• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1/* BEGIN_HEADER */
2
3#include "psa/crypto.h"
4#include "test/psa_crypto_helpers.h"
5
6static int test_equal_status(const char *test,
7                             int line_no, const char *filename,
8                             psa_status_t value1,
9                             psa_status_t value2)
10{
11    if ((value1 == PSA_ERROR_INVALID_ARGUMENT &&
12         value2 == PSA_ERROR_NOT_SUPPORTED) ||
13        (value1 == PSA_ERROR_NOT_SUPPORTED &&
14         value2 == PSA_ERROR_INVALID_ARGUMENT)) {
15        return 1;
16    }
17    return mbedtls_test_equal(test, line_no, filename, value1, value2);
18}
19
20/** Like #TEST_EQUAL, but expects #psa_status_t values and treats
21 * #PSA_ERROR_INVALID_ARGUMENT and #PSA_ERROR_NOT_SUPPORTED as
22 * interchangeable.
23 *
24 * This test suite currently allows NOT_SUPPORTED and INVALID_ARGUMENT
25 * to be interchangeable in places where the library's behavior does not
26 * match the strict expectations of the test case generator. In the long
27 * run, it would be better to clarify the expectations and reconcile the
28 * library and the test case generator.
29 */
30#define TEST_STATUS(expr1, expr2)                                     \
31    do {                                                                \
32        if (!test_equal_status( #expr1 " == " #expr2, __LINE__, __FILE__, \
33                                expr1, expr2))                       \
34        goto exit;                                                  \
35    } while (0)
36
37/* END_HEADER */
38
39/* BEGIN_DEPENDENCIES
40 * depends_on:MBEDTLS_PSA_CRYPTO_C
41 * END_DEPENDENCIES
42 */
43
44/* BEGIN_CASE */
45void hash_fail(int alg_arg, int expected_status_arg)
46{
47    psa_status_t expected_status = expected_status_arg;
48    psa_algorithm_t alg = alg_arg;
49    psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
50    uint8_t input[1] = { 'A' };
51    uint8_t output[PSA_HASH_MAX_SIZE] = { 0 };
52    size_t length = SIZE_MAX;
53
54    PSA_INIT();
55
56    TEST_EQUAL(expected_status,
57               psa_hash_setup(&operation, alg));
58    TEST_EQUAL(expected_status,
59               psa_hash_compute(alg, input, sizeof(input),
60                                output, sizeof(output), &length));
61    TEST_EQUAL(expected_status,
62               psa_hash_compare(alg, input, sizeof(input),
63                                output, sizeof(output)));
64
65exit:
66    psa_hash_abort(&operation);
67    PSA_DONE();
68}
69/* END_CASE */
70
71/* BEGIN_CASE */
72void mac_fail(int key_type_arg, data_t *key_data,
73              int alg_arg, int expected_status_arg)
74{
75    psa_status_t expected_status = expected_status_arg;
76    psa_key_type_t key_type = key_type_arg;
77    psa_algorithm_t alg = alg_arg;
78    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
79    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
80    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
81    uint8_t input[1] = { 'A' };
82    uint8_t output[PSA_MAC_MAX_SIZE] = { 0 };
83    size_t length = SIZE_MAX;
84
85    PSA_INIT();
86
87    psa_set_key_type(&attributes, key_type);
88    psa_set_key_usage_flags(&attributes,
89                            PSA_KEY_USAGE_SIGN_HASH |
90                            PSA_KEY_USAGE_VERIFY_HASH);
91    psa_set_key_algorithm(&attributes, alg);
92    PSA_ASSERT(psa_import_key(&attributes,
93                              key_data->x, key_data->len,
94                              &key_id));
95
96    TEST_STATUS(expected_status,
97                psa_mac_sign_setup(&operation, key_id, alg));
98    TEST_STATUS(expected_status,
99                psa_mac_verify_setup(&operation, key_id, alg));
100    TEST_STATUS(expected_status,
101                psa_mac_compute(key_id, alg,
102                                input, sizeof(input),
103                                output, sizeof(output), &length));
104    TEST_STATUS(expected_status,
105                psa_mac_verify(key_id, alg,
106                               input, sizeof(input),
107                               output, sizeof(output)));
108
109exit:
110    psa_mac_abort(&operation);
111    psa_destroy_key(key_id);
112    psa_reset_key_attributes(&attributes);
113    PSA_DONE();
114}
115/* END_CASE */
116
117/* BEGIN_CASE */
118void cipher_fail(int key_type_arg, data_t *key_data,
119                 int alg_arg, int expected_status_arg)
120{
121    psa_status_t expected_status = expected_status_arg;
122    psa_key_type_t key_type = key_type_arg;
123    psa_algorithm_t alg = alg_arg;
124    psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
125    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
126    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
127    uint8_t input[1] = { 'A' };
128    uint8_t output[64] = { 0 };
129    size_t length = SIZE_MAX;
130
131    PSA_INIT();
132
133    psa_set_key_type(&attributes, key_type);
134    psa_set_key_usage_flags(&attributes,
135                            PSA_KEY_USAGE_ENCRYPT |
136                            PSA_KEY_USAGE_DECRYPT);
137    psa_set_key_algorithm(&attributes, alg);
138    PSA_ASSERT(psa_import_key(&attributes,
139                              key_data->x, key_data->len,
140                              &key_id));
141
142    TEST_STATUS(expected_status,
