• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /** \file psa_crypto_helpers.c
2  *
3  * \brief Helper functions to test PSA crypto functionality.
4  */
5 
6 /*
7  *  Copyright The Mbed TLS Contributors
8  *  SPDX-License-Identifier: Apache-2.0
9  *
10  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
11  *  not use this file except in compliance with the License.
12  *  You may obtain a copy of the License at
13  *
14  *  http://www.apache.org/licenses/LICENSE-2.0
15  *
16  *  Unless required by applicable law or agreed to in writing, software
17  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19  *  See the License for the specific language governing permissions and
20  *  limitations under the License.
21  */
22 
23 #include <test/helpers.h>
24 #include <test/macros.h>
25 #include <psa_crypto_slot_management.h>
26 #include <test/psa_crypto_helpers.h>
27 
28 #if defined(MBEDTLS_PSA_CRYPTO_C)
29 
30 #include <psa/crypto.h>
31 
32 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
33 
34 #include <psa_crypto_storage.h>
35 
36 static mbedtls_svc_key_id_t key_ids_used_in_test[9];
37 static size_t num_key_ids_used;
38 
mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id)39 int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id)
40 {
41     size_t i;
42     if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id) >
43         PSA_MAX_PERSISTENT_KEY_IDENTIFIER) {
44         /* Don't touch key id values that designate non-key files. */
45         return 1;
46     }
47     for (i = 0; i < num_key_ids_used; i++) {
48         if (mbedtls_svc_key_id_equal(key_id, key_ids_used_in_test[i])) {
49             return 1;
50         }
51     }
52     if (num_key_ids_used == ARRAY_LENGTH(key_ids_used_in_test)) {
53         return 0;
54     }
55     key_ids_used_in_test[num_key_ids_used] = key_id;
56     ++num_key_ids_used;
57     return 1;
58 }
59 
mbedtls_test_psa_purge_key_storage(void)60 void mbedtls_test_psa_purge_key_storage(void)
61 {
62     size_t i;
63     for (i = 0; i < num_key_ids_used; i++) {
64         psa_destroy_persistent_key(key_ids_used_in_test[i]);
65     }
66     num_key_ids_used = 0;
67 }
68 
mbedtls_test_psa_purge_key_cache(void)69 void mbedtls_test_psa_purge_key_cache(void)
70 {
71     size_t i;
72     for (i = 0; i < num_key_ids_used; i++) {
73         psa_purge_key(key_ids_used_in_test[i]);
74     }
75 }
76 
77 #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
78 
mbedtls_test_helper_is_psa_leaking(void)79 const char *mbedtls_test_helper_is_psa_leaking(void)
80 {
81     mbedtls_psa_stats_t stats;
82 
83     mbedtls_psa_get_stats(&stats);
84 
85     if (stats.volatile_slots != 0) {
86         return "A volatile slot has not been closed properly.";
87     }
88     if (stats.persistent_slots != 0) {
89         return "A persistent slot has not been closed properly.";
90     }
91     if (stats.external_slots != 0) {
92         return "An external slot has not been closed properly.";
93     }
94     if (stats.half_filled_slots != 0) {
95         return "A half-filled slot has not been cleared properly.";
96     }
97     if (stats.locked_slots != 0) {
98         return "Some slots are still marked as locked.";
99     }
100 
101     return NULL;
102 }
103 
104 #if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
105 /** Name of the file where return statuses are logged by #RECORD_STATUS. */
106 #define STATUS_LOG_FILE_NAME "statuses.log"
107 
mbedtls_test_record_status(psa_status_t status,const char * func,const char * file,int line,const char * expr)108 psa_status_t mbedtls_test_record_status(psa_status_t status,
109                                         const char *func,
110                                         const char *file, int line,
111                                         const char *expr)
112 {
113     /* We open the log file on first use.
114      * We never close the log file, so the record_status feature is not
115      * compatible with resource leak detectors such as Asan.
116      */
117     static FILE *log;
118     if (log == NULL) {
119         log = fopen(STATUS_LOG_FILE_NAME, "a");
120     }
121     fprintf(log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr);
122     return status;
123 }
124 #endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
125 
mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags)126 psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags)
127 {
128     psa_key_usage_t updated_usage = usage_flags;
129 
130     if (usage_flags & PSA_KEY_USAGE_SIGN_HASH) {
131         updated_usage |= PSA_KEY_USAGE_SIGN_MESSAGE;
132     }
133 
134     if (usage_flags & PSA_KEY_USAGE_VERIFY_HASH) {
135         updated_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE;
136     }
137 
138     return updated_usage;
139 }
140 
mbedtls_test_fail_if_psa_leaking(int line_no,const char * filename)141 int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename)
142 {
143     const char *msg = mbedtls_test_helper_is_psa_leaking();
144     if (msg == NULL) {
145         return 0;
146     } else {
147         mbedtls_test_fail(msg, line_no, filename);
148         return 1;
149     }
150 }
151 
152 #endif /* MBEDTLS_PSA_CRYPTO_C */
153