_cipher_finish( &operation,
192 ciphertext + ciphertext_length,
193 sizeof( ciphertext ) - ciphertext_length,
194 &part_length ) == PSA_SUCCESS );
195 ciphertext_length += part_length;
196 }
197
198 if( usage & PSA_KEY_USAGE_DECRYPT )
199 {
200 psa_status_t status;
Mohammad AboMokhadb9b232018-06-28 01:52:54 -0700[diff] [blame]201 psa_key_type_t type = PSA_KEY_TYPE_NONE;
Gilles Peskine818ca122018-06-20 18:16:48 +0200[diff] [blame]202 if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) )
203 {
Gilles Peskine818ca122018-06-20 18:16:48 +0200[diff] [blame]204 size_t bits;
205 TEST_ASSERT( psa_get_key_information( key, &type, &bits ) );
206 iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type );
207 }
208 TEST_ASSERT( psa_decrypt_setup( &operation, key, alg ) == PSA_SUCCESS );
209 TEST_ASSERT( psa_encrypt_set_iv( &operation,
210 iv, iv_length ) == PSA_SUCCESS );
211 TEST_ASSERT( psa_cipher_update( &operation,
212 ciphertext, ciphertext_length,
213 decrypted, sizeof( decrypted ),
214 &part_length ) == PSA_SUCCESS );
215 status = psa_cipher_finish( &operation,
216 decrypted + part_length,
217 sizeof( decrypted ) - part_length,
218 &part_length );
219 /* For a stream cipher, all inputs are valid. For a block cipher,
220 * if the input is some aribtrary data rather than an actual
221 ciphertext, a padding error is likely. */
Mohammad AboMokh65fa0b82018-06-28 02:14:00 -0700[diff] [blame]222 if( ( usage & PSA_KEY_USAGE_ENCRYPT ) ||
Mohammad AboMokhadb9b232018-06-28 01:52:54 -0700[diff] [blame]223 PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) == 1 )
Gilles Peskine818ca122018-06-20 18:16:48 +0200[diff] [blame]224 TEST_ASSERT( status == PSA_SUCCESS );
225 else
226 TEST_ASSERT( status == PSA_SUCCESS ||
227 status == PSA_ERROR_INVALID_PADDING );
228 }
229
230 return( 1 );
231
232exit:
233 psa_cipher_abort( &operation );
234 return( 0 );
235}
236
237static int exercise_aead_key( psa_key_slot_t key,
238 psa_key_usage_t usage,
239 psa_algorithm_t alg )
240{
241 unsigned char nonce[16] = {0};
242 size_t nonce_length = sizeof( nonce );
243 unsigned char plaintext[16] = "Hello, world...";
244 unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)";
245 size_t ciphertext_length = sizeof( ciphertext );
246 size_t plaintext_length = sizeof( ciphertext );
247
248 if( usage & PSA_KEY_USAGE_ENCRYPT )
249 {
250 TEST_ASSERT( psa_aead_encrypt( key, alg,
251 nonce, nonce_length,
252 NULL, 0,
253 plaintext, sizeof( plaintext ),
254 ciphertext, sizeof( ciphertext ),
255 &ciphertext_length ) == PSA_SUCCESS );
256 }
257
258 if( usage & PSA_KEY_USAGE_DECRYPT )
259 {
260 psa_status_t verify_status =
261 ( usage & PSA_KEY_USAGE_ENCRYPT ?
262 PSA_SUCCESS :
263 PSA_ERROR_INVALID_SIGNATURE );
264 TEST_ASSERT( psa_aead_decrypt( key, alg,
265 nonce, nonce_length,
266 NULL, 0,
267 ciphertext, ciphertext_length,
268 plaintext, sizeof( plaintext ),
269 &plaintext_length ) == verify_status );
270 }
271
272 return( 1 );
273
274exit:
275 return( 0 );
276}
277
278static int exercise_signature_key( psa_key_slot_t key,
279 psa_key_usage_t usage,
280 psa_algorithm_t alg )
281{
Gilles Peskineca45c352018-06-26 16:13:09 +0200[diff] [blame]282 unsigned char payload[16] = {1};
Gilles Peskine818ca122018-06-20 18:16:48 +0200[diff] [blame]283 size_t payload_length = sizeof( payload );
Gilles Peskine69c12672018-06-28 00:07:19 +0200[diff] [blame]284 unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
Gilles Peskine818ca122018-06-20 18:16:48 +0200[diff] [blame]285 size_t signature_length = sizeof( signature );
286
287 if( usage & PSA_KEY_USAGE_SIGN )
288 {
289 TEST_ASSERT( psa_asymmetric_sign( key, alg,
290 payload, payload_length,
291 NULL, 0,
292 signature, sizeof( signature ),
293 &signature_length ) == PSA_SUCCESS );
294 }
295
296 if( usage & PSA_KEY_USAGE_VERIFY )
297 {
298 psa_status_t verify_status =
299 ( usage & PSA_KEY_USAGE_SIGN ?
300 PSA_SUCCESS :
301 PSA_ERROR_INVALID_SIGNATURE );
302 TEST_ASSERT( psa_asymmetric_verify( key, alg,
303 payload, payload_length,
304 NULL, 0,
305 signature, signature_length ) ==
306 verify_status );
307 }
308
309 return( 1 );
310
311exit:
312 return( 0 );
313}
314
315static int exercise_asymmetric_encryption_key( psa_key_slot_t key,
316 psa_key_usage_t usage,
317 psa_algorithm_t alg )
318{
319 unsigned char plaintext[256] = "Hello, world...";
320 unsigned char ciphertext[256] = "(wabblewebblewibblewobblewubble)";
321 size_t ciphertext_length = sizeof( ciphertext );
322 size_t plaintext_length = 16;
323
324 if( usage & PSA_KEY_USAGE_ENCRYPT )
325 {
326 TEST_ASSERT(
327 psa_asymmetric_encrypt( key, alg,
328 plaintext, plaintext_length,
329 NULL, 0,
330 ciphertext, sizeof( ciphertext ),
331 &ciphertext_length ) == PSA_SUCCESS );
332 }
333
334 if( usage & PSA_KEY_USAGE_DECRYPT )
335 {
336 psa_status_t status =
337 psa_asymmetric_decrypt( key, alg,
338 ciphertext, ciphertext_length,
339 NULL, 0,
340 plaintext, sizeof( plaintext ),
341 &plaintext_length );
342 TEST_ASSERT( status == PSA_SUCCESS ||
343 ( ( usage & PSA_KEY_USAGE_ENCRYPT ) == 0 &&
344 ( status == PSA_ERROR_INVALID_ARGUMENT ||
345 status == PSA_ERROR_INVALID_PADDING ) ) );
346 }
347
348 return( 1 );
349
350exit:
351 return( 0 );
352}
Gilles Peskine02b75072018-07-01 22:31:34 +0200[diff] [blame]353
354static int exercise_key( psa_key_slot_t slot,
355 psa_key_usage_t usage,
356 psa_algorithm_t alg )
357{
358 int ok;
359 if( alg == 0 )
360 ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */
361 else if( PSA_ALG_IS_MAC( alg ) )
362 ok = exercise_mac_key( slot, usage, alg );
363 else if( PSA_ALG_IS_CIPHER( alg ) )
364 ok = exercise_cipher_key( slot, usage, alg );
365 else if( PSA_ALG_IS_AEAD( alg ) )
366 ok = exercise_aead_key( slot, usage, alg );
367 else if( PSA_ALG_IS_SIGN( alg ) )
368 ok = exercise_signature_key( slot, usage, alg );
369 else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
370 ok = exercise_asymmetric_encryption_key( slot, usage, alg );
371 else
372 {
373 char message[40];
374 mbedtls_snprintf( message, sizeof( message ),
375 "No code to exercise alg=0x%08lx",
376 (unsigned long) alg );
377 test_fail( message, __LINE__, __FILE__ );
378 ok = 0;
379 }
380 return( ok );
381}
382
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]383/* END_HEADER */
384
385/* BEGIN_DEPENDENCIES
386 * depends_on:MBEDTLS_PSA_CRYPTO_C
387 * END_DEPENDENCIES
388 */
389
390/* BEGIN_CASE */
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]391void init_deinit( )
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]392{
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]393 psa_status_t status;
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]394 int i;
395 for( i = 0; i <= 1; i++ )
396 {
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]397 status = psa_crypto_init( );
398 TEST_ASSERT( status == PSA_SUCCESS );
399 status = psa_crypto_init( );
400 TEST_ASSERT( status == PSA_SUCCESS );
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]401 mbedtls_psa_crypto_free( );
402 }
403}
404/* END_CASE */
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]405
406/* BEGIN_CASE */
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]407void import( data_t *data, int type, int expected_status_arg )
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]408{
409 int slot = 1;
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]410 psa_status_t expected_status = expected_status_arg;
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]411 psa_status_t status;
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]412
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]413 TEST_ASSERT( data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]414 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]415 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
416
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]417 status = psa_import_key( slot, type, data->x, data->len );
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]418 TEST_ASSERT( status == expected_status );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]419 if( status == PSA_SUCCESS )
420 TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
421
422exit:
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]423 mbedtls_psa_crypto_free( );
424}
425/* END_CASE */
426
427/* BEGIN_CASE */
Gilles Peskine0b352bc2018-06-28 00:16:11 +0200[diff] [blame]428void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
429{
430 int slot = 1;
431 size_t bits = bits_arg;
432 psa_status_t expected_status = expected_status_arg;
433 psa_status_t status;
434 psa_key_type_t type =
435 keypair ? PSA_KEY_TYPE_RSA_KEYPAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY;
436 size_t buffer_size = /* Slight overapproximations */
437 keypair ? bits * 9 / 16 + 80 : bits / 8 + 20;
438 unsigned char *buffer = mbedtls_calloc( 1, buffer_size );
439 unsigned char *p;
440 int ret;
441 size_t length;
442
443 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
444 TEST_ASSERT( buffer != NULL );
445
446 TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p,
447 bits, keypair ) ) >= 0 );
448 length = ret;
449
450 /* Try importing the key */
451 status = psa_import_key( slot, type, p, length );
452 TEST_ASSERT( status == expected_status );
453 if( status == PSA_SUCCESS )
454 TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
455
456exit:
457 mbedtls_free( buffer );
458 mbedtls_psa_crypto_free( );
459}
460/* END_CASE */
461
462/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]463void import_export( data_t *data,
Moran Pekera964a8f2018-06-04 18:42:36 +0300[diff] [blame]464 int type_arg,
465 int alg_arg,
466 int usage_arg,
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]467 int expected_bits,
468 int export_size_delta,
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]469 int expected_export_status_arg,
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]470 int canonical_input )
471{
472 int slot = 1;
473 int slot2 = slot + 1;
474 psa_key_type_t type = type_arg;
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]475 psa_algorithm_t alg = alg_arg;
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]476 psa_status_t expected_export_status = expected_export_status_arg;
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]477 psa_status_t status;
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]478 unsigned char *exported = NULL;
479 unsigned char *reexported = NULL;
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]480 size_t export_size;
Jaeden Amerof24c7f82018-06-27 17:20:43 +0100[diff] [blame]481 size_t exported_length = INVALID_EXPORT_LENGTH;
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]482 size_t reexported_length;
483 psa_key_type_t got_type;
484 size_t got_bits;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]485 psa_key_policy_t policy;
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]486
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]487 TEST_ASSERT( data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]488 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
489 export_size = (ssize_t) data->len + export_size_delta;
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]490 exported = mbedtls_calloc( 1, export_size );
491 TEST_ASSERT( exported != NULL );
492 if( ! canonical_input )
493 {
494 reexported = mbedtls_calloc( 1, export_size );
495 TEST_ASSERT( reexported != NULL );
496 }
497 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
498
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]499 psa_key_policy_init( &policy );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]500 psa_key_policy_set_usage( &policy, usage_arg, alg );
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]501 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
502
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]503 /* Import the key */
504 TEST_ASSERT( psa_import_key( slot, type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]505 data->x, data->len ) == PSA_SUCCESS );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]506
507 /* Test the key information */
508 TEST_ASSERT( psa_get_key_information( slot,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]509 &got_type,
510 &got_bits ) == PSA_SUCCESS );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]511 TEST_ASSERT( got_type == type );
512 TEST_ASSERT( got_bits == (size_t) expected_bits );
513
514 /* Export the key */
515 status = psa_export_key( slot,
516 exported, export_size,
517 &exported_length );
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]518 TEST_ASSERT( status == expected_export_status );
Jaeden Amerof24c7f82018-06-27 17:20:43 +0100[diff] [blame]519
520 /* The exported length must be set by psa_export_key() to a value between 0
521 * and export_size. On errors, the exported length must be 0. */
522 TEST_ASSERT( exported_length != INVALID_EXPORT_LENGTH );
523 TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 );
524 TEST_ASSERT( exported_length <= export_size );
525
Gilles Peskine3f669c32018-06-21 09:21:51 +0200[diff] [blame]526 TEST_ASSERT( mem_is_zero( exported + exported_length,
527 export_size - exported_length ) );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]528 if( status != PSA_SUCCESS )
Gilles Peskinee66ca3b2018-06-20 00:11:45 +0200[diff] [blame]529 {
530 TEST_ASSERT( exported_length == 0 );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]531 goto destroy;
Gilles Peskinee66ca3b2018-06-20 00:11:45 +0200[diff] [blame]532 }
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]533
534 if( canonical_input )
535 {
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]536 TEST_ASSERT( exported_length == data->len );
