1/* BEGIN_HEADER */ 2#include "test/drivers/test_driver.h" 3 4#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) 5/* Sanity checks on the output of RSA encryption. 6 * 7 * \param modulus Key modulus. Must not have leading zeros. 8 * \param private_exponent Key private exponent. 9 * \param alg An RSA algorithm. 10 * \param input_data The input plaintext. 11 * \param buf The ciphertext produced by the driver. 12 * \param length Length of \p buf in bytes. 13 */ 14static int sanity_check_rsa_encryption_result( 15 psa_algorithm_t alg, 16 const data_t *modulus, const data_t *private_exponent, 17 const data_t *input_data, 18 uint8_t *buf, size_t length ) 19{ 20#if defined(MBEDTLS_BIGNUM_C) 21 mbedtls_mpi N, D, C, X; 22 mbedtls_mpi_init( &N ); 23 mbedtls_mpi_init( &D ); 24 mbedtls_mpi_init( &C ); 25 mbedtls_mpi_init( &X ); 26#endif /* MBEDTLS_BIGNUM_C */ 27 28 int ok = 0; 29 30 TEST_ASSERT( length == modulus->len ); 31 32#if defined(MBEDTLS_BIGNUM_C) 33 /* Perform the private key operation */ 34 TEST_ASSERT( mbedtls_mpi_read_binary( &N, modulus->x, modulus->len ) == 0 ); 35 TEST_ASSERT( mbedtls_mpi_read_binary( &D, 36 private_exponent->x, 37 private_exponent->len ) == 0 ); 38 TEST_ASSERT( mbedtls_mpi_read_binary( &C, buf, length ) == 0 ); 39 TEST_ASSERT( mbedtls_mpi_exp_mod( &X, &C, &D, &N, NULL ) == 0 ); 40 41 /* Sanity checks on the padded plaintext */ 42 TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, length ) == 0 ); 43 44 if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) 45 { 46 TEST_ASSERT( length > input_data->len + 2 ); 47 TEST_EQUAL( buf[0], 0x00 ); 48 TEST_EQUAL( buf[1], 0x02 ); 49 TEST_EQUAL( buf[length - input_data->len - 1], 0x00 ); 50 ASSERT_COMPARE( buf + length - input_data->len, input_data->len, 51 input_data->x, input_data->len ); 52 } 53 else if( PSA_ALG_IS_RSA_OAEP( alg ) ) 54 { 55 TEST_EQUAL( buf[0], 0x00 ); 56 /* The rest is too hard to check */ 57 } 58 else 59 { 60 TEST_ASSERT( ! "Encryption result sanity check not implemented for RSA algorithm" ); 61 } 62#endif /* MBEDTLS_BIGNUM_C */ 63 64 ok = 1; 65 66exit: 67#if defined(MBEDTLS_BIGNUM_C) 68 mbedtls_mpi_free( &N ); 69 mbedtls_mpi_free( &D ); 70 mbedtls_mpi_free( &C ); 71 mbedtls_mpi_free( &X ); 72#endif /* MBEDTLS_BIGNUM_C */ 73 return( ok ); 74} 75#endif 76/* END_HEADER */ 77 78/* BEGIN_DEPENDENCIES 79 * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_DRIVERS:PSA_CRYPTO_DRIVER_TEST 80 * END_DEPENDENCIES 81 */ 82 83/* BEGIN_CASE */ 84void sign_hash( int key_type_arg, 85 int alg_arg, 86 int force_status_arg, 87 data_t *key_input, 88 data_t *data_input, 89 data_t *expected_output, 90 int fake_output, 91 int expected_status_arg ) 92{ 93 psa_status_t force_status = force_status_arg; 94 psa_status_t expected_status = expected_status_arg; 95 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 96 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 97 psa_algorithm_t alg = alg_arg; 98 size_t key_bits; 99 psa_key_type_t key_type = key_type_arg; 100 unsigned char *signature = NULL; 101 size_t signature_size; 102 size_t signature_length = 0xdeadbeef; 103 psa_status_t actual_status; 104 mbedtls_test_driver_signature_sign_hooks = 105 mbedtls_test_driver_signature_hooks_init(); 106 107 PSA_ASSERT( psa_crypto_init( ) ); 108 psa_set_key_type( &attributes, 109 key_type ); 110 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); 111 psa_set_key_algorithm( &attributes, alg ); 112 psa_import_key( &attributes, 113 key_input->x, key_input->len, 114 &key ); 115 116 mbedtls_test_driver_signature_sign_hooks.forced_status = force_status; 117 if( fake_output == 1 ) 118 { 119 mbedtls_test_driver_signature_sign_hooks.forced_output = 120 expected_output->x; 121 mbedtls_test_driver_signature_sign_hooks.forced_output_length = 122 expected_output->len; 123 } 124 125 /* Allocate a buffer which has the size advertized by the 126 * library. */ 127 PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); 128 key_bits = psa_get_key_bits( &attributes ); 129 signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); 130 131 TEST_ASSERT( signature_size != 0 ); 132 TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); 133 ASSERT_ALLOC( signature, signature_size ); 134 135 actual_status = psa_sign_hash( key, alg, 136 data_input->x, data_input->len, 137 signature, signature_size, 138 &signature_length ); 139 TEST_EQUAL( actual_status, expected_status ); 140 if( expected_status == PSA_SUCCESS ) 141 { 142 ASSERT_COMPARE( signature, signature_length, 143 expected_output->x, expected_output->len ); 144 } 145 TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, 1 ); 146 147exit: 148 psa_reset_key_attributes( &attributes ); 149 psa_destroy_key( key ); 150 mbedtls_free( signature ); 151 PSA_DONE( ); 152 mbedtls_test_driver_signature_sign_hooks = 153 mbedtls_test_driver_signature_hooks_init(); 154} 155/* END_CASE */ 156 157/* BEGIN_CASE */ 158void verify_hash( int key_type_arg, 159 int key_type_public_arg, 160 int alg_arg, 161 int force_status_arg, 162 int register_public_key, 163 data_t *key_input, 164 data_t *data_input, 165 data_t *signature_input, 166 int expected_status_arg ) 167{ 168 psa_status_t force_status = force_status_arg; 169 psa_status_t expected_status = expected_status_arg; 170 psa_algorithm_t alg = alg_arg; 171 psa_key_type_t key_type = key_type_arg; 172 psa_key_type_t key_type_public = key_type_public_arg; 173 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 174 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 175 psa_status_t actual_status; 176 mbedtls_test_driver_signature_verify_hooks = 177 mbedtls_test_driver_signature_hooks_init(); 178 179 PSA_ASSERT( psa_crypto_init( ) ); 180 if( register_public_key ) 181 { 182 psa_set_key_type( &attributes, key_type_public ); 183 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); 184 psa_set_key_algorithm( &attributes, alg ); 185 psa_import_key( &attributes, 186 key_input->x, key_input->len, 187 &key ); 188 } 189 else 190 { 191 psa_set_key_type( &attributes, key_type ); 192 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); 193 psa_set_key_algorithm( &attributes, alg ); 194 psa_import_key( &attributes, 195 key_input->x, key_input->len, 196 &key ); 197 } 198 199 mbedtls_test_driver_signature_verify_hooks.forced_status = force_status; 200 201 actual_status = psa_verify_hash( key, alg, 202 data_input->x, data_input->len, 203 signature_input->x, signature_input->len ); 204 TEST_EQUAL( actual_status, expected_status ); 205 TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, 1 ); 206 207exit: 208 psa_reset_key_attributes( &attributes ); 209 psa_destroy_key( key ); 210 PSA_DONE( ); 211 mbedtls_test_driver_signature_verify_hooks = 212 mbedtls_test_driver_signature_hooks_init(); 213} 214/* END_CASE */ 215 216/* BEGIN_CASE */ 217void sign_message( int key_type_arg, 218 int alg_arg, 219 int force_status_arg, 220 data_t *key_input, 221 data_t *data_input, 222 data_t *expected_output, 223 int fake_output, 224 int expected_status_arg ) 225{ 226 psa_status_t force_status = force_status_arg; 227 psa_status_t expected_status = expected_status_arg; 228 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 229 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 230 psa_algorithm_t alg = alg_arg; 231 size_t key_bits; 232 psa_key_type_t key_type = key_type_arg; 233 unsigned char *signature = NULL; 234 size_t signature_size; 235 size_t signature_length = 0xdeadbeef; 236 psa_status_t actual_status; 237 mbedtls_test_driver_signature_sign_hooks = 238 mbedtls_test_driver_signature_hooks_init(); 239 240 PSA_ASSERT( psa_crypto_init( ) ); 241 psa_set_key_type( &attributes, key_type ); 242 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE ); 243 psa_set_key_algorithm( &attributes, alg ); 244 psa_import_key( &attributes, 245 key_input->x, key_input->len, 246 &key ); 247 248 mbedtls_test_driver_signature_sign_hooks.forced_status = force_status; 249 if( fake_output == 1 ) 250 { 251 mbedtls_test_driver_signature_sign_hooks.forced_output = 252 expected_output->x; 253 mbedtls_test_driver_signature_sign_hooks.forced_output_length = 254 expected_output->len; 255 } 256 257 /* Allocate a buffer which has the size advertized by the 258 * library. */ 259 PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); 260 key_bits = psa_get_key_bits( &attributes ); 261 signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); 262 263 TEST_ASSERT( signature_size != 0 ); 264 TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); 265 ASSERT_ALLOC( signature, signature_size ); 266 267 actual_status = psa_sign_message( key, alg, 268 data_input->x, data_input->len, 269 signature, signature_size, 270 &signature_length ); 271 TEST_EQUAL( actual_status, expected_status ); 272 if( expected_status == PSA_SUCCESS ) 273 { 274 ASSERT_COMPARE( signature, signature_length, 275 expected_output->x, expected_output->len ); 276 } 277 /* In the builtin algorithm the driver is called twice. */ 278 TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, 279 force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1 ); 280 281exit: 282 psa_reset_key_attributes( &attributes ); 283 psa_destroy_key( key ); 284 mbedtls_free( signature ); 285 PSA_DONE( ); 286 mbedtls_test_driver_signature_sign_hooks = 287 mbedtls_test_driver_signature_hooks_init(); 288} 289/* END_CASE */ 290 291/* BEGIN_CASE */ 292void verify_message( int key_type_arg, 293 int key_type_public_arg, 294 int alg_arg, 295 int force_status_arg, 296 int register_public_key, 297 data_t *key_input, 298 data_t *data_input, 299 data_t *signature_input, 300 int expected_status_arg ) 301{ 302 psa_status_t force_status = force_status_arg; 303 psa_status_t expected_status = expected_status_arg; 304 psa_algorithm_t alg = alg_arg; 305 psa_key_type_t key_type = key_type_arg; 306 psa_key_type_t key_type_public = key_type_public_arg; 307 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 308 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 309 psa_status_t actual_status; 310 mbedtls_test_driver_signature_verify_hooks = 311 mbedtls_test_driver_signature_hooks_init(); 312 313 PSA_ASSERT( psa_crypto_init( ) ); 314 if( register_public_key ) 315 { 316 psa_set_key_type( &attributes, key_type_public ); 317 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); 318 psa_set_key_algorithm( &attributes, alg ); 319 psa_import_key( &attributes, 320 key_input->x, key_input->len, 321 &key ); 322 } 323 else 324 { 325 psa_set_key_type( &attributes, key_type ); 326 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); 327 psa_set_key_algorithm( &attributes, alg ); 328 psa_import_key( &attributes, 329 key_input->x, key_input->len, 330 &key ); 331 } 332 333 mbedtls_test_driver_signature_verify_hooks.forced_status = force_status; 334 335 actual_status = psa_verify_message( key, alg, 336 data_input->x, data_input->len, 337 signature_input->x, signature_input->len ); 338 TEST_EQUAL( actual_status, expected_status ); 339 /* In the builtin algorithm the driver is called twice. */ 340 TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, 341 force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1 ); 342 343exit: 344 psa_reset_key_attributes( &attributes ); 345 psa_destroy_key( key ); 346 PSA_DONE( ); 347 mbedtls_test_driver_signature_verify_hooks = 348 mbedtls_test_driver_signature_hooks_init(); 349} 350/* END_CASE */ 351 352/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */ 353void