yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Further pake tests optimizations

Browse source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2023-02-24 08:41:39 +01:00
parent d93de32267
commit 6f2d1f419a
3 changed files with 119 additions and 58 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
tests/suites/test_suite_psa_crypto_driver_wrappers.function
View file

@ -3050,8 +3050,6 @@ void pake_operations(data_t *pw_data, int forced_status_setup_arg, int forced_st
/* --- psa_pake_input (driver: setup, input) --- */ /* --- psa_pake_input (driver: setup, input) --- */
mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup; mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup;
mbedtls_test_driver_pake_hooks.forced_status = forced_status; mbedtls_test_driver_pake_hooks.forced_status = forced_status;
memset(&mbedtls_test_driver_pake_hooks.hits, 0,
sizeof(mbedtls_test_driver_pake_hooks.hits));
TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE, TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE,
input_buffer, size_key_share), input_buffer, size_key_share),
expected_status); expected_status);
@ -3063,8 +3061,6 @@ void pake_operations(data_t *pw_data, int forced_status_setup_arg, int forced_st
/* --- psa_pake_output (driver: setup, output) --- */ /* --- psa_pake_output (driver: setup, output) --- */
mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup; mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup;
mbedtls_test_driver_pake_hooks.forced_status = forced_status; mbedtls_test_driver_pake_hooks.forced_status = forced_status;
memset(&mbedtls_test_driver_pake_hooks.hits, 0,
sizeof(mbedtls_test_driver_pake_hooks.hits));
TEST_EQUAL(psa_pake_output(&operation, PSA_PAKE_STEP_KEY_SHARE, TEST_EQUAL(psa_pake_output(&operation, PSA_PAKE_STEP_KEY_SHARE,
output_buffer, output_size, &output_len), output_buffer, output_size, &output_len),
expected_status); expected_status);
@ -3073,11 +3069,9 @@ void pake_operations(data_t *pw_data, int forced_status_setup_arg, int forced_st
break; break;
case 2: /* input */ case 2: /* input */
/* --- psa_pake_input (driver: setup, input, (abort)) --- */ /* --- psa_pake_input (driver: setup, input, abort) --- */
mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup; mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup;
mbedtls_test_driver_pake_hooks.forced_status = forced_status; mbedtls_test_driver_pake_hooks.forced_status = forced_status;
memset(&mbedtls_test_driver_pake_hooks.hits, 0,
sizeof(mbedtls_test_driver_pake_hooks.hits));
TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE, TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE,
input_buffer, size_key_share), input_buffer, size_key_share),
expected_status); expected_status);
@ -3091,8 +3085,6 @@ void pake_operations(data_t *pw_data, int forced_status_setup_arg, int forced_st
/* --- psa_pake_output (driver: setup, output, (abort)) --- */ /* --- psa_pake_output (driver: setup, output, (abort)) --- */
mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup; mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup;
mbedtls_test_driver_pake_hooks.forced_status = forced_status; mbedtls_test_driver_pake_hooks.forced_status = forced_status;
memset(&mbedtls_test_driver_pake_hooks.hits, 0,
sizeof(mbedtls_test_driver_pake_hooks.hits));
if (forced_output->len > 0) { if (forced_output->len > 0) {
mbedtls_test_driver_pake_hooks.forced_output = forced_output->x; mbedtls_test_driver_pake_hooks.forced_output = forced_output->x;
mbedtls_test_driver_pake_hooks.forced_output_length = forced_output->len; mbedtls_test_driver_pake_hooks.forced_output_length = forced_output->len;