537 TEST_ASSERT( memcmp( exported, data->x, data->len ) == 0 );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]538 }
539 else
540 {
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]541 TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS );
542
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]543 TEST_ASSERT( psa_import_key( slot2, type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]544 exported,
545 export_size ) == PSA_SUCCESS );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]546 TEST_ASSERT( psa_export_key( slot2,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]547 reexported,
548 export_size,
549 &reexported_length ) == PSA_SUCCESS );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]550 TEST_ASSERT( reexported_length == exported_length );
551 TEST_ASSERT( memcmp( reexported, exported,
552 exported_length ) == 0 );
553 }
554
555destroy:
556 /* Destroy the key */
557 TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
558 TEST_ASSERT( psa_get_key_information(
559 slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
560
561exit:
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]562 mbedtls_free( exported );
563 mbedtls_free( reexported );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]564 mbedtls_psa_crypto_free( );
565}
566/* END_CASE */
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]567
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]568/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]569void import_export_public_key( data_t *data,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]570 int type_arg,
571 int alg_arg,
572 int expected_bits,
573 int public_key_expected_length,
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]574 int expected_export_status_arg )
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]575{
576 int slot = 1;
577 psa_key_type_t type = type_arg;
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]578 psa_algorithm_t alg = alg_arg;
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]579 psa_status_t expected_export_status = expected_export_status_arg;
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]580 psa_status_t status;
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]581 unsigned char *exported = NULL;
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]582 size_t export_size;
Jaeden Amero2a671e92018-06-27 17:47:40 +0100[diff] [blame]583 size_t exported_length = INVALID_EXPORT_LENGTH;
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]584 psa_key_type_t got_type;
585 size_t got_bits;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]586 psa_key_policy_t policy;
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]587
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]588 TEST_ASSERT( data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]589 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
590 export_size = (ssize_t) data->len;
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]591 exported = mbedtls_calloc( 1, export_size );
592 TEST_ASSERT( exported != NULL );
593
594 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
595
596 psa_key_policy_init( &policy );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]597 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]598 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
599
600 /* Import the key */
601 TEST_ASSERT( psa_import_key( slot, type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]602 data->x, data->len ) == PSA_SUCCESS );
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]603
604 /* Test the key information */
605 TEST_ASSERT( psa_get_key_information( slot,
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]606 &got_type,
607 &got_bits ) == PSA_SUCCESS );
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]608 TEST_ASSERT( got_type == type );
609 TEST_ASSERT( got_bits == (size_t) expected_bits );
610
611 /* Export the key */
612 status = psa_export_public_key( slot,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]613 exported, export_size,
614 &exported_length );
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]615 TEST_ASSERT( status == expected_export_status );
Jaeden Amero2a671e92018-06-27 17:47:40 +0100[diff] [blame]616 TEST_ASSERT( exported_length == (size_t) public_key_expected_length );
617 TEST_ASSERT( mem_is_zero( exported + exported_length,
618 export_size - exported_length ) );
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]619 if( status != PSA_SUCCESS )
620 goto destroy;
621
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]622destroy:
623 /* Destroy the key */
624 TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
625 TEST_ASSERT( psa_get_key_information(
626 slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
627
628exit:
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]629 mbedtls_free( exported );
Moran Pekerf709f4a2018-06-06 17:26:04 +0300[diff] [blame]630 mbedtls_psa_crypto_free( );
631}
632/* END_CASE */
633
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]634/* BEGIN_CASE */
Gilles Peskinea680c7a2018-06-26 16:12:43 +0200[diff] [blame]635void import_and_exercise_key( data_t *data,
636 int type_arg,
637 int bits_arg,
638 int alg_arg )
639{
640 int slot = 1;
641 psa_key_type_t type = type_arg;
642 size_t bits = bits_arg;
643 psa_algorithm_t alg = alg_arg;
644 psa_key_usage_t usage =
645 ( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) ?
646 ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
647 PSA_KEY_USAGE_VERIFY :
648 PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ) :
649 PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ||
650 PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ?
651 ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
652 PSA_KEY_USAGE_ENCRYPT :
653 PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ) :
654 0 );
655 psa_key_policy_t policy;
656 psa_key_type_t got_type;
657 size_t got_bits;
658 psa_status_t status;
659
660 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
661
662 psa_key_policy_init( &policy );
663 psa_key_policy_set_usage( &policy, usage, alg );
664 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
665
666 /* Import the key */
667 status = psa_import_key( slot, type, data->x, data->len );
668 TEST_ASSERT( status == PSA_SUCCESS );
669
670 /* Test the key information */
671 TEST_ASSERT( psa_get_key_information( slot,
672 &got_type,
673 &got_bits ) == PSA_SUCCESS );
674 TEST_ASSERT( got_type == type );
675 TEST_ASSERT( got_bits == bits );
676
677 /* Do something with the key according to its type and permitted usage. */
Gilles Peskine02b75072018-07-01 22:31:34 +0200[diff] [blame]678 if( ! exercise_key( slot, usage, alg ) )
679 goto exit;
Gilles Peskinea680c7a2018-06-26 16:12:43 +0200[diff] [blame]680
681exit:
682 psa_destroy_key( slot );
683 mbedtls_psa_crypto_free( );
684}
685/* END_CASE */
686
687/* BEGIN_CASE */
Gilles Peskined5b33222018-06-18 22:20:03 +0200[diff] [blame]688void key_policy( int usage_arg, int alg_arg )
689{
690 int key_slot = 1;
691 psa_algorithm_t alg = alg_arg;
692 psa_key_usage_t usage = usage_arg;
693 psa_key_type_t key_type = PSA_KEY_TYPE_AES;
694 unsigned char key[32] = {0};
695 psa_key_policy_t policy_set;
696 psa_key_policy_t policy_get;
697
698 memset( key, 0x2a, sizeof( key ) );
699
700 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
701
702 psa_key_policy_init( &policy_set );
703 psa_key_policy_init( &policy_get );
704
705 psa_key_policy_set_usage( &policy_set, usage, alg );
706
707 TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage );
708 TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg );
709 TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
710
711 TEST_ASSERT( psa_import_key( key_slot, key_type,
712 key, sizeof( key ) ) == PSA_SUCCESS );
713
714 TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
715
716 TEST_ASSERT( policy_get.usage == policy_set.usage );
717 TEST_ASSERT( policy_get.alg == policy_set.alg );
718
719exit:
720 psa_destroy_key( key_slot );
721 mbedtls_psa_crypto_free( );
722}
723/* END_CASE */
724
725/* BEGIN_CASE */
726void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
727 data_t *keypair )
728{
729 int key_slot = 1;
730 psa_algorithm_t alg = alg_arg;
731 psa_key_usage_t usage = usage_arg;
732 size_t signature_length = 0;
733 psa_key_policy_t policy;
734 int actual_status = PSA_SUCCESS;
735
736 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
737
738 psa_key_policy_init( &policy );
739 psa_key_policy_set_usage( &policy, usage, alg );
740 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
741
742 if( usage & PSA_KEY_USAGE_EXPORT )
743 {
744 TEST_ASSERT( keypair != NULL );
745 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
746 TEST_ASSERT( psa_import_key( key_slot,
747 PSA_KEY_TYPE_RSA_KEYPAIR,
748 keypair->x,
749 keypair->len ) == PSA_SUCCESS );
750 actual_status = psa_asymmetric_sign( key_slot, alg,
751 NULL, 0,
752 NULL, 0,
753 NULL, 0, &signature_length );
754 }
755
756 if( usage & PSA_KEY_USAGE_SIGN )
757 {
Jaeden Amerof24c7f82018-06-27 17:20:43 +0100[diff] [blame]758 size_t data_length;
Gilles Peskined5b33222018-06-18 22:20:03 +0200[diff] [blame]759 TEST_ASSERT( keypair != NULL );
760 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
761 TEST_ASSERT( psa_import_key( key_slot,
762 PSA_KEY_TYPE_RSA_KEYPAIR,
763 keypair->x,
764 keypair->len ) == PSA_SUCCESS );
Jaeden Amerof24c7f82018-06-27 17:20:43 +0100[diff] [blame]765 actual_status = psa_export_key( key_slot, NULL, 0, &data_length );
Gilles Peskined5b33222018-06-18 22:20:03 +0200[diff] [blame]766 }
767
768 TEST_ASSERT( actual_status == expected_status );
769
770exit:
771 psa_destroy_key( key_slot );
772 mbedtls_psa_crypto_free( );
773}
774/* END_CASE */
775
776/* BEGIN_CASE */
777void key_lifetime( int lifetime_arg )
778{
779 int key_slot = 1;
780 psa_key_type_t key_type = PSA_ALG_CBC_BASE;
781 unsigned char key[32] = {0};
782 psa_key_lifetime_t lifetime_set = lifetime_arg;
783 psa_key_lifetime_t lifetime_get;
784
785 memset( key, 0x2a, sizeof( key ) );
786
787 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
788
789 TEST_ASSERT( psa_set_key_lifetime( key_slot,
790 lifetime_set ) == PSA_SUCCESS );
791
792 TEST_ASSERT( psa_import_key( key_slot, key_type,
793 key, sizeof( key ) ) == PSA_SUCCESS );
794
795 TEST_ASSERT( psa_get_key_lifetime( key_slot,
796 &lifetime_get ) == PSA_SUCCESS );
797
798 TEST_ASSERT( lifetime_get == lifetime_set );
799
800exit:
801 psa_destroy_key( key_slot );
802 mbedtls_psa_crypto_free( );
803}
804/* END_CASE */
805
806/* BEGIN_CASE */
807void key_lifetime_set_fail( int key_slot_arg,
808 int lifetime_arg,
809 int expected_status_arg )
810{
811 psa_key_slot_t key_slot = key_slot_arg;
812 psa_key_lifetime_t lifetime_set = lifetime_arg;
813 psa_status_t actual_status;
814 psa_status_t expected_status = expected_status_arg;
815
816 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
817
818 actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
819
820 if( actual_status == PSA_SUCCESS )
821 actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
822
823 TEST_ASSERT( expected_status == actual_status );
824
825exit:
826 psa_destroy_key( key_slot );
827 mbedtls_psa_crypto_free( );
828}
829/* END_CASE */
830
831/* BEGIN_CASE */
Gilles Peskine16c0f4f2018-06-20 16:05:20 +0200[diff] [blame]832void hash_setup( int alg_arg,
833 int expected_status_arg )
834{
835 psa_algorithm_t alg = alg_arg;
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]836 psa_status_t expected_status = expected_status_arg;
Gilles Peskine16c0f4f2018-06-20 16:05:20 +0200[diff] [blame]837 psa_hash_operation_t operation;
838 psa_status_t status;
839
840 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
841
842 status = psa_hash_start( &operation, alg );
843 psa_hash_abort( &operation );
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]844 TEST_ASSERT( status == expected_status );
Gilles Peskine16c0f4f2018-06-20 16:05:20 +0200[diff] [blame]845
846exit:
847 mbedtls_psa_crypto_free( );
848}
849/* END_CASE */
850
851/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]852void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]853{
854 psa_algorithm_t alg = alg_arg;
Gilles Peskineb3e6e5d2018-06-18 22:16:43 +0200[diff] [blame]855 unsigned char actual_hash[PSA_HASH_MAX_SIZE];
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]856 size_t actual_hash_length;
857 psa_hash_operation_t operation;
858
Gilles Peskine69c12672018-06-28 00:07:19 +0200[diff] [blame]859 TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) );
860 TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE );
861
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]862 TEST_ASSERT( input != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]863 TEST_ASSERT( expected_hash != NULL );
864 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
865 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]866
867 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
868
869 TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
870 TEST_ASSERT( psa_hash_update( &operation,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]871 input->x, input->len ) == PSA_SUCCESS );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]872 TEST_ASSERT( psa_hash_finish( &operation,
873 actual_hash, sizeof( actual_hash ),
874 &actual_hash_length ) == PSA_SUCCESS );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]875 TEST_ASSERT( actual_hash_length == expected_hash->len );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]876 TEST_ASSERT( memcmp( expected_hash->x, actual_hash,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]877 expected_hash->len ) == 0 );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]878
