mirror of
https://github.com/cuberite/polarssl.git
synced 2025-11-03 20:22:59 -05:00
818 lines
26 KiB
Plaintext
Executable File
818 lines
26 KiB
Plaintext
Executable File
/* BEGIN_HEADER */
|
|
#include "psa/crypto.h"
|
|
|
|
#include "mbedtls/md.h"
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_PSA_CRYPTO_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE */
|
|
void init_deinit()
|
|
{
|
|
psa_status_t status;
|
|
int i;
|
|
for( i = 0; i <= 1; i++ )
|
|
{
|
|
status = psa_crypto_init( );
|
|
TEST_ASSERT( status == PSA_SUCCESS );
|
|
status = psa_crypto_init( );
|
|
TEST_ASSERT( status == PSA_SUCCESS );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void import( char *hex, int type, int expected_status )
|
|
{
|
|
int slot = 1;
|
|
psa_status_t status;
|
|
unsigned char *data = NULL;
|
|
size_t data_size;
|
|
|
|
data = unhexify_alloc( hex, &data_size );
|
|
TEST_ASSERT( data != NULL );
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
status = psa_import_key( slot, type, data, data_size );
|
|
TEST_ASSERT( status == (psa_status_t) expected_status );
|
|
if( status == PSA_SUCCESS )
|
|
TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
|
|
|
|
exit:
|
|
mbedtls_free( data );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void import_export( char *hex, int type_arg,
|
|
int expected_bits,
|
|
int export_size_delta,
|
|
int expected_export_status,
|
|
int canonical_input )
|
|
{
|
|
int slot = 1;
|
|
int slot2 = slot + 1;
|
|
psa_key_type_t type = type_arg;
|
|
psa_status_t status;
|
|
unsigned char *data = NULL;
|
|
unsigned char *exported = NULL;
|
|
unsigned char *reexported = NULL;
|
|
size_t data_size;
|
|
size_t export_size;
|
|
size_t exported_length;
|
|
size_t reexported_length;
|
|
psa_key_type_t got_type;
|
|
size_t got_bits;
|
|
psa_key_policy_t policy = {0};
|
|
|
|
data = unhexify_alloc( hex, &data_size );
|
|
TEST_ASSERT( data != NULL );
|
|
export_size = (ssize_t) data_size + export_size_delta;
|
|
exported = mbedtls_calloc( 1, export_size );
|
|
TEST_ASSERT( exported != NULL );
|
|
if( ! canonical_input )
|
|
{
|
|
reexported = mbedtls_calloc( 1, export_size );
|
|
TEST_ASSERT( reexported != NULL );
|
|
}
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
psa_key_policy_init( &policy );
|
|
|
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
|
|
PSA_ALG_VENDOR_FLAG );
|
|
|
|
TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
|
|
|
|
/* Import the key */
|
|
TEST_ASSERT( psa_import_key( slot, type,
|
|
data, data_size ) == PSA_SUCCESS );
|
|
|
|
/* Test the key information */
|
|
TEST_ASSERT( psa_get_key_information( slot,
|
|
&got_type, &got_bits ) ==
|
|
PSA_SUCCESS );
|
|
TEST_ASSERT( got_type == type );
|
|
TEST_ASSERT( got_bits == (size_t) expected_bits );
|
|
|
|
/* Export the key */
|
|
status = psa_export_key( slot,
|
|
exported, export_size,
|
|
&exported_length );
|
|
TEST_ASSERT( status == (psa_status_t) expected_export_status );
|
|
if( status != PSA_SUCCESS )
|
|
goto destroy;
|
|
|
|
if( canonical_input )
|
|
{
|
|
TEST_ASSERT( exported_length == data_size );
|
|
TEST_ASSERT( memcmp( exported, data, data_size ) == 0 );
|
|
}
|
|
else
|
|
{
|
|
TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_import_key( slot2, type,
|
|
exported, export_size ) ==
|
|
PSA_SUCCESS );
|
|
TEST_ASSERT( psa_export_key( slot2,
|
|
reexported, export_size,
|
|
&reexported_length ) ==
|
|
PSA_SUCCESS );
|
|
TEST_ASSERT( reexported_length == exported_length );
|
|
TEST_ASSERT( memcmp( reexported, exported,
|
|
exported_length ) == 0 );
|
|
}
|
|
|
|
destroy:
|
|
/* Destroy the key */
|
|
TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_get_key_information(
|
|
slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
|
|
|
|
exit:
|
|
mbedtls_free( data );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void hash_finish( int alg_arg, char *input_hex, char *hash_hex )