31
tests/suites/test_suite_psa_crypto_pake.data
View file

@ -194,14 +194,29 @@ PSA PAKE: ecjpake size macros
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
ecjpake_size_macros: ecjpake_size_macros:
PSA PAKE: input getters: ok #1 PSA PAKE: input getters password: ok #1
pake_input_getters:"aabbccddee":PSA_PAKE_ROLE_SERVER:5:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS pake_input_getters_password:"aabbccddee":5:PSA_SUCCESS:PSA_SUCCESS
PSA PAKE: input getters: ok #2 PSA PAKE: input getters password: ok #2
pake_input_getters:"ddccbbaa":PSA_PAKE_ROLE_CLIENT:5:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_512:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS pake_input_getters_password:"11223344556677889900":10:PSA_SUCCESS:PSA_SUCCESS
PSA PAKE: input getters: buffer for password to small PSA PAKE: input getters password: buffer to small
pake_input_getters:"aabbccddee":PSA_PAKE_ROLE_SERVER:4:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ERROR_BUFFER_TOO_SMALL:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS pake_input_getters_password:"aabbccddee":4:PSA_ERROR_BUFFER_TOO_SMALL:PSA_SUCCESS
PSA PAKE: input getters: inputs not ready PSA PAKE: input getters password: not set
pake_input_getters:"":0:5:0:0:0:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE pake_input_getters_password:"":0:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE
PSA PAKE: input getters cipher suite: ok
pake_input_getters_cipher_suite:PSA_SUCCESS:1
PSA PAKE: input getters cipher suite: not set
pake_input_getters_cipher_suite:PSA_ERROR_BAD_STATE:0
PSA PAKE: input getters role client: ok
pake_input_getters_role:PSA_PAKE_ROLE_CLIENT:PSA_SUCCESS
PSA PAKE: input getters role server: ok
pake_input_getters_role:PSA_PAKE_ROLE_SERVER:PSA_SUCCESS
PSA PAKE: input getters role: not set
pake_input_getters_role:PSA_PAKE_ROLE_NONE:PSA_ERROR_BAD_STATE