879exit:
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]880 mbedtls_psa_crypto_free( );
881}
882/* END_CASE */
883
884/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]885void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]886{
887 psa_algorithm_t alg = alg_arg;
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]888 psa_hash_operation_t operation;
889
Gilles Peskine69c12672018-06-28 00:07:19 +0200[diff] [blame]890 TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) );
891 TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE );
892
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]893 TEST_ASSERT( input != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]894 TEST_ASSERT( expected_hash != NULL );
895 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
896 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]897
898 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
899
900 TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
901 TEST_ASSERT( psa_hash_update( &operation,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]902 input->x,
903 input->len ) == PSA_SUCCESS );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]904 TEST_ASSERT( psa_hash_verify( &operation,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]905 expected_hash->x,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]906 expected_hash->len ) == PSA_SUCCESS );
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]907
908exit:
Gilles Peskine9ef733f2018-02-07 21:05:37 +0100[diff] [blame]909 mbedtls_psa_crypto_free( );
910}
911/* END_CASE */
912
913/* BEGIN_CASE */
Gilles Peskine16c0f4f2018-06-20 16:05:20 +0200[diff] [blame]914void mac_setup( int key_type_arg,
915 data_t *key,
916 int alg_arg,
917 int expected_status_arg )
918{
919 int key_slot = 1;
920 psa_key_type_t key_type = key_type_arg;
921 psa_algorithm_t alg = alg_arg;
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]922 psa_status_t expected_status = expected_status_arg;
Gilles Peskine16c0f4f2018-06-20 16:05:20 +0200[diff] [blame]923 psa_mac_operation_t operation;
924 psa_key_policy_t policy;
925 psa_status_t status;
926
927 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
928
929 psa_key_policy_init( &policy );
930 psa_key_policy_set_usage( &policy,
931 PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
932 alg );
933 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
934
935 TEST_ASSERT( psa_import_key( key_slot, key_type,
936 key->x, key->len ) == PSA_SUCCESS );
937
938 status = psa_mac_start( &operation, key_slot, alg );
939 psa_mac_abort( &operation );
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]940 TEST_ASSERT( status == expected_status );
Gilles Peskine16c0f4f2018-06-20 16:05:20 +0200[diff] [blame]941
942exit:
943 psa_destroy_key( key_slot );
944 mbedtls_psa_crypto_free( );
945}
946/* END_CASE */
947
948/* BEGIN_CASE */
Gilles Peskinec0ec9722018-06-18 17:03:37 +0200[diff] [blame]949void mac_verify( int key_type_arg,
950 data_t *key,
951 int alg_arg,
952 data_t *input,
953 data_t *expected_mac )
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]954{
955 int key_slot = 1;
956 psa_key_type_t key_type = key_type_arg;
957 psa_algorithm_t alg = alg_arg;
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]958 psa_mac_operation_t operation;
mohammad16036df908f2018-04-02 08:34:15 -0700[diff] [blame]959 psa_key_policy_t policy;
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]960
Gilles Peskine69c12672018-06-28 00:07:19 +0200[diff] [blame]961 TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE );
962
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]963 TEST_ASSERT( key != NULL );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]964 TEST_ASSERT( input != NULL );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]965 TEST_ASSERT( expected_mac != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]966 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]967 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
968 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_mac->len ) );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]969
970 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
971
mohammad16036df908f2018-04-02 08:34:15 -0700[diff] [blame]972 psa_key_policy_init( &policy );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]973 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
mohammad16036df908f2018-04-02 08:34:15 -0700[diff] [blame]974 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
975
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]976 TEST_ASSERT( psa_import_key( key_slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]977 key->x, key->len ) == PSA_SUCCESS );
Gilles Peskinec0ec9722018-06-18 17:03:37 +0200[diff] [blame]978
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]979 TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
980 TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
981 TEST_ASSERT( psa_mac_update( &operation,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]982 input->x, input->len ) == PSA_SUCCESS );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]983 TEST_ASSERT( psa_mac_verify( &operation,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]984 expected_mac->x,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]985 expected_mac->len ) == PSA_SUCCESS );
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]986
987exit:
Gilles Peskine8c9def32018-02-08 10:02:12 +0100[diff] [blame]988 psa_destroy_key( key_slot );
989 mbedtls_psa_crypto_free( );
990}
991/* END_CASE */
992
993/* BEGIN_CASE */
Gilles Peskine16c0f4f2018-06-20 16:05:20 +0200[diff] [blame]994void cipher_setup( int key_type_arg,
995 data_t *key,
996 int alg_arg,
997 int expected_status_arg )
998{
999 int key_slot = 1;
1000 psa_key_type_t key_type = key_type_arg;
1001 psa_algorithm_t alg = alg_arg;
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]1002 psa_status_t expected_status = expected_status_arg;
Gilles Peskine16c0f4f2018-06-20 16:05:20 +0200[diff] [blame]1003 psa_cipher_operation_t operation;
1004 psa_key_policy_t policy;
1005 psa_status_t status;
1006
1007 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1008
1009 psa_key_policy_init( &policy );
1010 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
1011 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
1012
1013 TEST_ASSERT( psa_import_key( key_slot, key_type,
1014 key->x, key->len ) == PSA_SUCCESS );
1015
1016 status = psa_encrypt_setup( &operation, key_slot, alg );
1017 psa_cipher_abort( &operation );
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]1018 TEST_ASSERT( status == expected_status );
Gilles Peskine16c0f4f2018-06-20 16:05:20 +0200[diff] [blame]1019
1020exit:
1021 psa_destroy_key( key_slot );
1022 mbedtls_psa_crypto_free( );
1023}
1024/* END_CASE */
1025
1026/* BEGIN_CASE */
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1027void cipher_encrypt( int alg_arg, int key_type_arg,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1028 data_t *key,
1029 data_t *input, data_t *expected_output,
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]1030 int expected_status_arg )
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1031{
1032 int key_slot = 1;
1033 psa_status_t status;
1034 psa_key_type_t key_type = key_type_arg;
1035 psa_algorithm_t alg = alg_arg;
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]1036 psa_status_t expected_status = expected_status_arg;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1037 unsigned char iv[16] = {0};
Gilles Peskine9ad29e22018-06-21 09:40:04 +0200[diff] [blame]1038 size_t iv_size;
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1039 unsigned char *output = NULL;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1040 size_t output_buffer_size = 0;
1041 size_t function_output_length = 0;
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1042 size_t total_output_length = 0;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1043 psa_cipher_operation_t operation;
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1044 psa_key_policy_t policy;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1045
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1046 TEST_ASSERT( key != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1047 TEST_ASSERT( input != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1048 TEST_ASSERT( expected_output != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1049 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
1050 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
1051 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1052
Gilles Peskine9ad29e22018-06-21 09:40:04 +0200[diff] [blame]1053 iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
1054 memset( iv, 0x2a, iv_size );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1055
1056 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1057
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1058 psa_key_policy_init( &policy );
1059 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
1060 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
1061
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1062 TEST_ASSERT( psa_import_key( key_slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1063 key->x, key->len ) == PSA_SUCCESS );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1064
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1065 TEST_ASSERT( psa_encrypt_setup( &operation,
1066 key_slot, alg ) == PSA_SUCCESS );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1067
1068 TEST_ASSERT( psa_encrypt_set_iv( &operation,
Gilles Peskine9ad29e22018-06-21 09:40:04 +0200[diff] [blame]1069 iv, iv_size ) == PSA_SUCCESS );
mohammad16033d91abe2018-07-03 13:15:54 +0300[diff] [blame]1070 output_buffer_size = (size_t) input->len +
1071 PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1072 output = mbedtls_calloc( 1, output_buffer_size );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1073 TEST_ASSERT( output != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1074
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1075 TEST_ASSERT( psa_cipher_update( &operation,
1076 input->x, input->len,
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1077 output, output_buffer_size,
1078 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1079 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1080 status = psa_cipher_finish( &operation,
1081 output + function_output_length,
1082 output_buffer_size,
1083 &function_output_length );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1084 total_output_length += function_output_length;
1085
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]1086 TEST_ASSERT( status == expected_status );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1087 if( expected_status == PSA_SUCCESS )
1088 {
1089 TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1090 TEST_ASSERT( total_output_length == expected_output->len );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1091 TEST_ASSERT( memcmp( expected_output->x, output,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1092 expected_output->len ) == 0 );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1093 }
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1094
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1095exit:
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1096 mbedtls_free( output );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1097 psa_destroy_key( key_slot );
1098 mbedtls_psa_crypto_free( );
1099}
1100/* END_CASE */
1101
1102/* BEGIN_CASE */
1103void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1104 data_t *key,
1105 data_t *input,
1106 int first_part_size,
1107 data_t *expected_output )
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1108{
1109 int key_slot = 1;
1110 psa_key_type_t key_type = key_type_arg;
1111 psa_algorithm_t alg = alg_arg;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1112 unsigned char iv[16] = {0};
Gilles Peskine9ad29e22018-06-21 09:40:04 +0200[diff] [blame]1113 size_t iv_size;
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1114 unsigned char *output = NULL;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1115 size_t output_buffer_size = 0;
1116 size_t function_output_length = 0;
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1117 size_t total_output_length = 0;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1118 psa_cipher_operation_t operation;
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1119 psa_key_policy_t policy;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1120
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1121 TEST_ASSERT( key != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1122 TEST_ASSERT( input != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1123 TEST_ASSERT( expected_output != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1124 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
1125 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
1126 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1127
Gilles Peskine9ad29e22018-06-21 09:40:04 +0200[diff] [blame]1128 iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
1129 memset( iv, 0x2a, iv_size );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1130
1131 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1132
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1133 psa_key_policy_init( &policy );
1134 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
1135 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
1136
