Test the call to p_validate_slot_number when registering a key

This commit is contained in:
Gilles Peskine 2019-08-05 17:17:52 +02:00
parent a5f8749812
commit 49bd58274e
2 changed files with 48 additions and 5 deletions

View file

@ -112,13 +112,19 @@ Generate key: not supported
generate_key_not_supported:PSA_KEY_TYPE_AES:128
Key registration: smoke test
register_key_smoke_test:MIN_DRIVER_LIFETIME:PSA_SUCCESS
register_key_smoke_test:MIN_DRIVER_LIFETIME:-1:PSA_SUCCESS
Key registration: invalid lifetime (volatile)
register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:-1:PSA_ERROR_INVALID_ARGUMENT
Key registration: invalid lifetime (internal storage)
register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:PSA_ERROR_INVALID_ARGUMENT
register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:-1:PSA_ERROR_INVALID_ARGUMENT
Key registration: invalid lifetime (no registered driver)
register_key_smoke_test:MIN_DRIVER_LIFETIME + 1:PSA_ERROR_INVALID_ARGUMENT
register_key_smoke_test:MIN_DRIVER_LIFETIME + 1:-1:PSA_ERROR_INVALID_ARGUMENT
Key registration: with driver validation (accepted)
register_key_smoke_test:MIN_DRIVER_LIFETIME:1:PSA_SUCCESS
Key registration: with driver validation (rejected)
register_key_smoke_test:MIN_DRIVER_LIFETIME:0:PSA_ERROR_NOT_PERMITTED

View file

@ -37,6 +37,28 @@
/* Miscellaneous driver methods */
/****************************************************************/
typedef struct
{
psa_key_slot_number_t slot_number;
psa_key_creation_method_t method;
psa_status_t status;
} validate_slot_number_directions_t;
static validate_slot_number_directions_t validate_slot_number_directions;
/* Validate a choice of slot number as directed. */
static psa_status_t validate_slot_number_as_directed(
psa_drv_se_context_t *context,
const psa_key_attributes_t *attributes,
psa_key_creation_method_t method,
psa_key_slot_number_t slot_number )
{
(void) context;
(void) attributes;
DRIVER_ASSERT( slot_number == validate_slot_number_directions.slot_number );
DRIVER_ASSERT( method == validate_slot_number_directions.method );
return( validate_slot_number_directions.status );
}
/* Allocate slot numbers with a monotonic counter. */
static psa_status_t counter_allocate( psa_drv_se_context_t *context,
void *persistent_data,
@ -718,11 +740,14 @@ exit:
/* END_CASE */
/* BEGIN_CASE */
void register_key_smoke_test( int lifetime_arg, int expected_status_arg )
void register_key_smoke_test( int lifetime_arg,
int validate,
int expected_status_arg )
{
psa_key_lifetime_t lifetime = lifetime_arg;
psa_status_t expected_status = expected_status_arg;
psa_drv_se_t driver;
psa_drv_se_key_management_t key_management;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_id_t id = 1;
size_t bit_size = 48;
@ -732,6 +757,16 @@ void register_key_smoke_test( int lifetime_arg, int expected_status_arg )
memset( &driver, 0, sizeof( driver ) );
driver.hal_version = PSA_DRV_SE_HAL_VERSION;
if( validate >= 0 )
{
memset( &key_management, 0, sizeof( key_management ) );
driver.key_management = &key_management;
key_management.p_validate_slot_number = validate_slot_number_as_directed;
validate_slot_number_directions.slot_number = wanted_slot;
validate_slot_number_directions.method = PSA_KEY_CREATION_REGISTER;
validate_slot_number_directions.status =
( validate > 0 ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED );
}
PSA_ASSERT( psa_register_se_driver( MIN_DRIVER_LIFETIME, &driver ) );
PSA_ASSERT( psa_crypto_init( ) );
@ -770,5 +805,7 @@ exit:
psa_destroy_key( handle );
PSA_DONE( );
psa_purge_storage( );
memset( &validate_slot_number_directions, 0,
sizeof( validate_slot_number_directions ) );
}
/* END_CASE */