Add tests for mbedtls_psa_hkdf_expand
Add test cases which test psa_import_key and psa_mac_sign_setup function call if they return error. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This commit is contained in:
parent
8e3602569b
commit
cbe5ba500a
2 changed files with 43 additions and 1 deletions
|
@ -4382,9 +4382,13 @@ SSL TLS 1.3 Key schedule: HKDF expand fails with NULL okm
|
||||||
depends_on:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_ALG_SHA_256
|
||||||
psa_hkdf_expand_ret:PSA_ALG_HMAC(PSA_ALG_SHA_256):32:0:PSA_ERROR_INVALID_ARGUMENT
|
psa_hkdf_expand_ret:PSA_ALG_HMAC(PSA_ALG_SHA_256):32:0:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
SSL TLS 1.3 Key schedule: HKDF expand fails with wrong hash alg
|
SSL TLS 1.3 Key schedule: HKDF expand fails with invalid alg
|
||||||
psa_hkdf_expand_ret:0:32:32:PSA_ERROR_INVALID_ARGUMENT
|
psa_hkdf_expand_ret:0:32:32:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
|
SSL TLS 1.3 Key schedule: HKDF expand fails with incompatible alg
|
||||||
|
depends_on:PSA_WANT_ALG_SHA_256
|
||||||
|
psa_hkdf_expand_ret:PSA_ALG_SHA_256:32:32:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
SSL TLS 1.3 Key schedule: HKDF expand fails with prk_len < hash_len
|
SSL TLS 1.3 Key schedule: HKDF expand fails with prk_len < hash_len
|
||||||
depends_on:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_ALG_SHA_256
|
||||||
psa_hkdf_expand_ret:PSA_ALG_HMAC(PSA_ALG_SHA_256):16:32:PSA_ERROR_INVALID_ARGUMENT
|
psa_hkdf_expand_ret:PSA_ALG_HMAC(PSA_ALG_SHA_256):16:32:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
@ -4392,6 +4396,10 @@ psa_hkdf_expand_ret:PSA_ALG_HMAC(PSA_ALG_SHA_256):16:32:PSA_ERROR_INVALID_ARGUME
|
||||||
SSL TLS 1.3 Key schedule: HKDF expand fails with okm_len / hash_len > 255
|
SSL TLS 1.3 Key schedule: HKDF expand fails with okm_len / hash_len > 255
|
||||||
psa_hkdf_expand_ret:PSA_ALG_HMAC(PSA_ALG_SHA_256):32:8192:PSA_ERROR_INVALID_ARGUMENT
|
psa_hkdf_expand_ret:PSA_ALG_HMAC(PSA_ALG_SHA_256):32:8192:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
|
SSL TLS 1.3 Key schedule: HKDF expand fails with key import
|
||||||
|
depends_on:PSA_WANT_ALG_SHA_256
|
||||||
|
psa_hkdf_expand_ret:PSA_ALG_HMAC(PSA_ALG_SHA_256):32:32:PSA_ERROR_INSUFFICIENT_MEMORY
|
||||||
|
|
||||||
SSL TLS 1.3 Key schedule: HKDF Expand Label #1
|
SSL TLS 1.3 Key schedule: HKDF Expand Label #1
|
||||||
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
|
||||||
# Server handshake traffic secret -> Server traffic key
|
# Server handshake traffic secret -> Server traffic key
|
||||||
|
|
|
@ -3848,6 +3848,8 @@ void psa_hkdf_expand_ret( int alg, int prk_len, int okm_len, int ret )
|
||||||
unsigned char *prk = NULL;
|
unsigned char *prk = NULL;
|
||||||
unsigned char *okm = NULL;
|
unsigned char *okm = NULL;
|
||||||
size_t info_len;
|
size_t info_len;
|
||||||
|
size_t i;
|
||||||
|
mbedtls_svc_key_id_t *keys = NULL;
|
||||||
|
|
||||||
PSA_INIT( );
|
PSA_INIT( );
|
||||||
|
|
||||||
|
@ -3859,6 +3861,30 @@ void psa_hkdf_expand_ret( int alg, int prk_len, int okm_len, int ret )
|
||||||
if( okm_len > 0 )
|
if( okm_len > 0 )
|
||||||
ASSERT_ALLOC( okm, okm_len );
|
ASSERT_ALLOC( okm, okm_len );
|
||||||
|
|
||||||
|
if( ret == PSA_ERROR_INSUFFICIENT_MEMORY )
|
||||||
|
{
|
||||||
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||||
|
|
||||||
|
/* Reserve all key slot to make the key import fail. */
|
||||||
|
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE );
|
||||||
|
psa_set_key_algorithm( &attributes, alg );
|
||||||
|
psa_set_key_type( &attributes, PSA_KEY_TYPE_HMAC );
|
||||||
|
|
||||||
|
ASSERT_ALLOC( keys, MBEDTLS_PSA_KEY_SLOT_COUNT );
|
||||||
|
|
||||||
|
for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ )
|
||||||
|
{
|
||||||
|
/* Do not use the 0 value because it will be passed to
|
||||||
|
mbedtls_psa_hkdf_expand */
|
||||||
|
prk[0] = i + 1;
|
||||||
|
keys[i] = MBEDTLS_SVC_KEY_ID_INIT;
|
||||||
|
psa_import_key( &attributes, prk, prk_len, &keys[i] );
|
||||||
|
}
|
||||||
|
|
||||||
|
/* reset prk buffer */
|
||||||
|
prk[0] = 0;
|
||||||
|
}
|
||||||
|
|
||||||
output_ret = mbedtls_psa_hkdf_expand( alg, prk, prk_len,
|
output_ret = mbedtls_psa_hkdf_expand( alg, prk, prk_len,
|
||||||
info, info_len,
|
info, info_len,
|
||||||
okm, okm_len );
|
okm, okm_len );
|
||||||
|
@ -3868,6 +3894,14 @@ exit:
|
||||||
mbedtls_free( prk );
|
mbedtls_free( prk );
|
||||||
mbedtls_free( okm );
|
mbedtls_free( okm );
|
||||||
|
|
||||||
|
if( ret == PSA_ERROR_INSUFFICIENT_MEMORY )
|
||||||
|
{
|
||||||
|
for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ )
|
||||||
|
psa_destroy_key( keys[i] );
|
||||||
|
|
||||||
|
mbedtls_free( keys );
|
||||||
|
}
|
||||||
|
|
||||||
PSA_DONE( );
|
PSA_DONE( );
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
Loading…
Reference in a new issue