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1137 TEST_ASSERT( psa_import_key( key_slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1138 key->x, key->len ) == PSA_SUCCESS );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1139
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1140 TEST_ASSERT( psa_encrypt_setup( &operation,
1141 key_slot, alg ) == PSA_SUCCESS );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1142
1143 TEST_ASSERT( psa_encrypt_set_iv( &operation,
1144 iv, sizeof( iv ) ) == PSA_SUCCESS );
mohammad16033d91abe2018-07-03 13:15:54 +0300[diff] [blame]1145 output_buffer_size = (size_t) input->len +
1146 PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1147 output = mbedtls_calloc( 1, output_buffer_size );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1148 TEST_ASSERT( output != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1149
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1150 TEST_ASSERT( (unsigned int) first_part_size < input->len );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1151 TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1152 output, output_buffer_size,
1153 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1154 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1155 TEST_ASSERT( psa_cipher_update( &operation,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1156 input->x + first_part_size,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1157 input->len - first_part_size,
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1158 output, output_buffer_size,
1159 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1160 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1161 TEST_ASSERT( psa_cipher_finish( &operation,
1162 output + function_output_length,
1163 output_buffer_size,
1164 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1165 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1166 TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
1167
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1168 TEST_ASSERT( total_output_length == expected_output->len );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1169 TEST_ASSERT( memcmp( expected_output->x, output,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1170 expected_output->len ) == 0 );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1171
1172exit:
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1173 mbedtls_free( output );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1174 psa_destroy_key( key_slot );
1175 mbedtls_psa_crypto_free( );
1176}
1177/* END_CASE */
1178
1179/* BEGIN_CASE */
1180void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1181 data_t *key,
1182 data_t *input,
1183 int first_part_size,
1184 data_t *expected_output )
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1185{
1186 int key_slot = 1;
1187
1188 psa_key_type_t key_type = key_type_arg;
1189 psa_algorithm_t alg = alg_arg;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1190 unsigned char iv[16] = {0};
Gilles Peskine9ad29e22018-06-21 09:40:04 +0200[diff] [blame]1191 size_t iv_size;
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1192 unsigned char *output = NULL;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1193 size_t output_buffer_size = 0;
1194 size_t function_output_length = 0;
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1195 size_t total_output_length = 0;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1196 psa_cipher_operation_t operation;
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1197 psa_key_policy_t policy;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1198
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1199 TEST_ASSERT( key != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1200 TEST_ASSERT( input != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1201 TEST_ASSERT( expected_output != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1202 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
1203 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
1204 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1205
Gilles Peskine9ad29e22018-06-21 09:40:04 +0200[diff] [blame]1206 iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
1207 memset( iv, 0x2a, iv_size );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1208
1209 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1210
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1211 psa_key_policy_init( &policy );
1212 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
1213 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
1214
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1215 TEST_ASSERT( psa_import_key( key_slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1216 key->x, key->len ) == PSA_SUCCESS );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1217
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1218 TEST_ASSERT( psa_decrypt_setup( &operation,
1219 key_slot, alg ) == PSA_SUCCESS );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1220
1221 TEST_ASSERT( psa_encrypt_set_iv( &operation,
1222 iv, sizeof( iv ) ) == PSA_SUCCESS );
1223
mohammad16033d91abe2018-07-03 13:15:54 +0300[diff] [blame]1224 output_buffer_size = (size_t) input->len +
1225 PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1226 output = mbedtls_calloc( 1, output_buffer_size );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1227 TEST_ASSERT( output != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1228
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1229 TEST_ASSERT( (unsigned int) first_part_size < input->len );
1230 TEST_ASSERT( psa_cipher_update( &operation,
1231 input->x, first_part_size,
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1232 output, output_buffer_size,
1233 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1234 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1235 TEST_ASSERT( psa_cipher_update( &operation,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1236 input->x + first_part_size,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1237 input->len - first_part_size,
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1238 output, output_buffer_size,
1239 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1240 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1241 TEST_ASSERT( psa_cipher_finish( &operation,
1242 output + function_output_length,
1243 output_buffer_size,
1244 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1245 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1246 TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
1247
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1248 TEST_ASSERT( total_output_length == expected_output->len );
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1249 TEST_ASSERT( memcmp( expected_output->x, output,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1250 expected_output->len ) == 0 );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1251
1252exit:
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1253 mbedtls_free( output );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1254 psa_destroy_key( key_slot );
1255 mbedtls_psa_crypto_free( );
1256}
1257/* END_CASE */
1258
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1259/* BEGIN_CASE */
1260void cipher_decrypt( int alg_arg, int key_type_arg,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1261 data_t *key,
1262 data_t *input, data_t *expected_output,
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]1263 int expected_status_arg )
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1264{
1265 int key_slot = 1;
1266 psa_status_t status;
1267 psa_key_type_t key_type = key_type_arg;
1268 psa_algorithm_t alg = alg_arg;
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]1269 psa_status_t expected_status = expected_status_arg;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1270 unsigned char iv[16] = {0};
Gilles Peskine9ad29e22018-06-21 09:40:04 +0200[diff] [blame]1271 size_t iv_size;
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1272 unsigned char *output = NULL;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1273 size_t output_buffer_size = 0;
1274 size_t function_output_length = 0;
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1275 size_t total_output_length = 0;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1276 psa_cipher_operation_t operation;
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1277 psa_key_policy_t policy;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1278
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1279 TEST_ASSERT( key != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1280 TEST_ASSERT( input != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1281 TEST_ASSERT( expected_output != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1282 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
1283 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
1284 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1285
Gilles Peskine9ad29e22018-06-21 09:40:04 +0200[diff] [blame]1286 iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
1287 memset( iv, 0x2a, iv_size );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1288
1289 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1290
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1291 psa_key_policy_init( &policy );
1292 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
1293 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
1294
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1295 TEST_ASSERT( psa_import_key( key_slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1296 key->x, key->len ) == PSA_SUCCESS );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1297
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1298 TEST_ASSERT( psa_decrypt_setup( &operation,
1299 key_slot, alg ) == PSA_SUCCESS );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1300
1301 TEST_ASSERT( psa_encrypt_set_iv( &operation,
Gilles Peskine9ad29e22018-06-21 09:40:04 +0200[diff] [blame]1302 iv, iv_size ) == PSA_SUCCESS );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1303
mohammad16033d91abe2018-07-03 13:15:54 +0300[diff] [blame]1304 output_buffer_size = (size_t) input->len +
1305 PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1306 output = mbedtls_calloc( 1, output_buffer_size );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1307 TEST_ASSERT( output != NULL );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1308
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1309 TEST_ASSERT( psa_cipher_update( &operation,
1310 input->x, input->len,
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1311 output, output_buffer_size,
1312 &function_output_length ) == PSA_SUCCESS );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1313 total_output_length += function_output_length;
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1314 status = psa_cipher_finish( &operation,
1315 output + function_output_length,
1316 output_buffer_size,
1317 &function_output_length );
Gilles Peskinea7ec95f2018-06-08 14:40:59 +0200[diff] [blame]1318 total_output_length += function_output_length;
Gilles Peskineb866e2b2018-06-21 09:25:10 +0200[diff] [blame]1319 TEST_ASSERT( status == expected_status );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1320
1321 if( expected_status == PSA_SUCCESS )
1322 {
1323 TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1324 TEST_ASSERT( total_output_length == expected_output->len );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1325 TEST_ASSERT( memcmp( expected_output->x, output,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1326 expected_output->len ) == 0 );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1327 }
1328
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1329exit:
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1330 mbedtls_free( output );
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1331 psa_destroy_key( key_slot );
1332 mbedtls_psa_crypto_free( );
1333}
1334/* END_CASE */
1335
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1336/* BEGIN_CASE */
1337void cipher_verify_output( int alg_arg, int key_type_arg,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1338 data_t *key,
1339 data_t *input )
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1340{
1341 int key_slot = 1;
1342 psa_key_type_t key_type = key_type_arg;
1343 psa_algorithm_t alg = alg_arg;
mohammad1603e6b67a12018-03-12 10:38:49 -0700[diff] [blame]1344 unsigned char iv[16] = {0};
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1345 size_t iv_size = 16;
1346 size_t iv_length = 0;
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1347 unsigned char *output1 = NULL;
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1348 size_t output1_size = 0;
1349 size_t output1_length = 0;
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1350 unsigned char *output2 = NULL;
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1351 size_t output2_size = 0;
1352 size_t output2_length = 0;
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1353 size_t function_output_length = 0;
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1354 psa_cipher_operation_t operation1;
1355 psa_cipher_operation_t operation2;
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1356 psa_key_policy_t policy;
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1357
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1358 TEST_ASSERT( key != NULL );
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1359 TEST_ASSERT( input != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1360 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
1361 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1362
