From 88e08464f5bb525048c4f74a3242a8bc5aff75c5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 28 Jan 2020 20:43:00 +0100 Subject: [PATCH] Add dedicated test cases for psa_hash_compare psa_hash_compare is tested for good cases and invalid-signature cases in hash_compute_compare. Also test invalid-argument cases. Also run a few autonomous test cases with valid arguments. --- tests/suites/test_suite_psa_crypto.data | 29 +++++++++++++++++++++ tests/suites/test_suite_psa_crypto.function | 20 ++++++++++++++ 2 files changed, 49 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 71924c72e..b70fc638f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -787,6 +787,35 @@ PSA hash compute: output buffer too small depends_on:MBEDTLS_SHA256_C hash_compute_fail:PSA_ALG_SHA_256:"":31:PSA_ERROR_BUFFER_TOO_SMALL +PSA hash compare: bad algorithm (unknown hash) +hash_compare_fail:PSA_ALG_CATEGORY_HASH:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_NOT_SUPPORTED + +PSA hash compare: bad algorithm (wildcard) +hash_compare_fail:PSA_ALG_ANY_HASH:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_NOT_SUPPORTED + +PSA hash compare: bad algorithm (not a hash) +hash_compare_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_INVALID_ARGUMENT + +PSA hash compare: hash of a prefix +depends_on:MBEDTLS_SHA256_C +hash_compare_fail:PSA_ALG_SHA_256:"00":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_INVALID_SIGNATURE + +PSA hash compare: hash with flipped bit +depends_on:MBEDTLS_SHA256_C +hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b854":PSA_ERROR_INVALID_SIGNATURE + +PSA hash compare: hash with trailing garbage +depends_on:MBEDTLS_SHA256_C +hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85500":PSA_ERROR_INVALID_SIGNATURE + +PSA hash compare: truncated hash +depends_on:MBEDTLS_SHA256_C +hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8":PSA_ERROR_INVALID_SIGNATURE + +PSA hash compare: good +depends_on:MBEDTLS_SHA256_C +hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_SUCCESS + PSA hash compute: good, SHA-1 depends_on:MBEDTLS_SHA1_C hash_compute_compare:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c9c45b7e1..a2be082af 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2456,6 +2456,26 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_compare_fail( int alg_arg, data_t *input, + data_t *reference_hash, + int expected_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; + psa_status_t status; + + PSA_ASSERT( psa_crypto_init( ) ); + + status = psa_hash_compare( alg, input->x, input->len, + reference_hash->x, reference_hash->len ); + TEST_EQUAL( status, expected_status ); + +exit: + PSA_DONE( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_compute_compare( int alg_arg, data_t *input, data_t *expected_output )