exercise_key_agreement_key: add special handling for HKDF_EXPAND

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-14 14:41:42 +02:00 · 2022-06-14 14:41:42 +02:00 · 6c9fd61565
commit 6c9fd61565
parent d898745f70
2 changed files with 21 additions and 7 deletions
--- a/tests/src/psa_exercise_key.c
+++ b/tests/src/psa_exercise_key.c
@ -627,6 +627,7 @@ static int exercise_key_agreement_key( mbedtls_svc_key_id_t key,
    unsigned char output[1];
    int ok = 0;
    psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg );
+    psa_status_t expected_key_agreement_status = PSA_SUCCESS;

    if( usage & PSA_KEY_USAGE_DERIVE )
    {
@ -648,7 +649,25 @@ static int exercise_key_agreement_key( mbedtls_svc_key_id_t key,
                input, sizeof( input ) ) );
        }

-        PSA_ASSERT( mbedtls_test_psa_key_agreement_with_self( &operation, key ) );
+        /* For HKDF_EXPAND input secret may fail as secret size may not match
+           to expected PRK size. In practice it means that key bits must match
+           hash length. Otherwise test should fail with INVALID_ARGUMENT. */
+        if( PSA_ALG_IS_HKDF_EXPAND( kdf_alg ) )
+        {
+            psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+            PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+            size_t key_bits = psa_get_key_bits( &attributes );
+            psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg );
+
+            if( PSA_BITS_TO_BYTES( key_bits ) != PSA_HASH_LENGTH( hash_alg ) )
+                expected_key_agreement_status = PSA_ERROR_INVALID_ARGUMENT;
+        }
+
+        TEST_EQUAL( mbedtls_test_psa_key_agreement_with_self( &operation, key ),
+                    expected_key_agreement_status );
+
+        if( expected_key_agreement_status != PSA_SUCCESS )
+            return( 1 );

        if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
            PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
@ -657,7 +676,7 @@ static int exercise_key_agreement_key( mbedtls_svc_key_id_t key,
                            &operation, PSA_KEY_DERIVATION_INPUT_LABEL,
                            input, sizeof( input ) ) );
        }
-        else if( PSA_ALG_IS_HKDF( kdf_alg ) )
+        else if( PSA_ALG_IS_HKDF( kdf_alg ) || PSA_ALG_IS_HKDF_EXPAND( kdf_alg ) )
        {
            PSA_ASSERT( psa_key_derivation_input_bytes(
                            &operation, PSA_KEY_DERIVATION_INPUT_INFO,
--- a/tests/suites/test_suite_psa_crypto_storage_format.function
+++ b/tests/suites/test_suite_psa_crypto_storage_format.function
@ -151,11 +151,6 @@ static int can_exercise( const psa_key_attributes_t *attributes )
        PSA_ALG_NONE;
    psa_key_usage_t usage = psa_get_key_usage_flags( attributes );

-    /* Disable KA(ECDH,HKDF_EXTRACT/EXPAND...) test cases. */
-    if( PSA_ALG_IS_KEY_AGREEMENT( alg ) &&
-        ( PSA_ALG_HKDF_EXTRACT( alg ) || PSA_ALG_HKDF_EXPAND( alg ) ) )
-        return 0;
-
 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
    /* We test some configurations using drivers where the driver doesn't
     * support certain hash algorithms, but declares that it supports