mirror of
https://github.com/cuberite/polarssl.git
synced 2025-11-03 12:11:27 -05:00
103 lines
3.3 KiB
Plaintext
103 lines
3.3 KiB
Plaintext
/* BEGIN_HEADER */
|
|
#include <stdint.h>
|
|
|
|
#include "psa/crypto.h"
|
|
#include "psa_prot_internal_storage.h"
|
|
#include "mbedtls/entropy.h"
|
|
#include "mbedtls/entropy_poll.h"
|
|
|
|
/* MAX value support macro */
|
|
#if !defined(MAX)
|
|
#define MAX(a,b) (((a)>(b))?(a):(b))
|
|
#endif
|
|
|
|
/* Calculating the minimum allowed entropy size in bytes */
|
|
#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
|
|
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_HAS_ITS_IO:MBEDTLS_PSA_CRYPTO_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE */
|
|
void validate_entropy_seed_injection( int seed_length_a,
|
|
int expected_status_a,
|
|
int seed_length_b,
|
|
int expected_status_b )
|
|
{
|
|
psa_its_status_t its_status;
|
|
psa_status_t status;
|
|
uint8_t output[32] = { 0 };
|
|
uint8_t zeros[32] = { 0 };
|
|
uint8_t *seed = NULL;
|
|
int i;
|
|
int seed_size;
|
|
if( seed_length_a > seed_length_b )
|
|
{
|
|
seed_size = seed_length_a;
|
|
}
|
|
else
|
|
{
|
|
seed_size = seed_length_b;
|
|
}
|
|
ASSERT_ALLOC( seed, seed_size );
|
|
/* fill seed with some data */
|
|
for( i = 0; i < seed_size; ++i )
|
|
{
|
|
seed[i] = i;
|
|
}
|
|
its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
|
|
TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
|
|
( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
|
|
status = mbedtls_psa_inject_entropy( seed, seed_length_a );
|
|
TEST_ASSERT( status == expected_status_a );
|
|
status = mbedtls_psa_inject_entropy( seed, seed_length_b );
|
|
TEST_ASSERT( status == expected_status_b );
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_generate_random( output,
|
|
sizeof( output ) ) == PSA_SUCCESS );
|
|
TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 );
|
|
exit:
|
|
mbedtls_free( seed );
|
|
psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void run_entropy_inject_with_crypto_init( )
|
|
{
|
|
psa_its_status_t its_status;
|
|
psa_status_t status;
|
|
int i;
|
|
uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 };
|
|
/* fill seed with some data */
|
|
for( i = 0; i < sizeof( seed ); ++i )
|
|
{
|
|
seed[i] = i;
|
|
}
|
|
its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
|
|
TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
|
|
( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
|
|
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
|
|
TEST_ASSERT( status == PSA_SUCCESS );
|
|
its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
|
|
TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
|
|
status = psa_crypto_init( );
|
|
TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_ENTROPY );
|
|
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
|
|
TEST_ASSERT( status == PSA_SUCCESS );
|
|
status = psa_crypto_init( );
|
|
TEST_ASSERT( status == PSA_SUCCESS );
|
|
mbedtls_psa_crypto_free( );
|
|
/* The seed is written by nv_seed callback functions therefore the injection will fail */
|
|
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
|
|
TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
|
|
exit:
|
|
psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|