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1363 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1364
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1365 psa_key_policy_init( &policy );
1366 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
1367 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
1368
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1369 TEST_ASSERT( psa_import_key( key_slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1370 key->x, key->len ) == PSA_SUCCESS );
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1371
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1372 TEST_ASSERT( psa_encrypt_setup( &operation1,
1373 key_slot, alg ) == PSA_SUCCESS );
1374 TEST_ASSERT( psa_decrypt_setup( &operation2,
1375 key_slot, alg ) == PSA_SUCCESS );
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1376
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1377 TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
1378 iv, iv_size,
1379 &iv_length ) == PSA_SUCCESS );
mohammad16033d91abe2018-07-03 13:15:54 +0300[diff] [blame]1380 output1_size = (size_t) input->len +
1381 PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1382 output1 = mbedtls_calloc( 1, output1_size );
1383 TEST_ASSERT( output1 != NULL );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1384
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1385 TEST_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1386 output1, output1_size,
1387 &output1_length ) == PSA_SUCCESS );
1388 TEST_ASSERT( psa_cipher_finish( &operation1,
1389 output1 + output1_length, output1_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1390 &function_output_length ) == PSA_SUCCESS );
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1391
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1392 output1_length += function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1393
1394 TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
1395
1396 output2_size = output1_length;
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1397 output2 = mbedtls_calloc( 1, output2_size );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1398 TEST_ASSERT( output2 != NULL );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1399
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1400 TEST_ASSERT( psa_encrypt_set_iv( &operation2,
1401 iv, iv_length ) == PSA_SUCCESS );
1402 TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
1403 output2, output2_size,
1404 &output2_length ) == PSA_SUCCESS );
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1405 function_output_length = 0;
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1406 TEST_ASSERT( psa_cipher_finish( &operation2,
1407 output2 + output2_length,
1408 output2_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1409 &function_output_length ) == PSA_SUCCESS );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1410
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1411 output2_length += function_output_length;
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1412
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1413 TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
1414
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1415 TEST_ASSERT( input->len == output2_length );
1416 TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1417
1418exit:
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1419 mbedtls_free( output1 );
1420 mbedtls_free( output2 );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1421 psa_destroy_key( key_slot );
1422 mbedtls_psa_crypto_free( );
1423}
1424/* END_CASE */
1425
1426/* BEGIN_CASE */
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1427void cipher_verify_output_multipart( int alg_arg,
1428 int key_type_arg,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1429 data_t *key,
1430 data_t *input,
Gilles Peskine50e586b2018-06-08 14:28:46 +0200[diff] [blame]1431 int first_part_size )
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1432{
1433 int key_slot = 1;
1434 psa_key_type_t key_type = key_type_arg;
1435 psa_algorithm_t alg = alg_arg;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1436 unsigned char iv[16] = {0};
1437 size_t iv_size = 16;
1438 size_t iv_length = 0;
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1439 unsigned char *output1 = NULL;
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1440 size_t output1_buffer_size = 0;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1441 size_t output1_length = 0;
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1442 unsigned char *output2 = NULL;
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1443 size_t output2_buffer_size = 0;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1444 size_t output2_length = 0;
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1445 size_t function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1446 psa_cipher_operation_t operation1;
1447 psa_cipher_operation_t operation2;
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1448 psa_key_policy_t policy;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1449
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1450 TEST_ASSERT( key != NULL );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1451 TEST_ASSERT( input != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1452 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
1453 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1454
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1455 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1456
Moran Pekered346952018-07-05 15:22:45 +0300[diff] [blame^]1457 psa_key_policy_init( &policy );
1458 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
1459 TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
1460
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1461 TEST_ASSERT( psa_import_key( key_slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1462 key->x, key->len ) == PSA_SUCCESS );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1463
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1464 TEST_ASSERT( psa_encrypt_setup( &operation1,
1465 key_slot, alg ) == PSA_SUCCESS );
1466 TEST_ASSERT( psa_decrypt_setup( &operation2,
1467 key_slot, alg ) == PSA_SUCCESS );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1468
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1469 TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
1470 iv, iv_size,
1471 &iv_length ) == PSA_SUCCESS );
mohammad16033d91abe2018-07-03 13:15:54 +0300[diff] [blame]1472 output1_buffer_size = (size_t) input->len +
1473 PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1474 output1 = mbedtls_calloc( 1, output1_buffer_size );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1475 TEST_ASSERT( output1 != NULL );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1476
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1477 TEST_ASSERT( (unsigned int) first_part_size < input->len );
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1478
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1479 TEST_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1480 output1, output1_buffer_size,
1481 &function_output_length ) == PSA_SUCCESS );
1482 output1_length += function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1483
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1484 TEST_ASSERT( psa_cipher_update( &operation1,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1485 input->x + first_part_size,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1486 input->len - first_part_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1487 output1, output1_buffer_size,
1488 &function_output_length ) == PSA_SUCCESS );
1489 output1_length += function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1490
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1491 TEST_ASSERT( psa_cipher_finish( &operation1,
1492 output1 + output1_length,
1493 output1_buffer_size - output1_length,
1494 &function_output_length ) == PSA_SUCCESS );
1495 output1_length += function_output_length;
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1496
1497 TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
1498
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1499 output2_buffer_size = output1_length;
1500 output2 = mbedtls_calloc( 1, output2_buffer_size );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1501 TEST_ASSERT( output2 != NULL );
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1502
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1503 TEST_ASSERT( psa_encrypt_set_iv( &operation2,
1504 iv, iv_length ) == PSA_SUCCESS );
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1505
1506 TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1507 output2, output2_buffer_size,
1508 &function_output_length ) == PSA_SUCCESS );
1509 output2_length += function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1510
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1511 TEST_ASSERT( psa_cipher_update( &operation2,
1512 output1 + first_part_size,
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1513 output1_length - first_part_size,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1514 output2, output2_buffer_size,
1515 &function_output_length ) == PSA_SUCCESS );
1516 output2_length += function_output_length;
Moran Pekerded84402018-06-06 16:36:50 +0300[diff] [blame]1517
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1518 TEST_ASSERT( psa_cipher_finish( &operation2,
1519 output2 + output2_length,
Gilles Peskine048b7f02018-06-08 14:20:49 +0200[diff] [blame]1520 output2_buffer_size - output2_length,
1521 &function_output_length ) == PSA_SUCCESS );
1522 output2_length += function_output_length;
Gilles Peskine4ca9c3f2018-06-06 18:44:09 +0200[diff] [blame]1523
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1524 TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
1525
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1526 TEST_ASSERT( input->len == output2_length );
1527 TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 );
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1528
1529exit:
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1530 mbedtls_free( output1 );
1531 mbedtls_free( output2 );
mohammad1603d7d7ba52018-03-12 18:51:53 +0200[diff] [blame]1532 psa_destroy_key( key_slot );
1533 mbedtls_psa_crypto_free( );
1534}
1535/* END_CASE */
Gilles Peskine7268afc2018-06-06 15:19:24 +0200[diff] [blame]1536
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1537/* BEGIN_CASE */
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1538void aead_encrypt_decrypt( int key_type_arg,
1539 data_t * key_data,
1540 int alg_arg,
1541 data_t * input_data,
1542 data_t * nonce,
1543 data_t * additional_data,
1544 int expected_result_arg )
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1545{
1546 int slot = 1;
1547 psa_key_type_t key_type = key_type_arg;
1548 psa_algorithm_t alg = alg_arg;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1549 unsigned char *output_data = NULL;
1550 size_t output_size = 0;
1551 size_t output_length = 0;
1552 unsigned char *output_data2 = NULL;
1553 size_t output_length2 = 0;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1554 size_t tag_length = 16;
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1555 psa_status_t expected_result = expected_result_arg;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]1556 psa_key_policy_t policy;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1557
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1558 TEST_ASSERT( key_data != NULL );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1559 TEST_ASSERT( input_data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1560 TEST_ASSERT( nonce != NULL );
1561 TEST_ASSERT( additional_data != NULL );
1562 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
1563 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
1564 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
1565 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
1566
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1567 output_size = input_data->len + tag_length;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1568 output_data = mbedtls_calloc( 1, output_size );
1569 TEST_ASSERT( output_data != NULL );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1570
1571 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1572
1573 psa_key_policy_init( &policy );
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1574 psa_key_policy_set_usage( &policy,
1575 PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
1576 alg );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1577 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
1578
1579 TEST_ASSERT( psa_import_key( slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1580 key_data->x, key_data->len ) == PSA_SUCCESS );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1581
1582 TEST_ASSERT( psa_aead_encrypt( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1583 nonce->x, nonce->len,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1584 additional_data->x,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1585 additional_data->len,
1586 input_data->x, input_data->len,
1587 output_data, output_size,
1588 &output_length ) == expected_result );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1589
1590 if( PSA_SUCCESS == expected_result )
1591 {
1592 output_data2 = mbedtls_calloc( 1, output_length );
1593 TEST_ASSERT( output_data2 != NULL );
1594