|
|
{
|
|
psa_algorithm_t alg = alg_arg;
|
|
unsigned char *input = NULL;
|
|
size_t input_size;
|
|
unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
|
|
size_t expected_hash_length;
|
|
unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE];
|
|
size_t actual_hash_length;
|
|
psa_hash_operation_t operation;
|
|
|
|
input = unhexify_alloc( input_hex, &input_size );
|
|
TEST_ASSERT( input != NULL );
|
|
expected_hash_length = unhexify( expected_hash, hash_hex );
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_hash_update( &operation,
|
|
input, input_size ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_hash_finish( &operation,
|
|
actual_hash, sizeof( actual_hash ),
|
|
&actual_hash_length ) == PSA_SUCCESS );
|
|
TEST_ASSERT( actual_hash_length == expected_hash_length );
|
|
TEST_ASSERT( memcmp( expected_hash, actual_hash,
|
|
expected_hash_length ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_free( input );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void hash_verify( int alg_arg, char *input_hex, char *hash_hex )
|
|
{
|
|
psa_algorithm_t alg = alg_arg;
|
|
unsigned char *input = NULL;
|
|
size_t input_size;
|
|
unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
|
|
size_t expected_hash_length;
|
|
psa_hash_operation_t operation;
|
|
|
|
input = unhexify_alloc( input_hex, &input_size );
|
|
TEST_ASSERT( input != NULL );
|
|
expected_hash_length = unhexify( expected_hash, hash_hex );
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_hash_update( &operation,
|
|
input, input_size ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_hash_verify( &operation,
|
|
expected_hash,
|
|
expected_hash_length ) == PSA_SUCCESS );
|
|
|
|
exit:
|
|
mbedtls_free( input );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void mac_verify( int key_type_arg, char *key_hex,
|
|
int alg_arg, char *iv_hex,
|
|
char *input_hex, char *mac_hex )
|
|
{
|
|
int key_slot = 1;
|
|
psa_key_type_t key_type = key_type_arg;
|
|
psa_algorithm_t alg = alg_arg;
|
|
unsigned char *key = NULL;
|
|
size_t key_size;
|
|
unsigned char *iv = NULL;
|
|
size_t iv_size;
|
|
unsigned char *input = NULL;
|
|
size_t input_size;
|
|
unsigned char *expected_mac = NULL;
|
|
size_t expected_mac_size;
|
|
psa_mac_operation_t operation;
|
|
psa_key_policy_t policy;
|
|
|
|
key = unhexify_alloc( key_hex, &key_size );
|
|
TEST_ASSERT( key != NULL );
|
|
if( iv_hex[0] != 0 )
|
|
{
|
|
iv = unhexify_alloc( iv_hex, &iv_size );
|
|
TEST_ASSERT( iv != NULL );
|
|
}
|
|
input = unhexify_alloc( input_hex, &input_size );
|
|
TEST_ASSERT( input != NULL );
|
|
expected_mac = unhexify_alloc( mac_hex, &expected_mac_size );
|
|
TEST_ASSERT( expected_mac != NULL );
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
psa_key_policy_init( &policy );
|
|
|
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
|
|
|
|
TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_import_key( key_slot, key_type,
|
|
key, key_size ) == PSA_SUCCESS );
|
|
// TODO: support IV
|
|
TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_mac_update( &operation,
|
|
input, input_size ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_mac_verify( &operation,
|
|
expected_mac,
|
|
expected_mac_size ) == PSA_SUCCESS );
|
|
|
|
exit:
|
|
mbedtls_free( key );
|
|
mbedtls_free( iv );
|
|
mbedtls_free( input );
|
|
mbedtls_free( expected_mac );
|
|
psa_destroy_key( key_slot );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
|
|
{
|
|
psa_key_type_t type = type_arg;
|
|
psa_algorithm_t alg = alg_arg;
|
|
size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg);
|
|
TEST_ASSERT( actual_size == (size_t) expected_size_arg );
|
|
exit:
|
|
;
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void sign_deterministic( int key_type_arg, char *key_hex,
|
|
int alg_arg, char *input_hex, char *output_hex )
|
|
{
|
|
int slot = 1;
|
|
psa_key_type_t key_type = key_type_arg;