143                psa_cipher_encrypt_setup(&operation, key_id, alg));
144    TEST_STATUS(expected_status,
145                psa_cipher_decrypt_setup(&operation, key_id, alg));
146    TEST_STATUS(expected_status,
147                psa_cipher_encrypt(key_id, alg,
148                                   input, sizeof(input),
149                                   output, sizeof(output), &length));
150    TEST_STATUS(expected_status,
151                psa_cipher_decrypt(key_id, alg,
152                                   input, sizeof(input),
153                                   output, sizeof(output), &length));
154
155exit:
156    psa_cipher_abort(&operation);
157    psa_destroy_key(key_id);
158    psa_reset_key_attributes(&attributes);
159    PSA_DONE();
160}
161/* END_CASE */
162
163/* BEGIN_CASE */
164void aead_fail(int key_type_arg, data_t *key_data,
165               int alg_arg, int expected_status_arg)
166{
167    psa_status_t expected_status = expected_status_arg;
168    psa_key_type_t key_type = key_type_arg;
169    psa_algorithm_t alg = alg_arg;
170    psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
171    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
172    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
173    uint8_t input[16] = "ABCDEFGHIJKLMNO";
174    uint8_t output[64] = { 0 };
175    size_t length = SIZE_MAX;
176
177    PSA_INIT();
178
179    psa_set_key_type(&attributes, key_type);
180    psa_set_key_usage_flags(&attributes,
181                            PSA_KEY_USAGE_ENCRYPT |
182                            PSA_KEY_USAGE_DECRYPT);
183    psa_set_key_algorithm(&attributes, alg);
184    PSA_ASSERT(psa_import_key(&attributes,
185                              key_data->x, key_data->len,
186                              &key_id));
187
188    TEST_STATUS(expected_status,
189                psa_aead_encrypt_setup(&operation, key_id, alg));
190    TEST_STATUS(expected_status,
191                psa_aead_decrypt_setup(&operation, key_id, alg));
192    TEST_STATUS(expected_status,
193                psa_aead_encrypt(key_id, alg,
194                                 input, sizeof(input),
195                                 NULL, 0, input, sizeof(input),
196                                 output, sizeof(output), &length));
197    TEST_STATUS(expected_status,
198                psa_aead_decrypt(key_id, alg,
199                                 input, sizeof(input),
200                                 NULL, 0, input, sizeof(input),
201                                 output, sizeof(output), &length));
202
203exit:
204    psa_aead_abort(&operation);
205    psa_destroy_key(key_id);
206    psa_reset_key_attributes(&attributes);
207    PSA_DONE();
208}
209/* END_CASE */
210
211/* BEGIN_CASE */
212void sign_fail(int key_type_arg, data_t *key_data,
213               int alg_arg, int private_only,
214               int expected_status_arg)
215{
216    psa_status_t expected_status = expected_status_arg;
217    psa_key_type_t key_type = key_type_arg;
218    psa_algorithm_t alg = alg_arg;
219    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
220    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
221    uint8_t input[1] = { 'A' };
222    uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 };
223    size_t length = SIZE_MAX;
224    psa_sign_hash_interruptible_operation_t sign_operation =
225        psa_sign_hash_interruptible_operation_init();
226
227    psa_verify_hash_interruptible_operation_t verify_operation =
228        psa_verify_hash_interruptible_operation_init();
229
230
231
232    PSA_INIT();
233
234    psa_set_key_type(&attributes, key_type);
235    psa_set_key_usage_flags(&attributes,
236                            PSA_KEY_USAGE_SIGN_HASH |
237                            PSA_KEY_USAGE_VERIFY_HASH);
238    psa_set_key_algorithm(&attributes, alg);
239    PSA_ASSERT(psa_import_key(&attributes,
240                              key_data->x, key_data->len,
241                              &key_id));
242
243    TEST_STATUS(expected_status,
244                psa_sign_hash(key_id, alg,
245                              input, sizeof(input),
246                              output, sizeof(output), &length));
247
248    TEST_STATUS(expected_status,
249                psa_sign_hash_start(&sign_operation, key_id, alg,
250                                    input, sizeof(input)));
251
252    PSA_ASSERT(psa_sign_hash_abort(&sign_operation));
253
254    if (!private_only) {
255        /* Determine a plausible signature size to avoid an INVALID_SIGNATURE
256         * error based on this. */
257        PSA_ASSERT(psa_get_key_attributes(key_id, &attributes));
258        size_t key_bits = psa_get_key_bits(&attributes);
259        size_t output_length = sizeof(output);
260        if (PSA_KEY_TYPE_IS_RSA(key_type)) {
261            output_length = PSA_BITS_TO_BYTES(key_bits);
262        } else if (PSA_KEY_TYPE_IS_ECC(key_type)) {
263            output_length = 2 * PSA_BITS_TO_BYTES(key_bits);
264        }
265        TEST_ASSERT(output_length <= sizeof(output));
266        TEST_STATUS(expected_status,
267                    psa_verify_hash(key_id, alg,
268                                    input, sizeof(input),
269                                    output, output_length));
270
271        TEST_STATUS(expected_status,