1595 TEST_ASSERT( psa_aead_decrypt( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1596 nonce->x, nonce->len,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1597 additional_data->x,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1598 additional_data->len,
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1599 output_data, output_length,
1600 output_data2, output_length,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1601 &output_length2 ) == expected_result );
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1602
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1603 TEST_ASSERT( memcmp( input_data->x, output_data2,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1604 input_data->len ) == 0 );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1605 }
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1606
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1607exit:
1608 psa_destroy_key( slot );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1609 mbedtls_free( output_data );
1610 mbedtls_free( output_data2 );
1611 mbedtls_psa_crypto_free( );
1612}
1613/* END_CASE */
1614
1615/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1616void aead_encrypt( int key_type_arg, data_t * key_data,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1617 int alg_arg, data_t * input_data,
1618 data_t * additional_data, data_t * nonce,
1619 data_t * expected_result )
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1620{
1621 int slot = 1;
1622 psa_key_type_t key_type = key_type_arg;
1623 psa_algorithm_t alg = alg_arg;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1624 unsigned char *output_data = NULL;
1625 size_t output_size = 0;
1626 size_t output_length = 0;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1627 size_t tag_length = 16;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]1628 psa_key_policy_t policy;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1629
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1630 TEST_ASSERT( key_data != NULL );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1631 TEST_ASSERT( input_data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1632 TEST_ASSERT( additional_data != NULL );
1633 TEST_ASSERT( nonce != NULL );
1634 TEST_ASSERT( expected_result != NULL );
1635 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
1636 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
1637 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
1638 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
1639 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_result->len ) );
1640
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1641 output_size = input_data->len + tag_length;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1642 output_data = mbedtls_calloc( 1, output_size );
1643 TEST_ASSERT( output_data != NULL );
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1644
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1645 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1646
1647 psa_key_policy_init( &policy );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1648 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1649 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
1650
1651 TEST_ASSERT( psa_import_key( slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1652 key_data->x,
1653 key_data->len ) == PSA_SUCCESS );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1654
1655 TEST_ASSERT( psa_aead_encrypt( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1656 nonce->x, nonce->len,
1657 additional_data->x, additional_data->len,
1658 input_data->x, input_data->len,
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1659 output_data, output_size,
1660 &output_length ) == PSA_SUCCESS );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1661
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1662 TEST_ASSERT( memcmp( output_data, expected_result->x,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1663 output_length ) == 0 );
1664
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1665exit:
1666 psa_destroy_key( slot );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1667 mbedtls_free( output_data );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1668 mbedtls_psa_crypto_free( );
1669}
1670/* END_CASE */
1671
1672/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1673void aead_decrypt( int key_type_arg, data_t * key_data,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1674 int alg_arg, data_t * input_data,
1675 data_t * additional_data, data_t * nonce,
1676 data_t * expected_data, int expected_result_arg )
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1677{
1678 int slot = 1;
1679 psa_key_type_t key_type = key_type_arg;
1680 psa_algorithm_t alg = alg_arg;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1681 unsigned char *output_data = NULL;
1682 size_t output_size = 0;
1683 size_t output_length = 0;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1684 size_t tag_length = 16;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]1685 psa_key_policy_t policy;
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1686 psa_status_t expected_result = expected_result_arg;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1687
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1688 TEST_ASSERT( key_data != NULL );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1689 TEST_ASSERT( input_data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1690 TEST_ASSERT( additional_data != NULL );
1691 TEST_ASSERT( nonce != NULL );
1692 TEST_ASSERT( expected_data != NULL );
1693 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
1694 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
1695 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
1696 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
1697 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
1698
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1699 output_size = input_data->len + tag_length;
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1700 output_data = mbedtls_calloc( 1, output_size );
1701 TEST_ASSERT( output_data != NULL );
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1702
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1703 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1704
1705 psa_key_policy_init( &policy );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1706 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1707 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
1708
1709 TEST_ASSERT( psa_import_key( slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1710 key_data->x,
1711 key_data->len ) == PSA_SUCCESS );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1712
1713 TEST_ASSERT( psa_aead_decrypt( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1714 nonce->x, nonce->len,
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1715 additional_data->x,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1716 additional_data->len,
1717 input_data->x, input_data->len,
1718 output_data, output_size,
1719 &output_length ) == expected_result );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1720
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1721 if( expected_result == PSA_SUCCESS )
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1722 {
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1723 TEST_ASSERT( memcmp( output_data, expected_data->x,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1724 output_length ) == 0 );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1725 }
1726
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1727exit:
1728 psa_destroy_key( slot );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1729 mbedtls_free( output_data );
Gilles Peskinea1cac842018-06-11 19:33:02 +0200[diff] [blame]1730 mbedtls_psa_crypto_free( );
1731}
1732/* END_CASE */
1733
1734/* BEGIN_CASE */
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1735void signature_size( int type_arg,
1736 int bits,
1737 int alg_arg,
1738 int expected_size_arg )
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]1739{
1740 psa_key_type_t type = type_arg;
1741 psa_algorithm_t alg = alg_arg;
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1742 size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg );
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]1743 TEST_ASSERT( actual_size == (size_t) expected_size_arg );
1744exit:
1745 ;
1746}
1747/* END_CASE */
1748
1749/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1750void sign_deterministic( int key_type_arg, data_t *key_data,
1751 int alg_arg, data_t *input_data,
1752 data_t *output_data )
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]1753{
1754 int slot = 1;
1755 psa_key_type_t key_type = key_type_arg;
1756 psa_algorithm_t alg = alg_arg;
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1757 size_t key_bits;
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1758 unsigned char *signature = NULL;
1759 size_t signature_size;
1760 size_t signature_length = 0xdeadbeef;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]1761 psa_key_policy_t policy;
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1762
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1763 TEST_ASSERT( key_data != NULL );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1764 TEST_ASSERT( input_data != NULL );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1765 TEST_ASSERT( output_data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1766 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
1767 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
1768 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( output_data->len ) );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1769
1770 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1771
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]1772 psa_key_policy_init( &policy );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1773 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]1774 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
1775
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1776 TEST_ASSERT( psa_import_key( slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1777 key_data->x,
1778 key_data->len ) == PSA_SUCCESS );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1779 TEST_ASSERT( psa_get_key_information( slot,
1780 NULL,
1781 &key_bits ) == PSA_SUCCESS );
1782
Gilles Peskine860ce9d2018-06-28 12:23:00 +0200[diff] [blame]1783 /* Allocate a buffer which has the size advertized by the
1784 * library. */
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1785 signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type,
1786 key_bits, alg );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1787 TEST_ASSERT( signature_size != 0 );
Gilles Peskine69c12672018-06-28 00:07:19 +0200[diff] [blame]1788 TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1789 signature = mbedtls_calloc( 1, signature_size );
1790 TEST_ASSERT( signature != NULL );
1791
Gilles Peskine860ce9d2018-06-28 12:23:00 +0200[diff] [blame]1792 /* Perform the signature. */
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1793 TEST_ASSERT( psa_asymmetric_sign( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1794 input_data->x, input_data->len,
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1795 NULL, 0,
1796 signature, signature_size,
1797 &signature_length ) == PSA_SUCCESS );
Gilles Peskine860ce9d2018-06-28 12:23:00 +0200[diff] [blame]1798 /* Verify that the signature is correct. */
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1799 TEST_ASSERT( signature_length == output_data->len );
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1800 TEST_ASSERT( memcmp( signature, output_data->x,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1801 output_data->len ) == 0 );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1802
1803exit:
1804 psa_destroy_key( slot );
Gilles Peskine0189e752018-02-03 23:57:22 +0100[diff] [blame]1805 mbedtls_free( signature );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1806 mbedtls_psa_crypto_free( );
1807}
1808/* END_CASE */
1809
1810/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1811void sign_fail( int key_type_arg, data_t *key_data,
1812 int alg_arg, data_t *input_data,
Gilles Peskine860ce9d2018-06-28 12:23:00 +0200[diff] [blame]1813 int signature_size_arg, int expected_status_arg )
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1814{
1815 int slot = 1;
1816 psa_key_type_t key_type = key_type_arg;
1817 psa_algorithm_t alg = alg_arg;
Gilles Peskine860ce9d2018-06-28 12:23:00 +0200[diff] [blame]1818 size_t signature_size = signature_size_arg;
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1819 psa_status_t actual_status;
1820 psa_status_t expected_status = expected_status_arg;
Gilles Peskine40f68b92018-03-07 16:43:36 +0100[diff] [blame]1821 unsigned char *signature = NULL;
Gilles Peskine93aa0332018-02-03 23:58:03 +0100[diff] [blame]1822 size_t signature_length = 0xdeadbeef;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]1823 psa_key_policy_t policy;
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1824
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1825 TEST_ASSERT( key_data != NULL );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1826 TEST_ASSERT( input_data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1827 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
1828 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
1829
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1830 signature = mbedtls_calloc( 1, signature_size );
1831 TEST_ASSERT( signature != NULL );
1832
1833 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1834