generate_key( int force_status_arg, 354 data_t *fake_output, 355 int expected_status_arg ) 356{ 357 psa_status_t force_status = force_status_arg; 358 psa_status_t expected_status = expected_status_arg; 359 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 360 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 361 psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 ); 362 const uint8_t *expected_output = NULL; 363 size_t expected_output_length = 0; 364 psa_status_t actual_status; 365 uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = {0}; 366 size_t actual_output_length; 367 mbedtls_test_driver_key_management_hooks = 368 mbedtls_test_driver_key_management_hooks_init(); 369 370 psa_set_key_type( &attributes, 371 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); 372 psa_set_key_bits( &attributes, 256 ); 373 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT ); 374 psa_set_key_algorithm( &attributes, alg ); 375 376 if( fake_output->len > 0 ) 377 { 378 expected_output = 379 mbedtls_test_driver_key_management_hooks.forced_output = 380 fake_output->x; 381 382 expected_output_length = 383 mbedtls_test_driver_key_management_hooks.forced_output_length = 384 fake_output->len; 385 } 386 387 mbedtls_test_driver_key_management_hooks.hits = 0; 388 mbedtls_test_driver_key_management_hooks.forced_status = force_status; 389 390 PSA_ASSERT( psa_crypto_init( ) ); 391 392 actual_status = psa_generate_key( &attributes, &key ); 393 TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); 394 TEST_EQUAL( actual_status, expected_status ); 395 396 if( actual_status == PSA_SUCCESS ) 397 { 398 psa_export_key( key, actual_output, sizeof(actual_output), &actual_output_length ); 399 400 if( fake_output->len > 0 ) 401 { 402 ASSERT_COMPARE( actual_output, actual_output_length, 403 expected_output, expected_output_length ); 404 } 405 else 406 { 407 size_t zeroes = 0; 408 for( size_t i = 0; i < sizeof(actual_output); i++ ) 409 { 410 if( actual_output[i] == 0) 411 zeroes++; 412 } 413 TEST_ASSERT( zeroes != sizeof(actual_output) ); 414 } 415 } 416exit: 417 psa_reset_key_attributes( &attributes ); 418 psa_destroy_key( key ); 419 PSA_DONE( ); 420 mbedtls_test_driver_key_management_hooks = 421 mbedtls_test_driver_key_management_hooks_init(); 422} 423/* END_CASE */ 424 425/* BEGIN_CASE */ 426void validate_key( int force_status_arg, 427 int location, 428 int owner_id_arg, 429 int id_arg, 430 int key_type_arg, 431 data_t *key_input, 432 int expected_status_arg ) 433{ 434 psa_key_lifetime_t lifetime = 435 PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ 436 PSA_KEY_PERSISTENCE_DEFAULT, location); 437 mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); 438 psa_status_t force_status = force_status_arg; 439 psa_status_t expected_status = expected_status_arg; 440 psa_key_type_t key_type = key_type_arg; 441 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 442 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 443 psa_status_t actual_status; 444 mbedtls_test_driver_key_management_hooks = 445 mbedtls_test_driver_key_management_hooks_init(); 446 447 psa_set_key_id( &attributes, id ); 448 psa_set_key_type( &attributes, 449 key_type ); 450 psa_set_key_lifetime( &attributes, lifetime ); 451 psa_set_key_bits( &attributes, 0 ); 452 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); 453 454 mbedtls_test_driver_key_management_hooks.forced_status = force_status; 455 456 PSA_ASSERT( psa_crypto_init( ) ); 457 458 actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &key ); 459 TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); 460 TEST_EQUAL( actual_status, expected_status ); 461 TEST_EQUAL( mbedtls_test_driver_key_management_hooks.location, location ); 462exit: 463 psa_reset_key_attributes( &attributes ); 464 psa_destroy_key( key ); 465 PSA_DONE( ); 466 mbedtls_test_driver_key_management_hooks = 467 mbedtls_test_driver_key_management_hooks_init(); 468} 469/* END_CASE */ 470 471/* BEGIN_CASE */ 472void export_key( int force_status_arg, 473 data_t *fake_output, 474 int key_in_type_arg, 475 data_t *key_in, 476 int key_out_type_arg, 477 data_t *expected_output, 478 int expected_status_arg ) 479{ 480 psa_status_t force_status = force_status_arg; 481 psa_status_t expected_status = expected_status_arg; 482 psa_key_handle_t handle = 0; 483 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 484 psa_key_type_t input_key_type = key_in_type_arg; 485 psa_key_type_t output_key_type = key_out_type_arg; 486 const uint8_t *expected_output_ptr = NULL; 487 size_t expected_output_length = 0; 488 psa_status_t actual_status; 489 uint8_t actual_output[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(256)] = {0}; 490 size_t actual_output_length; 491 mbedtls_test_driver_key_management_hooks = 492 mbedtls_test_driver_key_management_hooks_init(); 493 494 psa_set_key_type( &attributes, input_key_type ); 495 psa_set_key_bits( &attributes, 256 ); 496 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); 497 498 PSA_ASSERT( psa_crypto_init( ) ); 499 PSA_ASSERT( psa_import_key( &attributes, key_in->x, key_in->len, &handle ) ); 500 501 if( fake_output->len > 0 ) 502 { 503 expected_output_ptr = 504 mbedtls_test_driver_key_management_hooks.forced_output = 505 fake_output->x; 506 507 expected_output_length = 508 mbedtls_test_driver_key_management_hooks.forced_output_length = 509 fake_output->len; 510 } 511 else 512 { 513 expected_output_ptr = expected_output->x; 514 expected_output_length = expected_output->len; 515 } 516 517 mbedtls_test_driver_key_management_hooks.hits = 0; 518 mbedtls_test_driver_key_management_hooks.forced_status = force_status; 519 520 if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) ) 521 actual_status = psa_export_public_key( handle, actual_output, sizeof(actual_output), &actual_output_length ); 522 else 523 actual_status = psa_export_key( handle, actual_output, sizeof(actual_output), &actual_output_length ); 524 TEST_EQUAL( actual_status, expected_status ); 525 526 if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) && 527 !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( input_key_type ) ) 528 TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); 529 530 if( actual_status == PSA_SUCCESS ) 531 { 532 ASSERT_COMPARE( actual_output, actual_output_length, 533 expected_output_ptr, expected_output_length ); 534 } 535exit: 536 psa_reset_key_attributes( &attributes ); 537 psa_destroy_key( handle ); 538 PSA_DONE( ); 539 mbedtls_test_driver_key_management_hooks = 540 mbedtls_test_driver_key_management_hooks_init(); 541} 542/* END_CASE */ 543 544/* BEGIN_CASE */ 545void key_agreement( int alg_arg, 546 int force_status_arg, 547 int our_key_type_arg, 548 data_t *our_key_data, 549 data_t *peer_key_data, 550 data_t *expected_output, 551 data_t* fake_output, 552 int expected_status_arg ) 553{ 554 psa_status_t force_status = force_status_arg; 555 psa_status_t expected_status = expected_status_arg; 556 psa_algorithm_t alg = alg_arg; 557 psa_key_type_t our_key_type = our_key_type_arg; 558 mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; 559 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 560 const uint8_t *expected_output_ptr = NULL; 561 size_t expected_output_length = 0; 562 unsigned char *actual_output = NULL; 563 size_t actual_output_length = ~0; 564 size_t key_bits; 565 psa_status_t actual_status; 566 mbedtls_test_driver_key_agreement_hooks = 567 mbedtls_test_driver_key_agreement_hooks_init(); 568 569 PSA_ASSERT( psa_crypto_init( ) ); 570 571 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); 572 psa_set_key_algorithm( &attributes, alg ); 573 psa_set_key_type( &attributes, our_key_type ); 574 PSA_ASSERT( psa_import_key( &attributes, 575 our_key_data->x, our_key_data->len, 576 &our_key ) ); 577 578 PSA_ASSERT( psa_get_key_attributes( our_key, &attributes ) ); 579 key_bits = psa_get_key_bits( &attributes ); 580 581 TEST_LE_U( expected_output->len, 582 PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( our_key_type, key_bits ) ); 583 TEST_LE_U( PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( our_key_type, key_bits ), 584 PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE ); 585 586 if( fake_output->len > 0 ) 587 { 588 expected_output_ptr = 589 mbedtls_test_driver_key_agreement_hooks.forced_output = 590 fake_output->x; 591 592 expected_output_length = 593 mbedtls_test_driver_key_agreement_hooks.forced_output_length = 594 fake_output->len; 595 } 596 else 597 { 598 expected_output_ptr = expected_output->x; 599 expected_output_length = expected_output->len; 600 } 601 602 mbedtls_test_driver_key_agreement_hooks.hits = 0; 603 mbedtls_test_driver_key_agreement_hooks.forced_status = force_status; 604 605 ASSERT_ALLOC( actual_output, expected_output->len ); 606 actual_status = psa_raw_key_agreement( alg, our_key, 607 peer_key_data->x, peer_key_data->len, 608 actual_output, expected_output->len, 609 &actual_output_length ) ; 610 TEST_EQUAL( actual_status, expected_status ); 611 TEST_EQUAL( mbedtls_test_driver_key_agreement_hooks.hits, 1 ); 612 613 if( actual_status == PSA_SUCCESS ) 614 { 615 ASSERT_COMPARE( actual_output, actual_output_length, 616 expected_output_ptr, expected_output_length); 617 } 618 mbedtls_free( actual_output ); 619 actual_output = NULL; 620 actual_output_length = ~0; 621 622exit: 623 psa_reset_key_attributes( &attributes ); 624 psa_destroy_key( our_key ); 625 PSA_DONE( ); 626 mbedtls_test_driver_key_agreement_hooks = 627 mbedtls_test_driver_key_agreement_hooks_init(); 628} 629 630/* END_CASE */ 631 632/* BEGIN_CASE */ 633void cipher_encrypt_validation( int alg_arg, 634 int key_type_arg, 635 data_t *key_data, 636 data_t *input ) 637{ 638 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 639 psa_key_type_t key_type = key_type_arg; 640 psa_algorithm_t alg = alg_arg; 641 size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg ); 642 unsigned char *output1 = NULL; 643 size_t output1_buffer_size = 0; 644 size_t output1_length = 0; 645 unsigned char *output2 = NULL; 646 size_t output2_buffer_size = 0; 647 size_t output2_length = 0; 648 size_t function_output_length = 0; 649 psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; 650 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 651 mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); 652 653 PSA_ASSERT( psa_crypto_init( ) ); 654 655 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); 656 psa_set_key_algorithm( &attributes, alg ); 657 psa_set_key_type( &attributes, key_type ); 658 659 output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); 660 output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + 661 PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); 662 ASSERT_ALLOC( output1, output1_buffer_size ); 663 ASSERT_ALLOC( output2, output2_buffer_size ); 664 665 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 666 &key ) ); 667 668 PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1, 669 output1_buffer_size, &output1_length ) ); 670 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 671 mbedtls_test_driver_cipher_hooks.hits = 0; 672 673 PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); 674 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 675 mbedtls_test_driver_cipher_hooks.hits = 0; 676 677 PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) ); 678 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 679 mbedtls_test_driver_cipher_hooks.hits = 0; 680 681 PSA_ASSERT( psa_cipher_update( &operation, 682 input->x, input->len, 683 output2, output2_buffer_size, 684 &function_output_length ) ); 685 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 686 mbedtls_test_driver_cipher_hooks.hits = 0; 687 688 output2_length += function_output_length; 689 PSA_ASSERT( psa_cipher_finish( &operation, 690 output2 + output2_length, 691 output2_buffer_size - output2_length, 692 &function_output_length ) ); 693 /* Finish will have called abort as well, so expecting two hits here */ 694 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); 695 mbedtls_test_driver_cipher_hooks.hits = 0; 696 697 output2_length += function_output_length; 698 699 PSA_ASSERT( psa_cipher_abort( &operation ) ); 700 // driver function should've been called as part of the finish() core routine 701 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); 702 ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size, 703 output2, output2_length ); 704 705exit: 706 psa_cipher_abort( &operation ); 707 mbedtls_free( output1 ); 708 mbedtls_free( output2 ); 709 psa_destroy_key( key ); 710 PSA_DONE( ); 711 mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); 712} 713/* END_CASE */ 714 715/* BEGIN_CASE */ 716void cipher_encrypt_multipart( int alg_arg, 717 int key_type_arg, 718 data_t *key_data, 719 data_t *iv, 720 data_t *input, 721 int first_part_size_arg, 722 int output1_length_arg, 723 int output2_length_arg, 724 data_t *expected_output, 725 int mock_output_arg, 726 int force_status_arg, 727 int expected_status_arg ) 728{ 729 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 730 psa_key_type_t key_type = key_type_arg; 731 psa_algorithm_t alg = alg_arg; 732 psa_status_t status; 733 psa_status_t expected_status = expected_status_arg; 734 psa_status_t force_status = force_status_arg; 735 size_t first_part_size = first_part_size_arg; 736 size_t output1_length = output1_length_arg; 737 size_t output2_length = output2_length_arg; 738 unsigned char *output = NULL; 739 size_t output_buffer_size = 0; 740 size_t function_output_length = 0; 741 size_t total_output_length = 0; 742 psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; 743 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 744 mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); 745 mbedtls_test_driver_cipher_hooks.forced_status = force_status; 746 747 /* Test operation initialization */ 748 mbedtls_psa_cipher_operation_t mbedtls_operation = 749 MBEDTLS_PSA_CIPHER_OPERATION_INIT; 750 751 mbedtls_transparent_test_driver_cipher_operation_t transparent_operation = 752 MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; 753 754 mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = 755 MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; 756 757 operation.ctx.mbedtls_ctx = mbedtls_operation; 758 operation.ctx.transparent_test_driver_ctx = transparent_operation; 759 operation.ctx.opaque_test_driver_ctx = opaque_operation; 760 761 PSA_ASSERT( psa_crypto_init( ) ); 762 763 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); 764 psa_set_key_algorithm( &attributes, alg ); 765 psa_set_key_type( &attributes, key_type ); 766 767 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 768 &key ) ); 769 770 PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); 771 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 772 mbedtls_test_driver_cipher_hooks.hits = 0; 773 774 PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); 775 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); 776 mbedtls_test_driver_cipher_hooks.hits = 0; 777 778 output_buffer_size = ( (size_t) input->len + 779 PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); 780 ASSERT_ALLOC( output, output_buffer_size ); 781 782 if( mock_output_arg ) 783 { 784 mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; 785 mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; 786 } 787 788 TEST_ASSERT( first_part_size <= input->len ); 789 PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, 790 output, output_buffer_size, 791 &function_output_length ) ); 792 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); 793 mbedtls_test_driver_cipher_hooks.hits = 0; 794 795 TEST_ASSERT( function_output_length == output1_length ); 796 total_output_length += function_output_length; 797 798 if( first_part_size < input->len ) 799 { 800 PSA_ASSERT( psa_cipher_update( &operation, 801 input->x + first_part_size, 802 input->len - first_part_size, 803 output + total_output_length, 804 output_buffer_size - total_output_length, 805 &function_output_length ) ); 806 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 807 mbedtls_test_driver_cipher_hooks.hits = 0; 808 809 TEST_ASSERT( function_output_length == output2_length ); 810 total_output_length += function_output_length; 811 } 812 813 if( mock_output_arg ) 814 { 815 mbedtls_test_driver_cipher_hooks.forced_output = NULL; 816 mbedtls_test_driver_cipher_hooks.forced_output_length = 0; 817 } 818 819 status = psa_cipher_finish( &operation, 820 output + total_output_length, 821 output_buffer_size - total_output_length, 822 &function_output_length ); 823 /* Finish will have called abort as well, so expecting two hits here */ 824 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); 825 mbedtls_test_driver_cipher_hooks.hits = 0 ; 826 total_output_length += function_output_length; 827 TEST_EQUAL( status, expected_status ); 828 829 if( expected_status == PSA_SUCCESS ) 830 { 831 PSA_ASSERT( psa_cipher_abort( &operation ) ); 832 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); 833 834 ASSERT_COMPARE( expected_output->x, expected_output->len, 835 output, total_output_length ); 836 } 837 838exit: 839 psa_cipher_abort( &operation ); 840 mbedtls_free( output ); 841 psa_destroy_key( key ); 842 PSA_DONE( ); 843 mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); 844} 845/* END_CASE */ 846 847/* BEGIN_CASE */ 848void cipher_decrypt_multipart( int alg_arg, 849 int key_type_arg, 850 data_t *key_data, 851 data_t *iv, 852 data_t *input, 853 int first_part_size_arg, 854 int output1_length_arg, 855 int output2_length_arg, 856 data_t *expected_output, 857 int mock_output_arg, 858 int force_status_arg, 859 int expected_status_arg ) 860{ 861 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 862 psa_key_type_t key_type = key_type_arg; 863 psa_algorithm_t alg = alg_arg; 864 psa_status_t status; 865 psa_status_t expected_status = expected_status_arg; 866 psa_status_t force_status = force_status_arg; 867 size_t first_part_size = first_part_size_arg; 868 size_t output1_length = output1_length_arg; 869 size_t output2_length = output2_length_arg; 870 unsigned char *output = NULL; 871 size_t output_buffer_size = 0; 872 size_t function_output_length = 0; 873 size_t total_output_length = 0; 874 psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; 875 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 876 mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); 877 mbedtls_test_driver_cipher_hooks.forced_status = force_status; 878 879 /* Test operation initialization */ 880 mbedtls_psa_cipher_operation_t mbedtls_operation = 881 MBEDTLS_PSA_CIPHER_OPERATION_INIT; 882 883 mbedtls_transparent_test_driver_cipher_operation_t transparent_operation = 884 MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; 885 886 mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = 887 MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; 888 889 operation.ctx.mbedtls_ctx = mbedtls_operation; 890 operation.ctx.transparent_test_driver_ctx = transparent_operation; 891 operation.ctx.opaque_test_driver_ctx = opaque_operation; 892 893 PSA_ASSERT( psa_crypto_init( ) ); 894 895 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); 896 psa_set_key_algorithm( &attributes, alg ); 897 psa_set_key_type( &attributes, key_type ); 898 899 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 900 &key ) ); 901 902 PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); 903 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 904 mbedtls_test_driver_cipher_hooks.hits = 0; 905 906 PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); 907 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); 908 mbedtls_test_driver_cipher_hooks.hits = 0; 909 910 output_buffer_size = ( (size_t) input->len + 911 PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); 912 ASSERT_ALLOC( output, output_buffer_size ); 913 914 if( mock_output_arg ) 915 { 916 mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; 917 mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; 918 } 919 920 TEST_ASSERT( first_part_size <= input->len ); 921 PSA_ASSERT( psa_cipher_update( &operation, 922 input->x, first_part_size, 923 output, output_buffer_size, 924 &function_output_length ) ); 925 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); 926 mbedtls_test_driver_cipher_hooks.hits = 0; 927 928 TEST_ASSERT( function_output_length == output1_length ); 929 total_output_length += function_output_length; 930 931 if( first_part_size < input->len ) 932 { 933 PSA_ASSERT( psa_cipher_update( &operation, 934 input->x + first_part_size, 935 input->len - first_part_size, 936 output + total_output_length, 937 output_buffer_size - total_output_length, 938 &function_output_length ) ); 939 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); 940 mbedtls_test_driver_cipher_hooks.hits = 0; 941 942 TEST_ASSERT( function_output_length == output2_length ); 943 total_output_length += function_output_length; 944 } 945 946 if( mock_output_arg ) 947 { 948 mbedtls_test_driver_cipher_hooks.forced_output = NULL; 949 mbedtls_test_driver_cipher_hooks.forced_output_length = 0; 950 } 951 952 status = psa_cipher_finish( &operation, 953 output + total_output_length, 954 output_buffer_size - total_output_length, 955 &function_output_length ); 956 /* Finish will have called abort as well, so expecting two hits here */ 957 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); 958 mbedtls_test_driver_cipher_hooks.hits = 0; 959 total_output_length += function_output_length; 960 TEST_EQUAL( status, expected_status ); 961 962 if( expected_status == PSA_SUCCESS ) 963 { 964 PSA_ASSERT( psa_cipher_abort( &operation ) ); 965 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); 966 967 ASSERT_COMPARE( expected_output->x, expected_output->len, 968 output, total_output_length ); 969 } 970 971exit: 972 psa_cipher_abort( &operation ); 973 mbedtls_free( output ); 974 psa_destroy_key( key ); 975 PSA_DONE( ); 976 mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); 977} 978/* END_CASE */ 979 980/* BEGIN_CASE */ 981void cipher_decrypt( int alg_arg, 982 int key_type_arg, 983 data_t *key_data, 984 data_t *iv, 985 data_t *input_arg, 986 data_t *expected_output, 987 int mock_output_arg, 988 int force_status_arg, 989 int expected_status_arg ) 990{ 991 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 992 psa_status_t status; 993 psa_key_type_t key_type = key_type_arg; 994 psa_algorithm_t alg = alg_arg; 995 psa_status_t expected_status = expected_status_arg; 996 psa_status_t force_status = force_status_arg; 997 unsigned char *input = NULL; 998 size_t input_buffer_size = 0; 999 unsigned char *output = NULL; 1000 size_t output_buffer_size = 0; 1001 size_t output_length = 0; 1002 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 1003 mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); 1004 