272                    psa_verify_hash_start(&verify_operation, key_id, alg,
273                                          input, sizeof(input),
274                                          output, output_length));
275
276        PSA_ASSERT(psa_verify_hash_abort(&verify_operation));
277    }
278
279exit:
280    psa_destroy_key(key_id);
281    psa_reset_key_attributes(&attributes);
282    PSA_DONE();
283}
284/* END_CASE */
285
286/* BEGIN_CASE */
287void asymmetric_encryption_fail(int key_type_arg, data_t *key_data,
288                                int alg_arg, int private_only,
289                                int expected_status_arg)
290{
291    psa_status_t expected_status = expected_status_arg;
292    psa_key_type_t key_type = key_type_arg;
293    psa_algorithm_t alg = alg_arg;
294    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
295    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
296    uint8_t plaintext[PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE] = { 0 };
297    uint8_t ciphertext[PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE] = { 0 };
298    size_t length = SIZE_MAX;
299
300    PSA_INIT();
301
302    psa_set_key_type(&attributes, key_type);
303    psa_set_key_usage_flags(&attributes,
304                            PSA_KEY_USAGE_ENCRYPT |
305                            PSA_KEY_USAGE_DECRYPT);
306    psa_set_key_algorithm(&attributes, alg);
307    PSA_ASSERT(psa_import_key(&attributes,
308                              key_data->x, key_data->len,
309                              &key_id));
310
311    if (!private_only) {
312        TEST_STATUS(expected_status,
313                    psa_asymmetric_encrypt(key_id, alg,
314                                           plaintext, 1,
315                                           NULL, 0,
316                                           ciphertext, sizeof(ciphertext),
317                                           &length));
318    }
319    TEST_STATUS(expected_status,
320                psa_asymmetric_decrypt(key_id, alg,
321                                       ciphertext, sizeof(ciphertext),
322                                       NULL, 0,
323                                       plaintext, sizeof(plaintext),
324                                       &length));
325
326exit:
327    psa_destroy_key(key_id);
328    psa_reset_key_attributes(&attributes);
329    PSA_DONE();
330}
331/* END_CASE */
332
333/* BEGIN_CASE */
334void key_derivation_fail(int alg_arg, int expected_status_arg)
335{
336    psa_status_t expected_status = expected_status_arg;
337    psa_algorithm_t alg = alg_arg;
338    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
339
340    PSA_INIT();
341
342    TEST_EQUAL(expected_status,
343               psa_key_derivation_setup(&operation, alg));
344
345exit:
346    psa_key_derivation_abort(&operation);
347    PSA_DONE();
348}
349/* END_CASE */
350
351/* BEGIN_CASE */
352void key_agreement_fail(int key_type_arg, data_t *key_data,
353                        int alg_arg, int private_only,
354                        int expected_status_arg)
355{
356    psa_status_t expected_status = expected_status_arg;
357    psa_key_type_t key_type = key_type_arg;
358    psa_algorithm_t alg = alg_arg;
359    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
360    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
361    uint8_t public_key[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE] = { 0 };
362    size_t public_key_length = SIZE_MAX;
363    uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 };
364    size_t length = SIZE_MAX;
365    psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
366
367    PSA_INIT();
368
369    psa_set_key_type(&attributes, key_type);
370    psa_set_key_usage_flags(&attributes,
371                            PSA_KEY_USAGE_DERIVE);
372    psa_set_key_algorithm(&attributes, alg);
373    PSA_ASSERT(psa_import_key(&attributes,
374                              key_data->x, key_data->len,
375                              &key_id));
376    if (PSA_KEY_TYPE_IS_KEY_PAIR(key_type) ||
377        PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) {
378        PSA_ASSERT(psa_export_public_key(key_id,
379                                         public_key, sizeof(public_key),
380                                         &public_key_length));
381    }
382
383    TEST_STATUS(expected_status,
384                psa_raw_key_agreement(alg, key_id,
385                                      public_key, public_key_length,
386                                      output, sizeof(output), &length));
387
388#if defined(PSA_WANT_ALG_HKDF) && defined(PSA_WANT_ALG_SHA_256)
389    PSA_ASSERT(psa_key_derivation_setup(&operation,
390                                        PSA_ALG_HKDF(PSA_ALG_SHA_256)));
391    TEST_STATUS(expected_status,
392                psa_key_derivation_key_agreement(
393                    &operation,
394                    PSA_KEY_DERIVATION_INPUT_SECRET,
395                    key_id,
396                    public_key, public_key_length));
397#endif
398
399    /* There are no public-key operations. */
400    (void) private_only;
401
402exit:
403    psa_key_derivation_abort(&operation);
404    psa_destroy_key(key_id);
405    psa_reset_key_attributes(&attributes);
406    PSA_DONE();
407}
408/* END_CASE */
409