136
tests/suites/test_suite_psa_crypto_pake.function
View file

@ -909,71 +909,54 @@ void ecjpake_size_macros()
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PSA_BUILTIN_ALG_JPAKE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */
void pake_input_getters(data_t *password, int role_arg, int password_buffer_size, void pake_input_getters_password(data_t *password, int password_buffer_size,
int alg_arg, int primitive_arg, int hash_arg, int expected_status_pass, int expected_status_pass_len)
int expected_status_pass, int expected_status_pass_len,
int expected_status_role, int expected_status_cs)
{ {
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init(); psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
psa_pake_operation_t operation = psa_pake_operation_init(); psa_pake_operation_t operation = psa_pake_operation_init();
psa_pake_role_t role = role_arg;
psa_algorithm_t alg = alg_arg;
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_pake_role_t role_ret = PSA_PAKE_ROLE_NONE;
uint8_t password_ret[20] = { 0 }; // max key length is 20 bytes uint8_t password_ret[20] = { 0 }; // max key length is 20 bytes
size_t password_len_ret = 0; size_t password_len_ret = 0;
psa_pake_cipher_suite_t cipher_suite_ret = psa_pake_cipher_suite_init();
size_t buffer_len_ret = 0; size_t buffer_len_ret = 0;
psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE(
PSA_PAKE_PRIMITIVE_TYPE_ECC,
PSA_ECC_FAMILY_SECP_R1, 256);
PSA_INIT(); PSA_INIT();
/* alg equal to 0 indicates case when inputs are not set yet. */ psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE);
if (alg != 0) { psa_pake_cs_set_primitive(&cipher_suite, primitive);
psa_pake_cs_set_algorithm(&cipher_suite, alg); psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256);
psa_pake_cs_set_primitive(&cipher_suite, primitive_arg);
psa_pake_cs_set_hash(&cipher_suite, hash_arg);
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
psa_set_key_algorithm(&attributes, alg); psa_set_key_algorithm(&attributes, PSA_ALG_JPAKE);
psa_set_key_type(&attributes, PSA_KEY_TYPE_PASSWORD); psa_set_key_type(&attributes, PSA_KEY_TYPE_PASSWORD);
PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite));
if (password_buffer_size > 0) {
PSA_ASSERT(psa_import_key(&attributes, password->x, password->len, &key)); PSA_ASSERT(psa_import_key(&attributes, password->x, password->len, &key));
PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite));
PSA_ASSERT(psa_pake_set_password_key(&operation, key)); PSA_ASSERT(psa_pake_set_password_key(&operation, key));
PSA_ASSERT(psa_pake_set_role(&operation, role));
} }
TEST_EQUAL(psa_crypto_driver_pake_get_password_len(&operation.data.inputs, &password_len_ret), TEST_EQUAL(psa_crypto_driver_pake_get_password_len(&operation.data.inputs, &password_len_ret),
expected_status_pass_len); expected_status_pass_len);
TEST_EQUAL(psa_crypto_driver_pake_get_password(&operation.data.inputs,
(uint8_t *) &password_ret,
password_buffer_size, &buffer_len_ret),
expected_status_pass);
TEST_EQUAL(psa_crypto_driver_pake_get_role(&operation.data.inputs, &role_ret),
expected_status_role);
TEST_EQUAL(psa_crypto_driver_pake_get_cipher_suite(&operation.data.inputs, &cipher_suite_ret),
expected_status_cs);
if (expected_status_pass_len == PSA_SUCCESS) { if (expected_status_pass_len == PSA_SUCCESS) {
TEST_EQUAL(password_len_ret, password->len); TEST_EQUAL(password_len_ret, password->len);
}
if (expected_status_pass == PSA_SUCCESS) { TEST_EQUAL(psa_crypto_driver_pake_get_password(&operation.data.inputs,
PSA_ASSERT(memcmp(password_ret, password->x, password->len)); (uint8_t *) &password_ret,
} password_buffer_size, &buffer_len_ret),
expected_status_pass);
if (expected_status_role == PSA_SUCCESS) { if (expected_status_pass == PSA_SUCCESS) {
TEST_EQUAL(role_ret, role); TEST_EQUAL(buffer_len_ret, password->len);
} PSA_ASSERT(memcmp(password_ret, password->x, buffer_len_ret));
}
if (expected_status_pass == PSA_SUCCESS) {
PSA_ASSERT(memcmp(&cipher_suite_ret, &cipher_suite, sizeof(cipher_suite)));
} }
exit: exit:
@ -982,3 +965,74 @@ exit:
PSA_DONE(); PSA_DONE();
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */
void pake_input_getters_cipher_suite(int expected_status, int setup_done)
{
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
psa_pake_operation_t operation = psa_pake_operation_init();
psa_pake_cipher_suite_t cipher_suite_ret = psa_pake_cipher_suite_init();
psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE(
PSA_PAKE_PRIMITIVE_TYPE_ECC,
PSA_ECC_FAMILY_SECP_R1, 256);
PSA_INIT();
if (setup_done == 1) {
psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE);
psa_pake_cs_set_primitive(&cipher_suite, primitive);
psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256);
PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite));
}
TEST_EQUAL(psa_crypto_driver_pake_get_cipher_suite(&operation.data.inputs, &cipher_suite_ret),
expected_status);
if (expected_status == PSA_SUCCESS) {
PSA_ASSERT(memcmp(&cipher_suite_ret, &cipher_suite, sizeof(cipher_suite)));
}
exit:
PSA_ASSERT(psa_pake_abort(&operation));
PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */
void pake_input_getters_role(int role_arg, int expected_status)
{
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
psa_pake_operation_t operation = psa_pake_operation_init();
psa_pake_role_t role_ret = PSA_PAKE_ROLE_NONE;
psa_pake_role_t role = role_arg;
psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE(
PSA_PAKE_PRIMITIVE_TYPE_ECC,
PSA_ECC_FAMILY_SECP_R1, 256);
PSA_INIT();
psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE);
psa_pake_cs_set_primitive(&cipher_suite, primitive);
psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256);
PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite));
if (role != PSA_PAKE_ROLE_NONE) {
PSA_ASSERT(psa_pake_set_role(&operation, role));
}
TEST_EQUAL(psa_crypto_driver_pake_get_role(&operation.data.inputs, &role_ret),
expected_status);
if (expected_status == PSA_SUCCESS) {
TEST_EQUAL(role_ret, role);
}
exit:
PSA_ASSERT(psa_pake_abort(&operation));
PSA_DONE();
}
/* END_CASE */