mbedtls_test_driver_cipher_hooks.forced_status = force_status; 1005 1006 PSA_ASSERT( psa_crypto_init( ) ); 1007 1008 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); 1009 psa_set_key_algorithm( &attributes, alg ); 1010 psa_set_key_type( &attributes, key_type ); 1011 1012 /* Allocate input buffer and copy the iv and the plaintext */ 1013 input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); 1014 if ( input_buffer_size > 0 ) 1015 { 1016 ASSERT_ALLOC( input, input_buffer_size ); 1017 memcpy( input, iv->x, iv->len ); 1018 memcpy( input + iv->len, input_arg->x, input_arg->len ); 1019 } 1020 1021 output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); 1022 ASSERT_ALLOC( output, output_buffer_size ); 1023 1024 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 1025 &key ) ); 1026 1027 if( mock_output_arg ) 1028 { 1029 mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; 1030 mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; 1031 } 1032 1033 status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output, 1034 output_buffer_size, &output_length ); 1035 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1036 mbedtls_test_driver_cipher_hooks.hits = 0; 1037 1038 TEST_EQUAL( status, expected_status ); 1039 1040 if( expected_status == PSA_SUCCESS ) 1041 { 1042 ASSERT_COMPARE( expected_output->x, expected_output->len, 1043 output, output_length ); 1044 } 1045 1046exit: 1047 mbedtls_free( input ); 1048 mbedtls_free( output ); 1049 psa_destroy_key( key ); 1050 PSA_DONE( ); 1051 mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); 1052} 1053/* END_CASE */ 1054 1055/* BEGIN_CASE */ 1056void cipher_entry_points( int alg_arg, int key_type_arg, 1057 data_t *key_data, data_t *iv, 1058 data_t *input ) 1059{ 1060 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 1061 psa_status_t status; 1062 psa_key_type_t key_type = key_type_arg; 1063 psa_algorithm_t alg = alg_arg; 1064 unsigned char *output = NULL; 1065 size_t output_buffer_size = 0; 1066 size_t function_output_length = 0; 1067 psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; 1068 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 1069 mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); 1070 1071 ASSERT_ALLOC( output, input->len + 16 ); 1072 output_buffer_size = input->len + 16; 1073 1074 PSA_ASSERT( psa_crypto_init( ) ); 1075 1076 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); 1077 psa_set_key_algorithm( &attributes, alg ); 1078 psa_set_key_type( &attributes, key_type ); 1079 1080 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 1081 &key ) ); 1082 1083 /* 1084 * Test encrypt failure 1085 * First test that if we don't force a driver error, encryption is 1086 * successful, then force driver error. 1087 */ 1088 status = psa_cipher_encrypt( 1089 key, alg, input->x, input->len, 1090 output, output_buffer_size, &function_output_length ); 1091 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1092 TEST_EQUAL( status, PSA_SUCCESS ); 1093 mbedtls_test_driver_cipher_hooks.hits = 0; 1094 1095 mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; 1096 /* Set the output buffer in a given state. */ 1097 for( size_t i = 0; i < output_buffer_size; i++ ) 1098 output[i] = 0xa5; 1099 1100 status = psa_cipher_encrypt( 1101 key, alg, input->x, input->len, 1102 output, output_buffer_size, &function_output_length ); 1103 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1104 TEST_EQUAL( status, PSA_ERROR_GENERIC_ERROR ); 1105 /* 1106 * Check that the output buffer is still in the same state. 1107 * This will fail if the output buffer is used by the core to pass the IV 1108 * it generated to the driver (and is not restored). 1109 */ 1110 for( size_t i = 0; i < output_buffer_size; i++ ) 1111 { 1112 TEST_EQUAL( output[i], 0xa5 ); 1113 } 1114 mbedtls_test_driver_cipher_hooks.hits = 0; 1115 1116 /* Test setup call, encrypt */ 1117 mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; 1118 status = psa_cipher_encrypt_setup( &operation, key, alg ); 1119 /* When setup fails, it shouldn't call any further entry points */ 1120 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1121 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1122 mbedtls_test_driver_cipher_hooks.hits = 0; 1123 status = psa_cipher_set_iv( &operation, iv->x, iv->len ); 1124 TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); 1125 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); 1126 1127 /* Test setup call failure, decrypt */ 1128 status = psa_cipher_decrypt_setup( &operation, key, alg ); 1129 /* When setup fails, it shouldn't call any further entry points */ 1130 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1131 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1132 mbedtls_test_driver_cipher_hooks.hits = 0; 1133 status = psa_cipher_set_iv( &operation, iv->x, iv->len ); 1134 TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); 1135 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); 1136 1137 /* Test IV setting failure */ 1138 mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; 1139 status = psa_cipher_encrypt_setup( &operation, key, alg ); 1140 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1141 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1142 mbedtls_test_driver_cipher_hooks.hits = 0; 1143 1144 mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; 1145 status = psa_cipher_set_iv( &operation, iv->x, iv->len ); 1146 /* When setting the IV fails, it should call abort too */ 1147 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); 1148 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1149 /* Failure should prevent further operations from executing on the driver */ 1150 mbedtls_test_driver_cipher_hooks.hits = 0; 1151 status = psa_cipher_update( &operation, 1152 input->x, input->len, 1153 output, output_buffer_size, 1154 &function_output_length ); 1155 TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); 1156 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); 1157 psa_cipher_abort( &operation ); 1158 1159 /* Test IV generation failure */ 1160 mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; 1161 status = psa_cipher_encrypt_setup( &operation, key, alg ); 1162 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1163 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1164 mbedtls_test_driver_cipher_hooks.hits = 0; 1165 1166 mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; 1167 /* Set the output buffer in a given state. */ 1168 for( size_t i = 0; i < 16; i++ ) 1169 output[i] = 0xa5; 1170 1171 status = psa_cipher_generate_iv( &operation, output, 16, &function_output_length ); 1172 /* When generating the IV fails, it should call abort too */ 1173 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); 1174 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1175 /* 1176 * Check that the output buffer is still in the same state. 1177 * This will fail if the output buffer is used by the core to pass the IV 1178 * it generated to the driver (and is not restored). 1179 */ 1180 for( size_t i = 0; i < 16; i++ ) 1181 { 1182 TEST_EQUAL( output[i], 0xa5 ); 1183 } 1184 /* Failure should prevent further operations from executing on the driver */ 1185 mbedtls_test_driver_cipher_hooks.hits = 0; 1186 status = psa_cipher_update( &operation, 1187 input->x, input->len, 1188 output, output_buffer_size, 1189 &function_output_length ); 1190 TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); 1191 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); 1192 psa_cipher_abort( &operation ); 1193 1194 /* Test update failure */ 1195 mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; 1196 status = psa_cipher_encrypt_setup( &operation, key, alg ); 1197 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1198 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1199 mbedtls_test_driver_cipher_hooks.hits = 0; 1200 1201 status = psa_cipher_set_iv( &operation, iv->x, iv->len ); 1202 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1203 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1204 mbedtls_test_driver_cipher_hooks.hits = 0; 1205 1206 mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; 1207 status = psa_cipher_update( &operation, 1208 input->x, input->len, 1209 output, output_buffer_size, 1210 &function_output_length ); 1211 /* When the update call fails, it should call abort too */ 1212 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); 1213 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1214 /* Failure should prevent further operations from executing on the driver */ 1215 mbedtls_test_driver_cipher_hooks.hits = 0; 1216 status = psa_cipher_update( &operation, 1217 input->x, input->len, 1218 output, output_buffer_size, 1219 &function_output_length ); 1220 TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); 1221 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); 1222 psa_cipher_abort( &operation ); 1223 1224 /* Test finish failure */ 1225 mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; 1226 status = psa_cipher_encrypt_setup( &operation, key, alg ); 1227 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1228 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1229 mbedtls_test_driver_cipher_hooks.hits = 0; 1230 1231 status = psa_cipher_set_iv( &operation, iv->x, iv->len ); 1232 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1233 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1234 mbedtls_test_driver_cipher_hooks.hits = 0; 1235 1236 status = psa_cipher_update( &operation, 1237 input->x, input->len, 1238 output, output_buffer_size, 1239 &function_output_length ); 1240 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); 1241 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1242 mbedtls_test_driver_cipher_hooks.hits = 0; 1243 1244 mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; 1245 status = psa_cipher_finish( &operation, 1246 output + function_output_length, 1247 output_buffer_size - function_output_length, 1248 &function_output_length ); 1249 /* When the finish call fails, it should call abort too */ 1250 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); 1251 TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); 1252 /* Failure should prevent further operations from executing on the driver */ 1253 mbedtls_test_driver_cipher_hooks.hits = 0; 1254 status = psa_cipher_update( &operation, 1255 input->x, input->len, 1256 output, output_buffer_size, 1257 &function_output_length ); 1258 TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); 1259 TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); 1260 psa_cipher_abort( &operation ); 1261 1262exit: 1263 psa_cipher_abort( &operation ); 1264 mbedtls_free( output ); 1265 psa_destroy_key( key ); 1266 PSA_DONE( ); 1267 mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); 1268} 1269/* END_CASE */ 1270 1271/* BEGIN_CASE */ 1272void aead_encrypt( int key_type_arg, data_t *key_data, 1273 int alg_arg, 1274 data_t *nonce, 1275 data_t *additional_data, 1276 data_t *input_data, 1277 data_t *expected_result, 1278 int forced_status_arg ) 1279{ 1280 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 1281 psa_key_type_t key_type = key_type_arg; 1282 psa_algorithm_t alg = alg_arg; 1283 size_t key_bits; 1284 psa_status_t forced_status = forced_status_arg; 1285 unsigned char *output_data = NULL; 1286 size_t output_size = 0; 1287 size_t output_length = 0; 1288 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 1289 psa_status_t status = PSA_ERROR_GENERIC_ERROR; 1290 mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); 1291 1292 PSA_ASSERT( psa_crypto_init( ) ); 1293 1294 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); 1295 psa_set_key_algorithm( &attributes, alg ); 1296 psa_set_key_type( &attributes, key_type ); 1297 1298 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 1299 &key ) ); 1300 PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); 1301 key_bits = psa_get_key_bits( &attributes ); 1302 1303 output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, 1304 alg ); 1305 /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE 1306 * should be exact. */ 1307 TEST_EQUAL( output_size, 1308 PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); 1309 TEST_ASSERT( output_size <= 1310 PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); 1311 ASSERT_ALLOC( output_data, output_size ); 1312 1313 mbedtls_test_driver_aead_hooks.forced_status = forced_status; 1314 status = psa_aead_encrypt( key, alg, 1315 nonce->x, nonce->len, 1316 additional_data->x, additional_data->len, 1317 input_data->x, input_data->len, 1318 output_data, output_size, 1319 &output_length ); 1320 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_encrypt, 1 ); 1321 TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status ); 1322 1323 TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? 