|
|
psa_algorithm_t alg = alg_arg;
|
|
unsigned char *key_data = NULL;
|
|
size_t key_size;
|
|
size_t key_bits;
|
|
unsigned char *input_data = NULL;
|
|
size_t input_size;
|
|
unsigned char *output_data = NULL;
|
|
size_t output_size;
|
|
unsigned char *signature = NULL;
|
|
size_t signature_size;
|
|
size_t signature_length = 0xdeadbeef;
|
|
psa_key_policy_t policy = {0};
|
|
|
|
key_data = unhexify_alloc( key_hex, &key_size );
|
|
TEST_ASSERT( key_data != NULL );
|
|
input_data = unhexify_alloc( input_hex, &input_size );
|
|
TEST_ASSERT( input_data != NULL );
|
|
output_data = unhexify_alloc( output_hex, &output_size );
|
|
TEST_ASSERT( output_data != NULL );
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
psa_key_policy_init( &policy );
|
|
|
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
|
|
|
|
TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_import_key( slot, key_type,
|
|
key_data, key_size ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_get_key_information( slot,
|
|
NULL,
|
|
&key_bits ) == PSA_SUCCESS );
|
|
|
|
signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits );
|
|
TEST_ASSERT( signature_size != 0 );
|
|
signature = mbedtls_calloc( 1, signature_size );
|
|
TEST_ASSERT( signature != NULL );
|
|
|
|
TEST_ASSERT( psa_asymmetric_sign( slot, alg,
|
|
input_data, input_size,
|
|
NULL, 0,
|
|
signature, signature_size,
|
|
&signature_length ) == PSA_SUCCESS );
|
|
TEST_ASSERT( signature_length == output_size );
|
|
TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 );
|
|
|
|
exit:
|
|
psa_destroy_key( slot );
|
|
mbedtls_free( key_data );
|
|
mbedtls_free( input_data );
|
|
mbedtls_free( output_data );
|
|
mbedtls_free( signature );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void sign_fail( int key_type_arg, char *key_hex,
|
|
int alg_arg, char *input_hex,
|
|
int signature_size, int expected_status_arg )
|
|
{
|
|
int slot = 1;
|
|
psa_key_type_t key_type = key_type_arg;
|
|
psa_algorithm_t alg = alg_arg;
|
|
unsigned char *key_data = NULL;
|
|
size_t key_size;
|
|
unsigned char *input_data = NULL;
|
|
size_t input_size;
|
|
psa_status_t actual_status;
|
|
psa_status_t expected_status = expected_status_arg;
|
|
unsigned char *signature = NULL;
|
|
size_t signature_length = 0xdeadbeef;
|
|
psa_key_policy_t policy = {0};
|
|
|
|
key_data = unhexify_alloc( key_hex, &key_size );
|
|
TEST_ASSERT( key_data != NULL );
|
|
input_data = unhexify_alloc( input_hex, &input_size );
|
|
TEST_ASSERT( input_data != NULL );
|
|
signature = mbedtls_calloc( 1, signature_size );
|
|
TEST_ASSERT( signature != NULL );
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
psa_key_policy_init( &policy );
|
|
|
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
|
|
|
|
TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_import_key( slot, key_type,
|
|
key_data, key_size ) == PSA_SUCCESS );
|
|
|
|
actual_status = psa_asymmetric_sign( slot, alg,
|
|
input_data, input_size,
|
|
NULL, 0,
|
|
signature, signature_size,
|
|
&signature_length );
|
|
TEST_ASSERT( actual_status == expected_status );
|
|
TEST_ASSERT( signature_length == 0 );
|
|
|
|
exit:
|
|
psa_destroy_key( slot );
|
|
mbedtls_free( key_data );
|
|
mbedtls_free( input_data );
|
|
mbedtls_free( signature );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void key_policy( int usage_arg, int alg_arg )
|
|
{
|
|
int key_slot = 1;
|
|
psa_key_type_t key_type = PSA_KEY_TYPE_AES;
|
|
unsigned char key[32] = {0};
|
|
psa_key_policy_t policy_set = {0};
|
|
psa_key_policy_t policy_get = {0};
|
|
|
|
|
|
memset( key, 0x2a, sizeof( key ) );
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
psa_key_policy_init(& policy_set );
|
|
psa_key_policy_init(& policy_get );
|
|
|
|
psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
|
|
|
|
TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg );
|
|
|
|
TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg );
|
|
|
|
TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_import_key( key_slot, key_type,
|
|
key, sizeof( key ) ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( policy_get.usage == policy_set.usage );
|
|
TEST_ASSERT( policy_get.alg == policy_set.alg );
|
|
|
|
|
|
|
|
|
|
exit:
|
|
psa_destroy_key( key_slot );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex )
|
|
{
|
|
int key_slot = 1;
|
|
unsigned char* keypair = NULL;
|
|
size_t key_size = 0;
|
|
size_t signature_length = 0;
|
|
psa_key_policy_t policy = {0};
|
|
int actual_status = PSA_SUCCESS;
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
psa_key_policy_init( &policy );
|
|
|
|
psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
|
|
|
|
TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
|
|
|
|
if( usage_arg & PSA_KEY_USAGE_EXPORT )
|
|
{
|
|
keypair = unhexify_alloc( key_hex, &key_size );
|
|
TEST_ASSERT( keypair != NULL );
|
|
TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
|
|
keypair, key_size ) == PSA_SUCCESS );
|
|
actual_status = psa_asymmetric_sign( key_slot,
|
|
( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0,
|
|
NULL, 0, &signature_length );
|
|
}
|
|
|
|
if( usage_arg & PSA_KEY_USAGE_SIGN )
|
|
{
|
|
keypair = unhexify_alloc( key_hex, &key_size );
|
|
TEST_ASSERT( keypair != NULL );
|
|
TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
|
|
keypair, key_size ) == PSA_SUCCESS );
|
|
actual_status = psa_export_key( key_slot, NULL, 0, NULL );
|
|
}
|
|
|
|
TEST_ASSERT( actual_status == expected_status );
|
|
|
|
exit:
|
|
psa_destroy_key( key_slot );
|
|
mbedtls_free( keypair );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void key_lifetime( int lifetime_arg )
|
|
{
|
|
int key_slot = 1;
|
|
psa_key_type_t key_type = PSA_ALG_CBC_BASE;
|
|
unsigned char key[32] = {0};
|
|
psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
|
|
psa_key_lifetime_t lifetime_get;
|
|
memset( key, 0x2a, sizeof( key ) );
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_set_key_lifetime( key_slot,
|
|
lifetime_set ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_import_key( key_slot, key_type,
|
|
key, sizeof( key ) ) == PSA_SUCCESS );
|
|
TEST_ASSERT( psa_get_key_lifetime( key_slot,
|
|
&lifetime_get ) == PSA_SUCCESS );
|
|
TEST_ASSERT( lifetime_get == lifetime_set );
|
|
exit:
|
|
psa_destroy_key( key_slot );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg )
|
|
{
|
|
int key_slot = 1;
|
|
psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
|
|
psa_status_t actual_status;
|
|
psa_status_t expected_status = expected_status_arg;
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
|
|
|
|
if( actual_status == PSA_SUCCESS )
|
|
actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
|
|
|
|
TEST_ASSERT( expected_status == actual_status );
|
|
|
|
exit:
|
|
psa_destroy_key( key_slot );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void asymmetric_verify( int key_type_arg, char *key_hex,
|
|
int alg_arg, char *hash_hex, char *signature_hex )
|
|
{
|
|
int slot = 1;
|
|
psa_key_type_t key_type = key_type_arg;
|
|
psa_algorithm_t alg = alg_arg;
|
|
unsigned char *key_data = NULL;
|
|
size_t key_size;
|
|
unsigned char *hash_data = NULL;
|
|
size_t hash_size;
|
|
unsigned char *signature_data = NULL;
|
|
size_t signature_size;
|
|
psa_key_policy_t policy = {0};
|
|
|
|
key_data = unhexify_alloc( key_hex, &key_size );
|
|
TEST_ASSERT( key_data != NULL );
|
|
hash_data = unhexify_alloc( hash_hex, &hash_size );
|
|
TEST_ASSERT( hash_data != NULL );
|
|
signature_data = unhexify_alloc( signature_hex, &signature_size );
|
|
TEST_ASSERT( signature_data != NULL );
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
psa_key_policy_init( &policy );
|
|
|
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
|
|
|
|
TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_import_key( slot, key_type,
