From 4cf3a43dbd03a243cec0fb361def247461b2199a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Apr 2019 22:28:52 +0200 Subject: [PATCH] Simplify and expand invalid-handle tests Simplify invalid-handle tests and make them test more things. Call these tests in several test functions after destroying a key. --- tests/suites/test_suite_psa_crypto.data | 12 ++--- tests/suites/test_suite_psa_crypto.function | 59 +++++++++++++++------ 2 files changed, 50 insertions(+), 21 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b70654670..6cfd3b97f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -28,14 +28,14 @@ PSA import/export AES-256 depends_on:MBEDTLS_AES_C import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 -PSA export invalid handle (0) -export_invalid_handle:0:PSA_ERROR_INVALID_HANDLE +PSA invalid handle (0) +invalid_handle:0 -PSA export invalid handle (smallest plausible handle) -export_invalid_handle:1:PSA_ERROR_INVALID_HANDLE +PSA invalid handle (smallest plausible handle) +invalid_handle:1 -PSA export invalid handle (largest plausible handle) -export_invalid_handle:-1:PSA_ERROR_INVALID_HANDLE +PSA invalid handle (largest plausible handle) +invalid_handle:-1 PSA import AES: bad key size depends_on:MBEDTLS_AES_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e856e6e8b..c6a0f592f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1084,6 +1084,43 @@ static psa_key_usage_t usage_to_exercise( psa_key_type_t type, } +static int test_operations_on_invalid_handle( psa_key_handle_t handle ) +{ + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t buffer[1]; + size_t length; + int ok = 0; + + psa_make_key_persistent( &attributes, 0x6964, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, PSA_ALG_CTR ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); + TEST_EQUAL( psa_get_key_attributes( handle, &attributes ), + PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_get_key_id( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_attributes_lifetime( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); + + TEST_EQUAL( psa_export_key( handle, + buffer, sizeof( buffer ), &length ), + PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_export_public_key( handle, + buffer, sizeof( buffer ), &length ), + PSA_ERROR_INVALID_HANDLE ); + + TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_destroy_key( handle ), PSA_ERROR_INVALID_HANDLE ); + + ok = 1; + +exit: + psa_reset_key_attributes( &attributes ); + return( ok ); +} + /* An overapproximation of the amount of storage needed for a key of the * given type and with the given content. The API doesn't make it easy * to find a good value for the size. The current implementation doesn't @@ -1178,6 +1215,7 @@ void import( data_t *data, int type_arg, int expected_status_arg ) TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); PSA_ASSERT( psa_destroy_key( handle ) ); + test_operations_on_invalid_handle( handle ); exit: psa_destroy_key( handle ); @@ -1305,8 +1343,7 @@ void import_export( data_t *data, destroy: /* Destroy the key */ PSA_ASSERT( psa_destroy_key( handle ) ); - TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ), - PSA_ERROR_INVALID_HANDLE ); + test_operations_on_invalid_handle( handle ); exit: mbedtls_free( exported ); @@ -1316,21 +1353,10 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void export_invalid_handle( int handle, int expected_export_status_arg ) +void invalid_handle( int handle ) { - psa_status_t status; - unsigned char *exported = NULL; - size_t export_size = 0; - size_t exported_length = INVALID_EXPORT_LENGTH; - psa_status_t expected_export_status = expected_export_status_arg; - PSA_ASSERT( psa_crypto_init( ) ); - - /* Export the key */ - status = psa_export_key( (psa_key_handle_t) handle, - exported, export_size, - &exported_length ); - TEST_EQUAL( status, expected_export_status ); + test_operations_on_invalid_handle( handle ); exit: mbedtls_psa_crypto_free( ); @@ -1421,6 +1447,9 @@ void import_and_exercise_key( data_t *data, if( ! exercise_key( handle, usage, alg ) ) goto exit; + PSA_ASSERT( psa_destroy_key( handle ) ); + test_operations_on_invalid_handle( handle ); + exit: psa_destroy_key( handle ); mbedtls_psa_crypto_free( );