1324 PSA_SUCCESS : forced_status ); 1325 1326 if( status == PSA_SUCCESS ) 1327 { 1328 ASSERT_COMPARE( expected_result->x, expected_result->len, 1329 output_data, output_length ); 1330 } 1331 1332exit: 1333 psa_destroy_key( key ); 1334 mbedtls_free( output_data ); 1335 PSA_DONE( ); 1336 mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); 1337} 1338/* END_CASE */ 1339 1340/* BEGIN_CASE */ 1341void aead_decrypt( int key_type_arg, data_t *key_data, 1342 int alg_arg, 1343 data_t *nonce, 1344 data_t *additional_data, 1345 data_t *input_data, 1346 data_t *expected_data, 1347 int forced_status_arg ) 1348{ 1349 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 1350 psa_key_type_t key_type = key_type_arg; 1351 psa_algorithm_t alg = alg_arg; 1352 size_t key_bits; 1353 psa_status_t forced_status = forced_status_arg; 1354 unsigned char *output_data = NULL; 1355 size_t output_size = 0; 1356 size_t output_length = 0; 1357 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 1358 psa_status_t status = PSA_ERROR_GENERIC_ERROR; 1359 mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); 1360 1361 PSA_ASSERT( psa_crypto_init( ) ); 1362 1363 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); 1364 psa_set_key_algorithm( &attributes, alg ); 1365 psa_set_key_type( &attributes, key_type ); 1366 1367 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 1368 &key ) ); 1369 PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); 1370 key_bits = psa_get_key_bits( &attributes ); 1371 1372 output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits, 1373 alg ); 1374 ASSERT_ALLOC( output_data, output_size ); 1375 1376 mbedtls_test_driver_aead_hooks.forced_status = forced_status; 1377 status = psa_aead_decrypt( key, alg, 1378 nonce->x, nonce->len, 1379 additional_data->x, 1380 additional_data->len, 1381 input_data->x, input_data->len, 1382 output_data, output_size, 1383 &output_length ); 1384 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_decrypt, 1 ); 1385 TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status ); 1386 1387 TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? 1388 PSA_SUCCESS : forced_status ); 1389 1390 if( status == PSA_SUCCESS ) 1391 { 1392 ASSERT_COMPARE( expected_data->x, expected_data->len, 1393 output_data, output_length ); 1394 } 1395 1396exit: 1397 psa_destroy_key( key ); 1398 mbedtls_free( output_data ); 1399 PSA_DONE( ); 1400 mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); 1401} 1402/* END_CASE */ 1403 1404/* BEGIN_CASE */ 1405void mac_sign( int key_type_arg, 1406 data_t *key_data, 1407 int alg_arg, 1408 data_t *input, 1409 data_t *expected_mac, 1410 int forced_status_arg ) 1411{ 1412 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 1413 psa_key_type_t key_type = key_type_arg; 1414 psa_algorithm_t alg = alg_arg; 1415 psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; 1416 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 1417 uint8_t *actual_mac = NULL; 1418 size_t mac_buffer_size = 1419 PSA_MAC_LENGTH( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg ); 1420 size_t mac_length = 0; 1421 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1422 psa_status_t forced_status = forced_status_arg; 1423 mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); 1424 1425 TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE ); 1426 /* We expect PSA_MAC_LENGTH to be exact. */ 1427 TEST_ASSERT( expected_mac->len == mac_buffer_size ); 1428 1429 PSA_ASSERT( psa_crypto_init( ) ); 1430 1431 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); 1432 psa_set_key_algorithm( &attributes, alg ); 1433 psa_set_key_type( &attributes, key_type ); 1434 1435 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 1436 &key ) ); 1437 1438 ASSERT_ALLOC( actual_mac, mac_buffer_size ); 1439 mbedtls_test_driver_mac_hooks.forced_status = forced_status; 1440 1441 /* 1442 * Calculate the MAC, one-shot case. 1443 */ 1444 status = psa_mac_compute( key, alg, 1445 input->x, input->len, 1446 actual_mac, mac_buffer_size, 1447 &mac_length ); 1448 1449 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1450 if( forced_status == PSA_SUCCESS || 1451 forced_status == PSA_ERROR_NOT_SUPPORTED ) 1452 { 1453 PSA_ASSERT( status ); 1454 } 1455 else 1456 TEST_EQUAL( forced_status, status ); 1457 1458 PSA_ASSERT( psa_mac_abort( &operation ) ); 1459 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1460 1461 if( forced_status == PSA_SUCCESS ) 1462 { 1463 ASSERT_COMPARE( expected_mac->x, expected_mac->len, 1464 actual_mac, mac_length ); 1465 } 1466 1467 mbedtls_free( actual_mac ); 1468 actual_mac = NULL; 1469 1470exit: 1471 psa_mac_abort( &operation ); 1472 psa_destroy_key( key ); 1473 PSA_DONE( ); 1474 mbedtls_free( actual_mac ); 1475 mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); 1476} 1477/* END_CASE */ 1478 1479/* BEGIN_CASE */ 1480void mac_sign_multipart( int key_type_arg, 1481 data_t *key_data, 1482 int alg_arg, 1483 data_t *input, 1484 data_t *expected_mac, 1485 int fragments_count, 1486 int forced_status_arg ) 1487{ 1488 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 1489 psa_key_type_t key_type = key_type_arg; 1490 psa_algorithm_t alg = alg_arg; 1491 psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; 1492 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 1493 uint8_t *actual_mac = NULL; 1494 size_t mac_buffer_size = 1495 PSA_MAC_LENGTH( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg ); 1496 size_t mac_length = 0; 1497 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 1498 psa_status_t forced_status = forced_status_arg; 1499 uint8_t *input_x = input->x; 1500 mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); 1501 1502 TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE ); 1503 /* We expect PSA_MAC_LENGTH to be exact. */ 1504 TEST_ASSERT( expected_mac->len == mac_buffer_size ); 1505 1506 PSA_ASSERT( psa_crypto_init( ) ); 1507 1508 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); 1509 psa_set_key_algorithm( &attributes, alg ); 1510 psa_set_key_type( &attributes, key_type ); 1511 1512 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 1513 &key ) ); 1514 1515 ASSERT_ALLOC( actual_mac, mac_buffer_size ); 1516 mbedtls_test_driver_mac_hooks.forced_status = forced_status; 1517 1518 /* 1519 * Calculate the MAC, multipart case. 1520 */ 1521 status = psa_mac_sign_setup( &operation, key, alg ); 1522 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1523 1524 if( forced_status == PSA_SUCCESS || 1525 forced_status == PSA_ERROR_NOT_SUPPORTED ) 1526 { 1527 PSA_ASSERT( status ); 1528 } 1529 else 1530 TEST_EQUAL( forced_status, status ); 1531 1532 if ( fragments_count ) 1533 { 1534 TEST_ASSERT( ( input->len / fragments_count ) > 0 ); 1535 } 1536 1537 for ( int i = 0; i < fragments_count; i++) 1538 { 1539 int fragment_size = input->len / fragments_count; 1540 if ( i == fragments_count - 1 ) 1541 fragment_size += ( input->len % fragments_count ); 1542 1543 status = psa_mac_update( &operation, 1544 input_x, fragment_size ); 1545 if( forced_status == PSA_SUCCESS ) 1546 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 + i ); 1547 else 1548 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1549 if( forced_status == PSA_SUCCESS || 1550 forced_status == PSA_ERROR_NOT_SUPPORTED ) 1551 { 1552 PSA_ASSERT( status ); 1553 } 1554 else 1555 TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); 1556 input_x += fragment_size; 1557 } 1558 1559 status = psa_mac_sign_finish( &operation, 1560 actual_mac, mac_buffer_size, 1561 &mac_length ); 1562 if( forced_status == PSA_SUCCESS ) 1563 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 3 + fragments_count ); 1564 else 1565 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1566 1567 if( forced_status == PSA_SUCCESS || 1568 forced_status == PSA_ERROR_NOT_SUPPORTED ) 1569 { 1570 PSA_ASSERT( status ); 1571 } 1572 else 1573 TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); 1574 1575 PSA_ASSERT( psa_mac_abort( &operation ) ); 1576 if( forced_status == PSA_SUCCESS ) 1577 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 3 + fragments_count ); 1578 else 1579 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1580 1581 if( forced_status == PSA_SUCCESS ) 1582 { 1583 ASSERT_COMPARE( expected_mac->x, expected_mac->len, 1584 actual_mac, mac_length ); 1585 } 1586 1587 mbedtls_free( actual_mac ); 1588 actual_mac = NULL; 1589 1590exit: 1591 psa_mac_abort( &operation ); 1592 psa_destroy_key( key ); 1593 PSA_DONE( ); 1594 mbedtls_free( actual_mac ); 1595 mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); 1596} 1597/* END_CASE */ 1598 1599/* BEGIN_CASE */ 1600void mac_verify( int key_type_arg, 1601 data_t *key_data, 1602 int alg_arg, 1603 data_t *input, 1604 data_t *expected_mac, 1605 int forced_status_arg ) 1606{ 1607 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 1608 psa_key_type_t key_type = key_type_arg; 1609 psa_algorithm_t alg = alg_arg; 1610 psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; 1611 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 1612 psa_status_t status = PSA_ERROR_GENERIC_ERROR; 1613 psa_status_t forced_status = forced_status_arg; 1614 mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); 1615 1616 TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE ); 1617 1618 PSA_ASSERT( psa_crypto_init( ) ); 1619 1620 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); 1621 psa_set_key_algorithm( &attributes, alg ); 1622 psa_set_key_type( &attributes, key_type ); 1623 1624 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 1625 &key ) ); 1626 1627 mbedtls_test_driver_mac_hooks.forced_status = forced_status; 1628 1629 /* 1630 * Verify the MAC, one-shot case. 1631 */ 1632 status = psa_mac_verify( key, alg, 1633 input->x, input->len, 1634 expected_mac->x, expected_mac->len ); 1635 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1636 if( forced_status == PSA_SUCCESS || 1637 forced_status == PSA_ERROR_NOT_SUPPORTED ) 1638 { 1639 