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]1835 psa_key_policy_init( &policy );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1836 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
mohammad1603a97cb8c2018-03-28 03:46:26 -0700[diff] [blame]1837 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
1838
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1839 TEST_ASSERT( psa_import_key( slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1840 key_data->x,
1841 key_data->len ) == PSA_SUCCESS );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1842
1843 actual_status = psa_asymmetric_sign( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1844 input_data->x, input_data->len,
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1845 NULL, 0,
1846 signature, signature_size,
1847 &signature_length );
1848 TEST_ASSERT( actual_status == expected_status );
Gilles Peskine860ce9d2018-06-28 12:23:00 +0200[diff] [blame]1849 /* The value of *signature_length is unspecified on error, but
1850 * whatever it is, it should be less than signature_size, so that
1851 * if the caller tries to read *signature_length bytes without
1852 * checking the error code then they don't overflow a buffer. */
1853 TEST_ASSERT( signature_length <= signature_size );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1854
1855exit:
1856 psa_destroy_key( slot );
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]1857 mbedtls_free( signature );
1858 mbedtls_psa_crypto_free( );
1859}
1860/* END_CASE */
mohammad16038cc1cee2018-03-28 01:21:33 +0300[diff] [blame]1861
1862/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1863void asymmetric_verify( int key_type_arg, data_t *key_data,
1864 int alg_arg, data_t *hash_data,
1865 data_t *signature_data )
itayzafrir5c753392018-05-08 11:18:38 +0300[diff] [blame]1866{
1867 int slot = 1;
1868 psa_key_type_t key_type = key_type_arg;
1869 psa_algorithm_t alg = alg_arg;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]1870 psa_key_policy_t policy;
itayzafrir5c753392018-05-08 11:18:38 +0300[diff] [blame]1871
Gilles Peskine69c12672018-06-28 00:07:19 +0200[diff] [blame]1872 TEST_ASSERT( signature_data->len <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
1873
itayzafrir5c753392018-05-08 11:18:38 +0300[diff] [blame]1874 TEST_ASSERT( key_data != NULL );
itayzafrir5c753392018-05-08 11:18:38 +0300[diff] [blame]1875 TEST_ASSERT( hash_data != NULL );
itayzafrir5c753392018-05-08 11:18:38 +0300[diff] [blame]1876 TEST_ASSERT( signature_data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1877 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
1878 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) );
1879 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) );
itayzafrir5c753392018-05-08 11:18:38 +0300[diff] [blame]1880
1881 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1882
1883 psa_key_policy_init( &policy );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1884 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
itayzafrir5c753392018-05-08 11:18:38 +0300[diff] [blame]1885 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
1886
1887 TEST_ASSERT( psa_import_key( slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1888 key_data->x,
1889 key_data->len ) == PSA_SUCCESS );
itayzafrir5c753392018-05-08 11:18:38 +0300[diff] [blame]1890
1891 TEST_ASSERT( psa_asymmetric_verify( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1892 hash_data->x, hash_data->len,
itayzafrir5c753392018-05-08 11:18:38 +0300[diff] [blame]1893 NULL, 0,
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1894 signature_data->x,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1895 signature_data->len ) == PSA_SUCCESS );
itayzafrir5c753392018-05-08 11:18:38 +0300[diff] [blame]1896exit:
1897 psa_destroy_key( slot );
itayzafrir5c753392018-05-08 11:18:38 +0300[diff] [blame]1898 mbedtls_psa_crypto_free( );
1899}
1900/* END_CASE */
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1901
1902/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1903void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
1904 int alg_arg, data_t *hash_data,
1905 data_t *signature_data,
1906 int expected_status_arg )
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1907{
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1908 int slot = 1;
1909 psa_key_type_t key_type = key_type_arg;
1910 psa_algorithm_t alg = alg_arg;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1911 psa_status_t actual_status;
1912 psa_status_t expected_status = expected_status_arg;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]1913 psa_key_policy_t policy;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1914
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1915 TEST_ASSERT( key_data != NULL );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1916 TEST_ASSERT( hash_data != NULL );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1917 TEST_ASSERT( signature_data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1918 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
1919 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) );
1920 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1921
1922 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1923
Nir Sonnenscheind7082602018-06-04 16:45:27 +0300[diff] [blame]1924 psa_key_policy_init( &policy );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1925 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
Nir Sonnenscheind7082602018-06-04 16:45:27 +0300[diff] [blame]1926 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
1927
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1928 TEST_ASSERT( psa_import_key( slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1929 key_data->x,
1930 key_data->len ) == PSA_SUCCESS );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1931
1932 actual_status = psa_asymmetric_verify( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1933 hash_data->x, hash_data->len,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1934 NULL, 0,
1935 signature_data->x,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1936 signature_data->len );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1937
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1938 TEST_ASSERT( actual_status == expected_status );
1939
1940exit:
1941 psa_destroy_key( slot );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1942 mbedtls_psa_crypto_free( );
1943}
1944/* END_CASE */
1945
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1946/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1947void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
1948 int alg_arg, data_t *input_data )
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1949{
1950 int slot = 1;
1951 psa_key_type_t key_type = key_type_arg;
1952 psa_algorithm_t alg = alg_arg;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1953 unsigned char *output = NULL;
Nir Sonnenscheind70bc482018-06-04 16:31:13 +0300[diff] [blame]1954 size_t output_size = 0;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1955 size_t output_length = 0;
Nir Sonnenschein0f3bdbd2018-05-02 23:56:12 +0300[diff] [blame]1956 unsigned char *output2 = NULL;
Nir Sonnenscheind70bc482018-06-04 16:31:13 +0300[diff] [blame]1957 size_t output2_size = 0;
Nir Sonnenschein0f3bdbd2018-05-02 23:56:12 +0300[diff] [blame]1958 size_t output2_length = 0;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]1959 psa_key_policy_t policy;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1960
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1961 TEST_ASSERT( key_data != NULL );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1962 TEST_ASSERT( input_data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1963 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
1964 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
1965
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1966 output_size = key_data->len;
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]1967 output2_size = output_size;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1968 output = mbedtls_calloc( 1, output_size );
1969 TEST_ASSERT( output != NULL );
Nir Sonnenschein0f3bdbd2018-05-02 23:56:12 +0300[diff] [blame]1970 output2 = mbedtls_calloc( 1, output2_size );
1971 TEST_ASSERT( output2 != NULL );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1972
1973 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
1974
Nir Sonnenscheind7082602018-06-04 16:45:27 +0300[diff] [blame]1975 psa_key_policy_init( &policy );
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1976 psa_key_policy_set_usage( &policy,
1977 PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1978 alg );
Nir Sonnenscheind7082602018-06-04 16:45:27 +0300[diff] [blame]1979 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
1980
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1981 TEST_ASSERT( psa_import_key( slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1982 key_data->x,
1983 key_data->len ) == PSA_SUCCESS );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]1984
Gilles Peskineeebd7382018-06-08 18:11:54 +0200[diff] [blame]1985 /* We test encryption by checking that encrypt-then-decrypt gives back
1986 * the original plaintext because of the non-optional random
1987 * part of encryption process which prevents using fixed vectors. */
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1988 TEST_ASSERT( psa_asymmetric_encrypt( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1989 input_data->x, input_data->len,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1990 NULL, 0,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1991 output, output_size,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1992 &output_length ) == PSA_SUCCESS );
Nir Sonnenschein0f3bdbd2018-05-02 23:56:12 +0300[diff] [blame]1993
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1994 TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1995 output, output_length,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1996 NULL, 0,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]1997 output2, output2_size,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]1998 &output2_length ) == PSA_SUCCESS );
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]1999 TEST_ASSERT( memcmp( input_data->x, output2,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2000 input_data->len ) == 0 );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2001
2002exit:
2003 psa_destroy_key( slot );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]2004 mbedtls_free( output );
2005 mbedtls_free( output2 );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2006 mbedtls_psa_crypto_free( );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2007}
2008/* END_CASE */
2009
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2010/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]2011void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]2012 int alg_arg, data_t *input_data,
2013 int expected_status_arg )
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2014{
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2015 int slot = 1;
2016 psa_key_type_t key_type = key_type_arg;
2017 psa_algorithm_t alg = alg_arg;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2018 unsigned char *output = NULL;
Nir Sonnenscheind70bc482018-06-04 16:31:13 +0300[diff] [blame]2019 size_t output_size = 0;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2020 size_t output_length = 0;
2021 psa_status_t actual_status;
2022 psa_status_t expected_status = expected_status_arg;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]2023 psa_key_policy_t policy;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2024
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2025 TEST_ASSERT( key_data != NULL );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2026 TEST_ASSERT( input_data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]2027 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
2028 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
2029
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2030 output_size = key_data->len;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2031 output = mbedtls_calloc( 1, output_size );
2032 TEST_ASSERT( output != NULL );
Gilles Peskine5b051bc2018-05-31 13:25:48 +0200[diff] [blame]2033
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2034 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
2035
Nir Sonnenscheind7082602018-06-04 16:45:27 +0300[diff] [blame]2036 psa_key_policy_init( &policy );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2037 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
Nir Sonnenscheind7082602018-06-04 16:45:27 +0300[diff] [blame]2038 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
2039
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2040 TEST_ASSERT( psa_import_key( slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2041 key_data->x,
2042 key_data->len ) == PSA_SUCCESS );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2043
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]2044 actual_status = psa_asymmetric_encrypt( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2045 input_data->x, input_data->len,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]2046 NULL, 0,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2047 output, output_size,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]2048 &output_length );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2049 TEST_ASSERT( actual_status == expected_status );
2050
2051exit:
2052 psa_destroy_key( slot );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]2053 mbedtls_free( output );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2054 mbedtls_psa_crypto_free( );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2055}
2056/* END_CASE */
2057
2058/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]2059void asymmetric_decrypt( int key_type_arg, data_t *key_data,
2060 int alg_arg, data_t *input_data,
2061 data_t *expected_data, int expected_size )
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2062{
2063 int slot = 1;
2064 psa_key_type_t key_type = key_type_arg;
2065 psa_algorithm_t alg = alg_arg;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2066 unsigned char *output = NULL;
Nir Sonnenscheind70bc482018-06-04 16:31:13 +0300[diff] [blame]2067 size_t output_size = 0;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2068 size_t output_length = 0;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]2069 psa_key_policy_t policy;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2070
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2071 TEST_ASSERT( key_data != NULL );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2072 TEST_ASSERT( input_data != NULL );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2073 TEST_ASSERT( expected_data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]2074 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
2075 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
2076 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
2077
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2078 output_size = key_data->len;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2079 output = mbedtls_calloc( 1, output_size );
2080 TEST_ASSERT( output != NULL );
Gilles Peskine5b051bc2018-05-31 13:25:48 +0200[diff] [blame]2081
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2082 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
2083
Nir Sonnenscheind7082602018-06-04 16:45:27 +0300[diff] [blame]2084 psa_key_policy_init( &policy );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2085 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
Nir Sonnenscheind7082602018-06-04 16:45:27 +0300[diff] [blame]2086 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
2087
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2088 TEST_ASSERT( psa_import_key( slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2089 key_data->x,
2090 key_data->len ) == PSA_SUCCESS );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2091
Nir Sonnenschein0f3bdbd2018-05-02 23:56:12 +0300[diff] [blame]2092 TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2093 input_data->x, input_data->len,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]2094 NULL, 0,
2095 output,
2096 output_size,
2097 &output_length ) == PSA_SUCCESS );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2098 TEST_ASSERT( (size_t) expected_size == output_length );
Gilles Peskinec1bb6c82018-06-18 16:04:39 +0200[diff] [blame]2099 TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2100
2101exit:
2102 psa_destroy_key( slot );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]2103 mbedtls_free( output );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2104 mbedtls_psa_crypto_free( );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2105}
2106/* END_CASE */
2107
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2108/* BEGIN_CASE */
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]2109void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]2110 int alg_arg, data_t *input_data,
2111 int expected_status_arg )
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2112{
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2113 int slot = 1;
2114 psa_key_type_t key_type = key_type_arg;
2115 psa_algorithm_t alg = alg_arg;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2116 unsigned char *output = NULL;
Nir Sonnenscheind70bc482018-06-04 16:31:13 +0300[diff] [blame]2117 size_t output_size = 0;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2118 size_t output_length = 0;
2119 psa_status_t actual_status;
2120 psa_status_t expected_status = expected_status_arg;
Gilles Peskinedec72612018-06-18 18:12:37 +0200[diff] [blame]2121 psa_key_policy_t policy;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2122
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2123 TEST_ASSERT( key_data != NULL );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2124 TEST_ASSERT( input_data != NULL );
itayzafrir3e02b3b2018-06-12 17:06:52 +0300[diff] [blame]2125 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
2126 TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
2127
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2128 output_size = key_data->len;
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2129 output = mbedtls_calloc( 1, output_size );
2130 TEST_ASSERT( output != NULL );
Gilles Peskine5b051bc2018-05-31 13:25:48 +0200[diff] [blame]2131
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2132 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
2133
Nir Sonnenscheind7082602018-06-04 16:45:27 +0300[diff] [blame]2134 psa_key_policy_init( &policy );
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2135 psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
Nir Sonnenscheind7082602018-06-04 16:45:27 +0300[diff] [blame]2136 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
2137
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2138 TEST_ASSERT( psa_import_key( slot, key_type,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2139 key_data->x,
2140 key_data->len ) == PSA_SUCCESS );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2141
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]2142 actual_status = psa_asymmetric_decrypt( slot, alg,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2143 input_data->x, input_data->len,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]2144 NULL, 0,
Gilles Peskine4abf7412018-06-18 16:35:34 +0200[diff] [blame]2145 output, output_size,
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]2146 &output_length );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2147 TEST_ASSERT( actual_status == expected_status );
2148
2149exit:
2150 psa_destroy_key( slot );
Gilles Peskine2d277862018-06-18 15:41:12 +0200[diff] [blame]2151 mbedtls_free( output );
Nir Sonnenschein39e59142018-05-02 23:16:26 +0300[diff] [blame]2152 mbedtls_psa_crypto_free( );
2153}
Gilles Peskine5b051bc2018-05-31 13:25:48 +0200[diff] [blame]2154/* END_CASE */
Gilles Peskine05d69892018-06-19 22:00:52 +0200[diff] [blame]2155
2156/* BEGIN_CASE */
Gilles Peskinea50d7392018-06-21 10:22:13 +0200[diff] [blame]2157void generate_random( int bytes_arg )
Gilles Peskine05d69892018-06-19 22:00:52 +0200[diff] [blame]2158{
Gilles Peskinea50d7392018-06-21 10:22:13 +0200[diff] [blame]2159 size_t bytes = bytes_arg;
2160 const unsigned char trail[] = "don't overwrite me";
2161 unsigned char *output = mbedtls_calloc( 1, bytes + sizeof( trail ) );
2162 unsigned char *changed = mbedtls_calloc( 1, bytes );
2163 size_t i;
2164 unsigned run;
Gilles Peskine05d69892018-06-19 22:00:52 +0200[diff] [blame]2165
Gilles Peskinea50d7392018-06-21 10:22:13 +0200[diff] [blame]2166 TEST_ASSERT( output != NULL );
2167 TEST_ASSERT( changed != NULL );
2168 memcpy( output + bytes, trail, sizeof( trail ) );
Gilles Peskine05d69892018-06-19 22:00:52 +0200[diff] [blame]2169
2170 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
2171
Gilles Peskinea50d7392018-06-21 10:22:13 +0200[diff] [blame]2172 /* Run several times, to ensure that every output byte will be
2173 * nonzero at least once with overwhelming probability
2174 * (2^(-8*number_of_runs)). */
2175 for( run = 0; run < 10; run++ )
Gilles Peskine05d69892018-06-19 22:00:52 +0200[diff] [blame]2176 {
Gilles Peskinea50d7392018-06-21 10:22:13 +0200[diff] [blame]2177 memset( output, 0, bytes );
2178 TEST_ASSERT( psa_generate_random( output, bytes ) == PSA_SUCCESS );
2179
2180 /* Check that no more than bytes have been overwritten */
2181 TEST_ASSERT( memcmp( output + bytes, trail, sizeof( trail ) ) == 0 );
2182
2183 for( i = 0; i < bytes; i++ )
2184 {
2185 if( output[i] != 0 )
2186 ++changed[i];
2187 }
Gilles Peskine05d69892018-06-19 22:00:52 +0200[diff] [blame]2188 }
Gilles Peskinea50d7392018-06-21 10:22:13 +0200[diff] [blame]2189
2190 /* Check that every byte was changed to nonzero at least once. This
2191 * validates that psa_generate_random is overwriting every byte of
2192 * the output buffer. */
2193 for( i = 0; i < bytes; i++ )
2194 {
2195 TEST_ASSERT( changed[i] != 0 );
2196 }
Gilles Peskine05d69892018-06-19 22:00:52 +0200[diff] [blame]2197
2198exit:
2199 mbedtls_psa_crypto_free( );
Gilles Peskinea50d7392018-06-21 10:22:13 +0200[diff] [blame]2200 mbedtls_free( output );
2201 mbedtls_free( changed );
Gilles Peskine05d69892018-06-19 22:00:52 +0200[diff] [blame]2202}
2203/* END_CASE */
Gilles Peskine12313cd2018-06-20 00:20:32 +0200[diff] [blame]2204
2205/* BEGIN_CASE */
2206void generate_key( int type_arg,
2207 int bits_arg,
2208 int usage_arg,
2209 int alg_arg,
2210 int expected_status_arg )
2211{
2212 int slot = 1;
2213 psa_key_type_t type = type_arg;
2214 psa_key_usage_t usage = usage_arg;
2215 size_t bits = bits_arg;
2216 psa_algorithm_t alg = alg_arg;
2217 psa_status_t expected_status = expected_status_arg;
2218 psa_key_type_t got_type;
2219 size_t got_bits;
2220 unsigned char exported[616] = {0}; /* enough for a 1024-bit RSA key */
2221 size_t exported_length;
2222 psa_status_t expected_export_status =
2223 usage & PSA_KEY_USAGE_EXPORT ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED;
2224 psa_status_t expected_info_status =
2225 expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_EMPTY_SLOT;
2226 psa_key_policy_t policy;
2227
2228 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
2229
2230 psa_key_policy_init( &policy );
2231 psa_key_policy_set_usage( &policy, usage, alg );
2232 TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
2233
2234 /* Generate a key */
2235 TEST_ASSERT( psa_generate_key( slot, type, bits,
2236 NULL, 0 ) == expected_status );
2237
2238 /* Test the key information */
2239 TEST_ASSERT( psa_get_key_information( slot,
2240 &got_type,
2241 &got_bits ) == expected_info_status );
2242 if( expected_info_status != PSA_SUCCESS )
2243 goto exit;
2244 TEST_ASSERT( got_type == type );
2245 TEST_ASSERT( got_bits == bits );
2246
2247 /* Export the key */
2248 TEST_ASSERT( psa_export_key( slot,
2249 exported, sizeof( exported ),
2250 &exported_length ) == expected_export_status );
2251 if( expected_export_status == PSA_SUCCESS )
2252 {
Gilles Peskine48c0ea12018-06-21 14:15:31 +0200[diff] [blame]2253 if( key_type_is_raw_bytes( type ) )
Gilles Peskine12313cd2018-06-20 00:20:32 +0200[diff] [blame]2254 TEST_ASSERT( exported_length == ( bits + 7 ) / 8 );
2255#if defined(MBEDTLS_DES_C)
2256 if( type == PSA_KEY_TYPE_DES )
2257 {
2258 /* Check the parity bits. */
2259 unsigned i;
2260 for( i = 0; i < bits / 8; i++ )
2261 {
2262 unsigned bit_count = 0;
2263 unsigned m;
2264 for( m = 1; m <= 0x100; m <<= 1 )
2265 {
2266 if( exported[i] & m )
2267 ++bit_count;
2268 }
2269 TEST_ASSERT( bit_count % 2 != 0 );
2270 }
2271 }
2272#endif
2273#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
2274 if( type == PSA_KEY_TYPE_RSA_KEYPAIR )
2275 {
2276 /* Sanity check: does this look like the beginning of a PKCS#8
2277 * RSA key pair? Assumes bits is a multiple of 8. */
2278 size_t n_bytes = bits / 8 + 1;
2279 size_t n_encoded_bytes;
2280 unsigned char *n_end;
2281 TEST_ASSERT( exported_length >= 7 + ( n_bytes + 3 ) * 9 / 2 );
2282 TEST_ASSERT( exported[0] == 0x30 );
2283 TEST_ASSERT( exported[1] == 0x82 ); // assumes >=416-bit key
2284 TEST_ASSERT( exported[4] == 0x02 );
2285 TEST_ASSERT( exported[5] == 0x01 );
2286 TEST_ASSERT( exported[6] == 0x00 );
2287 TEST_ASSERT( exported[7] == 0x02 );
2288 n_encoded_bytes = exported[8];
2289 n_end = exported + 9 + n_encoded_bytes;
2290 if( n_encoded_bytes & 0x80 )
2291 {
2292 n_encoded_bytes = ( n_encoded_bytes & 0x7f ) << 7;
2293 n_encoded_bytes |= exported[9] & 0x7f;
2294 n_end += 1;
2295 }
2296 /* The encoding of n should start with a 0 byte since it should
2297 * have its high bit set. However Mbed TLS is not compliant and
2298 * generates an invalid, but widely tolerated, encoding of
2299 * positive INTEGERs with a bit size that is a multiple of 8
2300 * with no leading 0 byte. Accept this here. */
2301 TEST_ASSERT( n_bytes == n_encoded_bytes ||
2302 n_bytes == n_encoded_bytes + 1 );
2303 if( n_bytes == n_encoded_bytes )
2304 TEST_ASSERT( exported[n_encoded_bytes <= 127 ? 9 : 10] == 0x00 );
2305 /* Sanity check: e must be 3 */
2306 TEST_ASSERT( n_end[0] == 0x02 );
2307 TEST_ASSERT( n_end[1] == 0x03 );
2308 TEST_ASSERT( n_end[2] == 0x01 );
2309 TEST_ASSERT( n_end[3] == 0x00 );
2310 TEST_ASSERT( n_end[4] == 0x01 );
2311 TEST_ASSERT( n_end[5] == 0x02 );
2312 }
2313#endif /* MBEDTLS_RSA_C */
2314#if defined(MBEDTLS_ECP_C)
2315 if( PSA_KEY_TYPE_IS_ECC( type ) )
2316 {
2317 /* Sanity check: does this look like the beginning of a PKCS#8
2318 * elliptic curve key pair? */
2319 TEST_ASSERT( exported_length >= bits * 3 / 8 + 10 );
2320 TEST_ASSERT( exported[0] == 0x30 );
2321 }
2322#endif /* MBEDTLS_ECP_C */
2323 }
2324
Gilles Peskine818ca122018-06-20 18:16:48 +0200[diff] [blame]2325 /* Do something with the key according to its type and permitted usage. */
Gilles Peskine02b75072018-07-01 22:31:34 +0200[diff] [blame]2326 if( ! exercise_key( slot, usage, alg ) )
2327 goto exit;
Gilles Peskine12313cd2018-06-20 00:20:32 +0200[diff] [blame]2328
2329exit:
2330 psa_destroy_key( slot );
2331 mbedtls_psa_crypto_free( );
2332}
2333/* END_CASE */