From 539cda57df9a7f36b03b46075016a6ce91166760 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 10 Dec 2018 17:31:59 +0100 Subject: [PATCH] Add tests with invalid key identifiers Test that 0 and PSA_CRYPTO_ITS_RANDOM_SEED_UID are not accepted as key identifiers. --- .../test_suite_psa_crypto_slot_management.data | 16 ++++++++++++++++ ...est_suite_psa_crypto_slot_management.function | 8 ++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 39e05abf8..46dbea2c0 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -37,6 +37,14 @@ Attempt to overwrite: keep open, different type depends_on:MBEDTLS_AES_C create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:KEEP_OPEN +Open failure: invalid identifier (0) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +open_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT + +Open failure: invalid identifier (random seed UID) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +open_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT + Open failure: non-existent identifier depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT @@ -57,6 +65,14 @@ Create failure: invalid lifetime depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT +Create failure: invalid key id (0) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT + +Create failure: invalid key id (random seed UID) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT + Open not supported depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 754aae08d..fdcb5a949 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -31,10 +31,14 @@ typedef enum #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) /* There is no API to purge all keys. For this test suite, require that - * all key IDs be less than a certain maximum. */ + * all key IDs be less than a certain maximum, or a well-known value + * which corresponds to a file that does not contain a key. */ #define MAX_KEY_ID_FOR_TEST 32 +#define KEY_ID_IS_WELL_KNOWN( key_id ) \ + ( ( key_id ) == PSA_CRYPTO_ITS_RANDOM_SEED_UID ) #define TEST_MAX_KEY_ID( key_id ) \ - TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST ) + TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST || \ + KEY_ID_IS_WELL_KNOWN( key_id ) ) void psa_purge_key_storage( void ) { psa_key_id_t i;