PSA_ASSERT( status ); 1640 } 1641 else 1642 TEST_EQUAL( forced_status, status ); 1643 1644 PSA_ASSERT( psa_mac_abort( &operation ) ); 1645 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1646exit: 1647 psa_mac_abort( &operation ); 1648 psa_destroy_key( key ); 1649 PSA_DONE( ); 1650 mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); 1651} 1652/* END_CASE */ 1653 1654/* BEGIN_CASE */ 1655void mac_verify_multipart( int key_type_arg, 1656 data_t *key_data, 1657 int alg_arg, 1658 data_t *input, 1659 data_t *expected_mac, 1660 int fragments_count, 1661 int forced_status_arg ) 1662{ 1663 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 1664 psa_key_type_t key_type = key_type_arg; 1665 psa_algorithm_t alg = alg_arg; 1666 psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; 1667 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 1668 psa_status_t status = PSA_ERROR_GENERIC_ERROR; 1669 psa_status_t forced_status = forced_status_arg; 1670 uint8_t *input_x = input->x; 1671 mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); 1672 1673 TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE ); 1674 1675 PSA_ASSERT( psa_crypto_init( ) ); 1676 1677 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); 1678 psa_set_key_algorithm( &attributes, alg ); 1679 psa_set_key_type( &attributes, key_type ); 1680 1681 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 1682 &key ) ); 1683 1684 mbedtls_test_driver_mac_hooks.forced_status = forced_status; 1685 1686 /* 1687 * Verify the MAC, multi-part case. 1688 */ 1689 status = psa_mac_verify_setup( &operation, key, alg ); 1690 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1691 1692 if( forced_status == PSA_SUCCESS || 1693 forced_status == PSA_ERROR_NOT_SUPPORTED ) 1694 { 1695 PSA_ASSERT( status ); 1696 } 1697 else 1698 TEST_EQUAL( forced_status, status ); 1699 1700 if ( fragments_count ) 1701 { 1702 TEST_ASSERT( ( input->len / fragments_count ) > 0 ); 1703 } 1704 1705 for ( int i = 0; i < fragments_count; i++) 1706 { 1707 int fragment_size = input->len / fragments_count; 1708 if ( i == fragments_count - 1 ) 1709 fragment_size += ( input->len % fragments_count ); 1710 1711 status = psa_mac_update( &operation, 1712 input_x, fragment_size ); 1713 if( forced_status == PSA_SUCCESS ) 1714 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 + i ); 1715 else 1716 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1717 1718 if( forced_status == PSA_SUCCESS || 1719 forced_status == PSA_ERROR_NOT_SUPPORTED ) 1720 { 1721 PSA_ASSERT( status ); 1722 } 1723 else 1724 TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); 1725 input_x += fragment_size; 1726 } 1727 1728 status = psa_mac_verify_finish( &operation, 1729 expected_mac->x, 1730 expected_mac->len ); 1731 if( forced_status == PSA_SUCCESS ) 1732 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 3 + fragments_count ); 1733 else 1734 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1735 1736 if( forced_status == PSA_SUCCESS || 1737 forced_status == PSA_ERROR_NOT_SUPPORTED ) 1738 { 1739 PSA_ASSERT( status ); 1740 } 1741 else 1742 TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); 1743 1744 1745 PSA_ASSERT( psa_mac_abort( &operation ) ); 1746 if( forced_status == PSA_SUCCESS ) 1747 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 3 + fragments_count ); 1748 else 1749 TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); 1750 1751exit: 1752 psa_mac_abort( &operation ); 1753 psa_destroy_key( key ); 1754 PSA_DONE( ); 1755 mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); 1756} 1757/* END_CASE */ 1758 1759/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ 1760void builtin_key_export( int builtin_key_id_arg, 1761 int builtin_key_type_arg, 1762 int builtin_key_bits_arg, 1763 int builtin_key_algorithm_arg, 1764 data_t *expected_output, 1765 int expected_status_arg ) 1766{ 1767 psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg; 1768 psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg; 1769 psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg; 1770 size_t builtin_key_bits = (size_t) builtin_key_bits_arg; 1771 psa_status_t expected_status = expected_status_arg; 1772 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 1773 1774 mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id ); 1775 uint8_t* output_buffer = NULL; 1776 size_t output_size = 0; 1777 psa_status_t actual_status; 1778 1779 PSA_ASSERT( psa_crypto_init( ) ); 1780 ASSERT_ALLOC( output_buffer, expected_output->len ); 1781 1782 actual_status = psa_export_key( key, output_buffer, expected_output->len, &output_size ); 1783 1784 if( expected_status == PSA_SUCCESS ) 1785 { 1786 PSA_ASSERT( actual_status ); 1787 TEST_EQUAL( output_size, expected_output->len ); 1788 ASSERT_COMPARE( output_buffer, output_size, 1789 expected_output->x, expected_output->len ); 1790 1791 PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); 1792 TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits ); 1793 TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type ); 1794 TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg ); 1795 } 1796 else 1797 { 1798 if( actual_status != expected_status ) 1799 fprintf( stderr, "Expected %d but got %d\n", expected_status, actual_status ); 1800 TEST_EQUAL( actual_status, expected_status ); 1801 TEST_EQUAL( output_size, 0 ); 1802 } 1803 1804exit: 1805 mbedtls_free( output_buffer ); 1806 psa_reset_key_attributes( &attributes ); 1807 psa_destroy_key( key ); 1808 PSA_DONE( ); 1809} 1810/* END_CASE */ 1811 1812/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ 1813void builtin_pubkey_export( int builtin_key_id_arg, 1814 int builtin_key_type_arg, 1815 int builtin_key_bits_arg, 1816 int builtin_key_algorithm_arg, 1817 data_t *expected_output, 1818 int expected_status_arg ) 1819{ 1820 psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg; 1821 psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg; 1822 psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg; 1823 size_t builtin_key_bits = (size_t) builtin_key_bits_arg; 1824 psa_status_t expected_status = expected_status_arg; 1825 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 1826 1827 mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id ); 1828 uint8_t* output_buffer = NULL; 1829 size_t output_size = 0; 1830 psa_status_t actual_status; 1831 1832 PSA_ASSERT( psa_crypto_init( ) ); 1833 ASSERT_ALLOC( output_buffer, expected_output->len ); 1834 1835 actual_status = psa_export_public_key( key, output_buffer, expected_output->len, &output_size ); 1836 1837 if( expected_status == PSA_SUCCESS ) 1838 { 1839 PSA_ASSERT( actual_status ); 1840 TEST_EQUAL( output_size, expected_output->len ); 1841 ASSERT_COMPARE( output_buffer, output_size, 1842 expected_output->x, expected_output->len ); 1843 1844 PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); 1845 TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits ); 1846 TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type ); 1847 TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg ); 1848 } 1849 else 1850 { 1851 TEST_EQUAL( actual_status, expected_status ); 1852 TEST_EQUAL( output_size, 0 ); 1853 } 1854 1855exit: 1856 mbedtls_free( output_buffer ); 1857 psa_reset_key_attributes( &attributes ); 1858 psa_destroy_key( key ); 1859 PSA_DONE( ); 1860} 1861/* END_CASE */ 1862 1863/* BEGIN_CASE */ 1864void hash_compute( int alg_arg, 1865 data_t *input, data_t *hash, 1866 int forced_status_arg, 1867 int expected_status_arg ) 1868{ 1869 psa_algorithm_t alg = alg_arg; 1870 psa_status_t forced_status = forced_status_arg; 1871 psa_status_t expected_status = expected_status_arg; 1872 unsigned char *output = NULL; 1873 size_t output_length; 1874 1875 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 1876 mbedtls_test_driver_hash_hooks.forced_status = forced_status; 1877 1878 PSA_ASSERT( psa_crypto_init( ) ); 1879 ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); 1880 1881 TEST_EQUAL( psa_hash_compute( alg, input->x, input->len, 1882 output, PSA_HASH_LENGTH( alg ), 1883 &output_length ), expected_status ); 1884 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); 1885 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); 1886 1887 if( expected_status == PSA_SUCCESS ) 1888 { 1889 ASSERT_COMPARE( output, output_length, hash->x, hash->len ); 1890 } 1891 1892exit: 1893 mbedtls_free( output ); 1894 PSA_DONE( ); 1895 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 1896} 1897/* END_CASE */ 1898 1899/* BEGIN_CASE */ 1900void hash_multipart_setup( int alg_arg, 1901 data_t *input, data_t *hash, 1902 int forced_status_arg, 1903 int expected_status_arg ) 1904{ 1905 psa_algorithm_t alg = alg_arg; 1906 psa_status_t forced_status = forced_status_arg; 1907 psa_status_t expected_status = expected_status_arg; 1908 unsigned char *output = NULL; 1909 psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; 1910 size_t output_length; 1911 1912 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 1913 ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); 1914 1915 PSA_ASSERT( psa_crypto_init( ) ); 1916 1917 mbedtls_test_driver_hash_hooks.forced_status = forced_status; 1918 TEST_EQUAL( psa_hash_setup( &operation, alg ), expected_status ); 1919 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); 1920 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); 1921 1922 if( expected_status == PSA_SUCCESS ) 1923 { 1924 PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); 1925 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1926 forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 2 ); 1927 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); 1928 1929 PSA_ASSERT( psa_hash_finish( &operation, 1930 output, PSA_HASH_LENGTH( alg ), 1931 &output_length ) ); 1932 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1933 forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4 ); 1934 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); 1935 1936 ASSERT_COMPARE( output, output_length, hash->x, hash->len ); 1937 } 1938 1939exit: 1940 psa_hash_abort( &operation ); 1941 mbedtls_free( output ); 1942 PSA_DONE( ); 1943 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 1944} 1945/* END_CASE */ 1946 1947/* BEGIN_CASE */ 1948void hash_multipart_update( int alg_arg, 1949 data_t *input, data_t *hash, 1950 int forced_status_arg ) 1951{ 1952 psa_algorithm_t alg = alg_arg; 1953 psa_status_t forced_status = forced_status_arg; 1954 unsigned char *output = NULL; 1955 psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; 1956 size_t output_length; 1957 1958 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 1959 ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); 1960 1961 PSA_ASSERT( psa_crypto_init( ) ); 1962 1963 /* 1964 * Update inactive operation, the driver shouldn't be called. 1965 */ 1966 TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), 1967 PSA_ERROR_BAD_STATE ); 1968 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); 1969 1970 PSA_ASSERT( psa_hash_setup( &operation, alg ) ); 1971 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); 1972 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); 1973 1974 mbedtls_test_driver_hash_hooks.forced_status = forced_status; 1975 TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), 1976 forced_status ); 1977 /* One or two more calls to the driver interface: update or update + abort */ 1978 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1979 forced_status == PSA_SUCCESS ? 