|
|
key_data, key_size ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_asymmetric_verify( slot, alg,
|
|
hash_data, hash_size,
|
|
NULL, 0,
|
|
signature_data, signature_size ) ==
|
|
PSA_SUCCESS );
|
|
exit:
|
|
psa_destroy_key( slot );
|
|
mbedtls_free( key_data );
|
|
mbedtls_free( hash_data );
|
|
mbedtls_free( signature_data );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
|
|
int alg_arg, char * input_hex,
|
|
char * add_data, int expected_result_arg )
|
|
{
|
|
int slot = 1;
|
|
psa_key_type_t key_type = key_type_arg;
|
|
psa_algorithm_t alg = alg_arg;
|
|
unsigned char *key_data = NULL;
|
|
size_t key_size;
|
|
unsigned char *input_data = NULL;
|
|
size_t input_size;
|
|
unsigned char *output_data = NULL;
|
|
size_t output_size = 0;
|
|
size_t output_length = 0;
|
|
unsigned char *output_data2 = NULL;
|
|
size_t output_length2 = 0;
|
|
uint8_t nonce[16];
|
|
size_t nonce_length = 16;
|
|
size_t tag_length = 16;
|
|
unsigned char *additional_data = NULL;
|
|
size_t additional_data_length = 0;
|
|
size_t i = 0;
|
|
psa_status_t expected_result = (psa_status_t) expected_result_arg;
|
|
psa_key_policy_t policy = {0};
|
|
|
|
|
|
key_data = unhexify_alloc( key_hex, &key_size );
|
|
TEST_ASSERT( key_data != NULL );
|
|
input_data = unhexify_alloc( input_hex, &input_size );
|
|
TEST_ASSERT( input_data != NULL );
|
|
additional_data = unhexify_alloc( add_data, &additional_data_length );
|
|
TEST_ASSERT( input_data != NULL );
|
|
output_size = input_size + tag_length;
|
|
output_data = mbedtls_calloc( 1, output_size );
|
|
TEST_ASSERT( output_data != NULL );
|
|
if( alg == PSA_ALG_CCM )
|
|
{
|
|
nonce_length = 12;
|
|
}
|
|
|
|
for( ; i < nonce_length; ++i )
|
|
nonce[i] = i;
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
psa_key_policy_init( &policy );
|
|
|
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT , alg );
|
|
|
|
TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_import_key( slot, key_type,
|
|
key_data, key_size ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_aead_encrypt( slot, alg,
|
|
nonce, nonce_length,
|
|
additional_data, additional_data_length,
|
|
input_data, input_size, output_data,
|
|
output_size, &output_length ) == expected_result );
|
|
|
|
if( PSA_SUCCESS == expected_result )
|
|
{
|
|
output_data2 = mbedtls_calloc( 1, output_length );
|
|
TEST_ASSERT( output_data2 != NULL );
|
|
|
|
TEST_ASSERT( psa_aead_decrypt( slot, alg,
|
|
nonce, nonce_length,
|
|
additional_data, additional_data_length,
|
|
output_data, output_length, output_data2,
|
|
output_length, &output_length2 ) == expected_result );
|
|
|
|
|
|
TEST_ASSERT( memcmp( input_data, output_data2,
|
|
input_size ) == 0 );
|
|
}
|
|
|
|
|
|
exit:
|
|
psa_destroy_key( slot );
|
|
mbedtls_free( key_data );
|
|
mbedtls_free( input_data );
|
|
mbedtls_free( additional_data );
|
|
mbedtls_free( output_data );
|
|
mbedtls_free( output_data2 );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void aead_encrypt( int key_type_arg, char * key_hex,
|
|
int alg_arg, char * input_hex,
|
|
char * add_data, char * nonce_hex,
|
|
char * expected_result_hex )
|
|
{
|
|
int slot = 1;
|
|
psa_key_type_t key_type = key_type_arg;
|
|
psa_algorithm_t alg = alg_arg;
|
|
unsigned char *key_data = NULL;
|
|
size_t key_size;
|
|
unsigned char *input_data = NULL;
|
|
size_t input_size;
|
|
unsigned char *output_data = NULL;
|
|
size_t output_size = 0;
|
|
size_t output_length = 0;
|
|
unsigned char *expected_result = NULL;
|
|
size_t expected_result_length = 0;
|
|
uint8_t* nonce = NULL;
|
|
size_t nonce_length = 0;
|
|
size_t tag_length = 16;
|
|
unsigned char *additional_data = NULL;
|
|
size_t additional_data_length = 0;
|
|
psa_key_policy_t policy = {0};
|
|
|
|
|
|
key_data = unhexify_alloc( key_hex, &key_size );
|
|
TEST_ASSERT( key_data != NULL );
|
|
input_data = unhexify_alloc( input_hex, &input_size );