2 : 3 ); 1980 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); 1981 1982 if( forced_status == PSA_SUCCESS ) 1983 { 1984 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 1985 PSA_ASSERT( psa_hash_finish( &operation, 1986 output, PSA_HASH_LENGTH( alg ), 1987 &output_length ) ); 1988 /* Two calls to the driver interface: update + abort */ 1989 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); 1990 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); 1991 1992 ASSERT_COMPARE( output, output_length, hash->x, hash->len ); 1993 } 1994 1995exit: 1996 psa_hash_abort( &operation ); 1997 mbedtls_free( output ); 1998 PSA_DONE( ); 1999 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 2000} 2001/* END_CASE */ 2002 2003/* BEGIN_CASE */ 2004void hash_multipart_finish( int alg_arg, 2005 data_t *input, data_t *hash, 2006 int forced_status_arg ) 2007{ 2008 psa_algorithm_t alg = alg_arg; 2009 psa_status_t forced_status = forced_status_arg; 2010 unsigned char *output = NULL; 2011 psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; 2012 size_t output_length; 2013 2014 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 2015 ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); 2016 2017 PSA_ASSERT( psa_crypto_init( ) ); 2018 2019 /* 2020 * Finish inactive operation, the driver shouldn't be called. 2021 */ 2022 TEST_EQUAL( psa_hash_finish( &operation, output, PSA_HASH_LENGTH( alg ), 2023 &output_length ), 2024 PSA_ERROR_BAD_STATE ); 2025 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); 2026 2027 PSA_ASSERT( psa_hash_setup( &operation, alg ) ); 2028 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); 2029 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); 2030 2031 PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); 2032 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); 2033 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); 2034 2035 mbedtls_test_driver_hash_hooks.forced_status = forced_status; 2036 TEST_EQUAL( psa_hash_finish( &operation, 2037 output, PSA_HASH_LENGTH( alg ), 2038 &output_length ), 2039 forced_status ); 2040 /* Two more calls to the driver interface: finish + abort */ 2041 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 4 ); 2042 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); 2043 2044 if( forced_status == PSA_SUCCESS ) 2045 ASSERT_COMPARE( output, output_length, hash->x, hash->len ); 2046 2047exit: 2048 psa_hash_abort( &operation ); 2049 mbedtls_free( output ); 2050 PSA_DONE( ); 2051 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 2052} 2053/* END_CASE */ 2054 2055/* BEGIN_CASE */ 2056void hash_clone( int alg_arg, 2057 data_t *input, data_t *hash, 2058 int forced_status_arg ) 2059{ 2060 psa_algorithm_t alg = alg_arg; 2061 psa_status_t forced_status = forced_status_arg; 2062 unsigned char *output = NULL; 2063 psa_hash_operation_t source_operation = PSA_HASH_OPERATION_INIT; 2064 psa_hash_operation_t target_operation = PSA_HASH_OPERATION_INIT; 2065 size_t output_length; 2066 2067 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 2068 ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); 2069 2070 PSA_ASSERT( psa_crypto_init( ) ); 2071 2072 /* 2073 * Clone inactive operation, the driver shouldn't be called. 2074 */ 2075 TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), 2076 PSA_ERROR_BAD_STATE ); 2077 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); 2078 2079 PSA_ASSERT( psa_hash_setup( &source_operation, alg ) ); 2080 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); 2081 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); 2082 2083 mbedtls_test_driver_hash_hooks.forced_status = forced_status; 2084 TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), 2085 forced_status ); 2086 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2087 forced_status == PSA_SUCCESS ? 2 : 3 ); 2088 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); 2089 2090 if( forced_status == PSA_SUCCESS ) 2091 { 2092 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 2093 PSA_ASSERT( psa_hash_update( &target_operation, 2094 input->x, input->len ) ); 2095 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); 2096 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); 2097 2098 PSA_ASSERT( psa_hash_finish( &target_operation, 2099 output, PSA_HASH_LENGTH( alg ), 2100 &output_length ) ); 2101 TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 3 ); 2102 TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); 2103 2104 ASSERT_COMPARE( output, output_length, hash->x, hash->len ); 2105 } 2106 2107exit: 2108 psa_hash_abort( &source_operation ); 2109 psa_hash_abort( &target_operation ); 2110 mbedtls_free( output ); 2111 PSA_DONE( ); 2112 mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); 2113} 2114/* END_CASE */ 2115 2116/* BEGIN_CASE */ 2117void asymmetric_encrypt_decrypt( int alg_arg, 2118 data_t *key_data, 2119 data_t *input_data, 2120 data_t *label, 2121 data_t *fake_output_encrypt, 2122 data_t *fake_output_decrypt, 2123 int forced_status_encrypt_arg, 2124 int forced_status_decrypt_arg, 2125 int expected_status_encrypt_arg, 2126 int expected_status_decrypt_arg ) 2127{ 2128 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 2129 psa_key_type_t key_type = PSA_KEY_TYPE_RSA_KEY_PAIR; 2130 psa_algorithm_t alg = alg_arg; 2131 size_t key_bits; 2132 unsigned char *output = NULL; 2133 size_t output_size; 2134 size_t output_length = ~0; 2135 unsigned char *output2 = NULL; 2136 size_t output2_size; 2137 size_t output2_length = ~0; 2138 psa_status_t forced_status_encrypt = forced_status_encrypt_arg; 2139 psa_status_t forced_status_decrypt = forced_status_decrypt_arg; 2140 psa_status_t expected_status_encrypt = expected_status_encrypt_arg; 2141 psa_status_t expected_status_decrypt = expected_status_decrypt_arg; 2142 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 2143 2144 PSA_ASSERT( psa_crypto_init( ) ); 2145 mbedtls_test_driver_asymmetric_encryption_hooks = 2146 mbedtls_test_driver_asymmetric_encryption_hooks_init(); 2147 2148 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); 2149 psa_set_key_algorithm( &attributes, alg ); 2150 psa_set_key_type( &attributes, key_type ); 2151 2152 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 2153 &key ) ); 2154 2155 /* Determine the maximum ciphertext length */ 2156 PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); 2157 key_bits = psa_get_key_bits( &attributes ); 2158 2159 mbedtls_test_driver_asymmetric_encryption_hooks.forced_status = 2160 forced_status_encrypt; 2161 if ( fake_output_encrypt->len > 0 ) 2162 { 2163 mbedtls_test_driver_asymmetric_encryption_hooks.forced_output = 2164 fake_output_encrypt->x; 2165 mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length = 2166 fake_output_encrypt->len; 2167 output_size = fake_output_encrypt->len; 2168 ASSERT_ALLOC( output, output_size ); 2169 } 2170 else 2171 { 2172 output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); 2173 TEST_ASSERT( output_size <= PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE ); 2174 ASSERT_ALLOC( output, output_size ); 2175 } 2176 2177 /* We test encryption by checking that encrypt-then-decrypt gives back 2178 * the original plaintext because of the non-optional random 2179 * part of encryption process which prevents using fixed vectors. */ 2180 TEST_EQUAL( psa_asymmetric_encrypt( key, alg, 2181 input_data->x, input_data->len, 2182 label->x, label->len, 2183 output, output_size, 2184 &output_length ), expected_status_encrypt ); 2185 /* We don't know what ciphertext length to expect, but check that 2186 * it looks sensible. */ 2187 TEST_ASSERT( output_length <= output_size ); 2188 2189 if ( expected_status_encrypt == PSA_SUCCESS ) 2190 { 2191 if ( fake_output_encrypt->len > 0 ) 2192 ASSERT_COMPARE( fake_output_encrypt->x, fake_output_encrypt->len, 2193 output, output_length ); 2194 else 2195 { 2196 mbedtls_test_driver_asymmetric_encryption_hooks.forced_status = 2197 forced_status_decrypt; 2198 if ( fake_output_decrypt->len > 0 ) 2199 { 2200 mbedtls_test_driver_asymmetric_encryption_hooks.forced_output = 2201 fake_output_decrypt->x; 2202 mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length = 2203 fake_output_decrypt->len; 2204 output2_size = fake_output_decrypt->len; 2205 ASSERT_ALLOC( output2, output2_size ); 2206 } 2207 else 2208 { 2209 output2_size = input_data->len; 2210 TEST_ASSERT( output2_size <= 2211 PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg ) ); 2212 TEST_ASSERT( output2_size <= PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE ); 2213 ASSERT_ALLOC( output2, output2_size ); 2214 } 2215 2216 TEST_EQUAL( psa_asymmetric_decrypt( key, alg, 2217 output, output_length, 2218 label->x, label->len, 2219 output2, output2_size, 2220 &output2_length ), expected_status_decrypt ); 2221 if ( expected_status_decrypt == PSA_SUCCESS ) 2222 { 2223 if ( fake_output_decrypt->len > 0 ) 2224 ASSERT_COMPARE( fake_output_decrypt->x, fake_output_decrypt->len, 2225 output2, output2_length ); 2226 else 2227 ASSERT_COMPARE( input_data->x, input_data->len, 2228 output2, output2_length ); 2229 } 2230 } 2231 } 2232 2233exit: 2234 /* 2235 * Key attributes may have been returned by psa_get_key_attributes() 2236 * thus reset them as required. 2237 */ 2238 psa_reset_key_attributes( &attributes ); 2239 2240 psa_destroy_key( key ); 2241 mbedtls_free( output ); 2242 mbedtls_free( output2 ); 2243 PSA_DONE( ); 2244} 2245/* END_CASE */ 2246 2247/* BEGIN_CASE */ 2248void asymmetric_decrypt( int alg_arg, 2249 data_t *key_data, 2250 data_t *input_data, 2251 data_t *label, 2252 data_t *expected_output_data, 2253 data_t *fake_output_decrypt, 2254 int forced_status_decrypt_arg, 2255 int expected_status_decrypt_arg ) 2256{ 2257 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 2258 psa_key_type_t key_type = PSA_KEY_TYPE_RSA_KEY_PAIR; 2259 psa_algorithm_t alg = alg_arg; 2260 unsigned char *output = NULL; 2261 size_t output_size; 2262 size_t output_length = ~0; 2263 psa_status_t forced_status_decrypt = forced_status_decrypt_arg; 2264 psa_status_t expected_status_decrypt = expected_status_decrypt_arg; 2265 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 2266 2267 PSA_ASSERT( psa_crypto_init( ) ); 2268 mbedtls_test_driver_asymmetric_encryption_hooks = 2269 mbedtls_test_driver_asymmetric_encryption_hooks_init(); 2270 2271 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); 2272 psa_set_key_algorithm( &attributes, alg ); 2273 psa_set_key_type( &attributes, key_type ); 2274 2275 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 2276 &key ) ); 2277 2278 mbedtls_test_driver_asymmetric_encryption_hooks.forced_status = 2279 forced_status_decrypt; 2280 2281 if ( fake_output_decrypt->len > 0 ) 2282 { 2283 mbedtls_test_driver_asymmetric_encryption_hooks.forced_output = 2284 fake_output_decrypt->x; 2285 mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length = 2286 fake_output_decrypt->len; 2287 output_size = fake_output_decrypt->len; 2288 ASSERT_ALLOC( output, output_size ); 2289 } 2290 else 2291 { 2292 output_size = expected_output_data->len; 2293 ASSERT_ALLOC( output, expected_output_data->len ); 2294 } 2295 2296 TEST_EQUAL( psa_asymmetric_decrypt( key, alg, 2297 input_data->x, input_data->len, 2298 label->x, label->len, 2299 output, output_size, 2300 &output_length ), expected_status_decrypt ); 2301 if ( expected_status_decrypt == PSA_SUCCESS ) 2302 { 2303 TEST_EQUAL( output_length, expected_output_data->len ); 2304 ASSERT_COMPARE( expected_output_data->x, expected_output_data->len, 2305 output, output_length ); 2306 } 2307exit: 2308 /* 2309 * Key attributes may have been returned by psa_get_key_attributes() 2310 * thus reset them as required. 