|
|
TEST_ASSERT( input_data != NULL );
|
|
additional_data = unhexify_alloc( add_data, &additional_data_length );
|
|
TEST_ASSERT( input_data != NULL );
|
|
output_size = input_size + tag_length;
|
|
output_data = mbedtls_calloc( 1, output_size );
|
|
TEST_ASSERT( output_data != NULL );
|
|
nonce = unhexify_alloc( nonce_hex, &nonce_length );
|
|
TEST_ASSERT( nonce != NULL );
|
|
expected_result = unhexify_alloc( expected_result_hex, &expected_result_length );
|
|
TEST_ASSERT( expected_result != NULL );
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
psa_key_policy_init( &policy );
|
|
|
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
|
|
|
|
TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_import_key( slot, key_type,
|
|
key_data, key_size ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_aead_encrypt( slot, alg,
|
|
nonce, nonce_length,
|
|
additional_data, additional_data_length,
|
|
input_data, input_size, output_data,
|
|
output_size, &output_length ) == PSA_SUCCESS );
|
|
|
|
|
|
TEST_ASSERT( memcmp( output_data, expected_result,
|
|
output_length ) == 0 );
|
|
|
|
|
|
exit:
|
|
psa_destroy_key( slot );
|
|
mbedtls_free( key_data );
|
|
mbedtls_free( input_data );
|
|
mbedtls_free( additional_data );
|
|
mbedtls_free( output_data );
|
|
mbedtls_free( nonce );
|
|
mbedtls_free( expected_result );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void aead_decrypt( int key_type_arg, char * key_hex,
|
|
int alg_arg, char * input_hex,
|
|
char * add_data, char * nonce_hex,
|
|
char * expected_result_hex, int expected_result_arg )
|
|
{
|
|
int slot = 1;
|
|
psa_key_type_t key_type = key_type_arg;
|
|
psa_algorithm_t alg = alg_arg;
|
|
unsigned char *key_data = NULL;
|
|
size_t key_size;
|
|
unsigned char *input_data = NULL;
|
|
size_t input_size;
|
|
unsigned char *output_data = NULL;
|
|
size_t output_size = 0;
|
|
size_t output_length = 0;
|
|
unsigned char *expected_data = NULL;
|
|
size_t expected_result_length = 0;
|
|
uint8_t* nonce = NULL;
|
|
size_t nonce_length = 0;
|
|
size_t tag_length = 16;
|
|
unsigned char *additional_data = NULL;
|
|
size_t additional_data_length = 0;
|
|
psa_key_policy_t policy = {0};
|
|
psa_status_t expected_result = (psa_status_t) expected_result_arg;
|
|
|
|
|
|
key_data = unhexify_alloc( key_hex, &key_size );
|
|
TEST_ASSERT( key_data != NULL );
|
|
input_data = unhexify_alloc( input_hex, &input_size );
|
|
TEST_ASSERT( input_data != NULL );
|
|
additional_data = unhexify_alloc( add_data, &additional_data_length );
|
|
TEST_ASSERT( input_data != NULL );
|
|
output_size = input_size + tag_length;
|
|
output_data = mbedtls_calloc( 1, output_size );
|
|
TEST_ASSERT( output_data != NULL );
|
|
nonce = unhexify_alloc( nonce_hex, &nonce_length );
|
|
TEST_ASSERT( nonce != NULL );
|
|
expected_data = unhexify_alloc( expected_result_hex, &expected_result_length );
|
|
TEST_ASSERT( expected_data != NULL );
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
|
|
psa_key_policy_init( &policy );
|
|
|
|
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
|
|
|
|
TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_import_key( slot, key_type,
|
|
key_data, key_size ) == PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_aead_decrypt( slot, alg,
|
|
nonce, nonce_length,
|
|
additional_data, additional_data_length,
|
|
input_data, input_size, output_data,
|
|
output_size, &output_length ) == expected_result );
|
|
|
|
|
|
if ( expected_result == PSA_SUCCESS )
|
|
{
|
|
TEST_ASSERT( memcmp( output_data, expected_data,
|
|
output_length ) == 0 );
|
|
}
|
|
|
|
|
|
|
|
exit:
|
|
psa_destroy_key( slot );
|
|
mbedtls_free( key_data );
|
|
mbedtls_free( input_data );
|
|
mbedtls_free( additional_data );
|
|
mbedtls_free( output_data );
|
|
mbedtls_free( nonce );
|
|
mbedtls_free( expected_data );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|