2311 */ 2312 psa_reset_key_attributes( &attributes ); 2313 2314 psa_destroy_key( key ); 2315 mbedtls_free( output ); 2316 PSA_DONE( ); 2317} 2318/* END_CASE */ 2319 2320/* BEGIN_CASE */ 2321void asymmetric_encrypt( int alg_arg, 2322 data_t *key_data, 2323 data_t *modulus, 2324 data_t *private_exponent, 2325 data_t *input_data, 2326 data_t *label, 2327 data_t *fake_output_encrypt, 2328 int forced_status_encrypt_arg, 2329 int expected_status_encrypt_arg ) 2330{ 2331 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 2332 psa_key_type_t key_type = PSA_KEY_TYPE_RSA_PUBLIC_KEY; 2333 psa_algorithm_t alg = alg_arg; 2334 unsigned char *output = NULL; 2335 size_t output_size; 2336 size_t output_length = ~0; 2337 psa_status_t forced_status_encrypt = forced_status_encrypt_arg; 2338 psa_status_t expected_status_encrypt = expected_status_encrypt_arg; 2339 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 2340 2341 PSA_ASSERT( psa_crypto_init( ) ); 2342 mbedtls_test_driver_asymmetric_encryption_hooks = 2343 mbedtls_test_driver_asymmetric_encryption_hooks_init(); 2344 2345 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); 2346 psa_set_key_algorithm( &attributes, alg ); 2347 psa_set_key_type( &attributes, key_type ); 2348 2349 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 2350 &key ) ); 2351 2352 PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); 2353 size_t key_bits = psa_get_key_bits( &attributes ); 2354 2355 mbedtls_test_driver_asymmetric_encryption_hooks.forced_status = 2356 forced_status_encrypt; 2357 2358 if ( fake_output_encrypt->len > 0 ) 2359 { 2360 mbedtls_test_driver_asymmetric_encryption_hooks.forced_output = 2361 fake_output_encrypt->x; 2362 mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length = 2363 fake_output_encrypt->len; 2364 output_size = fake_output_encrypt->len; 2365 ASSERT_ALLOC( output, output_size ); 2366 } 2367 else 2368 { 2369 output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); 2370 ASSERT_ALLOC( output, output_size ); 2371 } 2372 2373 TEST_EQUAL( psa_asymmetric_encrypt( key, alg, 2374 input_data->x, input_data->len, 2375 label->x, label->len, 2376 output, output_size, 2377 &output_length ), expected_status_encrypt ); 2378 if ( expected_status_encrypt == PSA_SUCCESS ) 2379 { 2380 if( fake_output_encrypt->len > 0 ) 2381 { 2382 TEST_EQUAL( fake_output_encrypt->len, output_length ); 2383 ASSERT_COMPARE( fake_output_encrypt->x, fake_output_encrypt->len, 2384 output, output_length ); 2385 } 2386 else 2387 { 2388 /* Perform sanity checks on the output */ 2389#if PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 2390 if( PSA_KEY_TYPE_IS_RSA( key_type ) ) 2391 { 2392 if( ! sanity_check_rsa_encryption_result( 2393 alg, modulus, private_exponent, 2394 input_data, 2395 output, output_length ) ) 2396 goto exit; 2397 } 2398 else 2399#endif 2400 { 2401 (void) modulus; 2402 (void) private_exponent; 2403 TEST_ASSERT( ! "Encryption sanity checks not implemented for this key type" ); 2404 } 2405 } 2406 } 2407exit: 2408 /* 2409 * Key attributes may have been returned by psa_get_key_attributes() 2410 * thus reset them as required. 2411 */ 2412 psa_reset_key_attributes( &attributes ); 2413 2414 psa_destroy_key( key ); 2415 mbedtls_free( output ); 2416 PSA_DONE( ); 2417} 2418/* END_CASE */ 2419 2420/* BEGIN_CASE */ 2421void aead_encrypt_setup( int key_type_arg, data_t *key_data, 2422 int alg_arg, 2423 data_t *nonce, 2424 data_t *additional_data, 2425 data_t *input_data, 2426 data_t *expected_ciphertext, 2427 data_t *expected_tag, 2428 int forced_status_arg, 2429 int expected_status_arg ) 2430{ 2431 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 2432 psa_key_type_t key_type = key_type_arg; 2433 psa_algorithm_t alg = alg_arg; 2434 size_t key_bits; 2435 psa_status_t forced_status = forced_status_arg; 2436 psa_status_t expected_status = expected_status_arg; 2437 uint8_t *output_data = NULL; 2438 size_t output_size = 0; 2439 size_t output_length = 0; 2440 size_t finish_output_length = 0; 2441 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 2442 psa_status_t status = PSA_ERROR_GENERIC_ERROR; 2443 size_t tag_length = 0; 2444 uint8_t tag_buffer[PSA_AEAD_TAG_MAX_SIZE]; 2445 2446 psa_aead_operation_t operation = psa_aead_operation_init(); 2447 2448 mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); 2449 2450 PSA_INIT( ); 2451 2452 mbedtls_test_driver_aead_hooks.forced_status = forced_status; 2453 2454 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); 2455 psa_set_key_algorithm( &attributes, alg ); 2456 psa_set_key_type( &attributes, key_type ); 2457 2458 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 2459 &key ) ); 2460 PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); 2461 key_bits = psa_get_key_bits( &attributes ); 2462 2463 output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, 2464 alg ); 2465 2466 /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE 2467 * should be exact. */ 2468 TEST_EQUAL( output_size, 2469 PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); 2470 TEST_ASSERT( output_size <= 2471 PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); 2472 ASSERT_ALLOC( output_data, output_size ); 2473 2474 status = psa_aead_encrypt_setup( &operation, key, alg ); 2475 2476 TEST_EQUAL( status, expected_status ); 2477 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_encrypt_setup, 1 ); 2478 2479 if( status == PSA_SUCCESS ) 2480 { 2481 /* Set the nonce. */ 2482 PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); 2483 2484 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_set_nonce, 2485 forced_status == PSA_SUCCESS ? 1 : 0 ); 2486 2487 /* Check hooks hits and 2488 * set length (additional data and data to encrypt) */ 2489 PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, 2490 input_data->len ) ); 2491 2492 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_set_lengths, 2493 forced_status == PSA_SUCCESS ? 1 : 0 ); 2494 2495 /* Pass the additional data */ 2496 PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x, 2497 additional_data->len ) ); 2498 2499 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_update_ad, 2500 forced_status == PSA_SUCCESS ? 1 : 0 ); 2501 2502 /* Pass the data to encrypt */ 2503 PSA_ASSERT( psa_aead_update( &operation, input_data->x, input_data->len, 2504 output_data, output_size, &output_length ) ); 2505 2506 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_update, 2507 forced_status == PSA_SUCCESS ? 1 : 0 ); 2508 2509 /* Finish the encryption operation */ 2510 PSA_ASSERT( psa_aead_finish( &operation, output_data + output_length, 2511 output_size - output_length, 2512 &finish_output_length, tag_buffer, 2513 PSA_AEAD_TAG_MAX_SIZE, &tag_length ) ); 2514 2515 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_finish, 2516 forced_status == PSA_SUCCESS ? 1 : 0 ); 2517 2518 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_abort, 2519 forced_status == PSA_SUCCESS ? 1 : 0 ); 2520 2521 /* Compare output_data and expected_ciphertext */ 2522 ASSERT_COMPARE( expected_ciphertext->x, expected_ciphertext->len, 2523 output_data, output_length + finish_output_length ); 2524 2525 /* Compare tag and expected_tag */ 2526 ASSERT_COMPARE( expected_tag->x, expected_tag->len, tag_buffer, tag_length ); 2527 } 2528 2529exit: 2530 /* Cleanup */ 2531 PSA_ASSERT( psa_destroy_key( key ) ); 2532 mbedtls_free( output_data ); 2533 PSA_DONE( ); 2534 mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); 2535} 2536/* END_CASE */ 2537 2538/* BEGIN_CASE */ 2539void aead_decrypt_setup( int key_type_arg, data_t *key_data, 2540 int alg_arg, 2541 data_t *nonce, 2542 data_t *additional_data, 2543 data_t *input_ciphertext, 2544 data_t *input_tag, 2545 data_t *expected_result, 2546 int forced_status_arg, 2547 int expected_status_arg ) 2548{ 2549 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 2550 psa_key_type_t key_type = key_type_arg; 2551 psa_algorithm_t alg = alg_arg; 2552 unsigned char *output_data = NULL; 2553 size_t output_size = 0; 2554 size_t output_length = 0; 2555 size_t verify_output_length = 0; 2556 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 2557 psa_status_t forced_status = forced_status_arg; 2558 psa_status_t expected_status = expected_status_arg; 2559 psa_status_t status = PSA_ERROR_GENERIC_ERROR; 2560 2561 psa_aead_operation_t operation = psa_aead_operation_init(); 2562 mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); 2563 2564 PSA_INIT( ); 2565 2566 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); 2567 psa_set_key_algorithm( &attributes, alg ); 2568 psa_set_key_type( &attributes, key_type ); 2569 2570 PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, 2571 &key ) ); 2572 2573 output_size = input_ciphertext->len; 2574 2575 ASSERT_ALLOC( output_data, output_size ); 2576 2577 mbedtls_test_driver_aead_hooks.forced_status = forced_status; 2578 2579 status = psa_aead_decrypt_setup( &operation, key, alg ); 2580 2581 TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? 2582 PSA_SUCCESS : forced_status ); 2583 2584 TEST_EQUAL( status, expected_status ); 2585 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_decrypt_setup, 1 ); 2586 2587 if( status == PSA_SUCCESS ) 2588 { 2589 PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); 2590 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_set_nonce, 2591 forced_status == PSA_SUCCESS ? 1 : 0 ); 2592 2593 PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, 2594 input_ciphertext->len ) ); 2595 2596 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_set_lengths, 2597 forced_status == PSA_SUCCESS ? 1 : 0 ); 2598 2599 PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x, 2600 additional_data->len ) ); 2601 2602 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_update_ad, 2603 forced_status == PSA_SUCCESS ? 1 : 0 ); 2604 2605 PSA_ASSERT( psa_aead_update( &operation, input_ciphertext->x, 2606 input_ciphertext->len, output_data, 2607 output_size, &output_length ) ); 2608 2609 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_update, 2610 forced_status == PSA_SUCCESS ? 1 : 0 ); 2611 2612 /* Offset applied to output_data in order to handle cases where verify() 2613 * outputs further data */ 2614 PSA_ASSERT( psa_aead_verify( &operation, output_data + output_length, 2615 output_size - output_length, 2616 &verify_output_length, input_tag->x, 2617 input_tag->len ) ); 2618 2619 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_verify, 2620 forced_status == PSA_SUCCESS ? 1 : 0 ); 2621 2622 /* Since this is a decryption operation, 2623 * finish should never be hit */ 2624 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_finish, 0 ); 2625 2626 TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_abort, 2627 forced_status == PSA_SUCCESS ? 1 : 0 ); 2628 2629 ASSERT_COMPARE( expected_result->x, expected_result->len, 2630 output_data, output_length + verify_output_length ); 2631 } 2632 2633exit: 2634 PSA_ASSERT( psa_destroy_key( key ) ); 2635 mbedtls_free( output_data ); 2636 PSA_DONE( ); 2637} 2638/* END_CASE */ 2639