From d37850404adfb8064f6e590197983c7c852daa30 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 16 Sep 2022 06:45:44 -0400 Subject: [PATCH] Add derivation step testing to EC J-PAKE to PMS tests Signed-off-by: Andrzej Kurek --- tests/suites/test_suite_psa_crypto.data | 18 +++++++++++------- tests/suites/test_suite_psa_crypto.function | 7 ++++--- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e552fc1f5..4a052c433 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -5799,32 +5799,36 @@ derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"00010 PSA key derivation: ECJPAKE to PMS, no input depends_on:PSA_WANT_ALG_SHA_256 -derive_ecjpake_to_pms:"":PSA_ERROR_INVALID_ARGUMENT:"":PSA_ERROR_INVALID_ARGUMENT +derive_ecjpake_to_pms:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:"":PSA_ERROR_INVALID_ARGUMENT PSA key derivation: ECJPAKE to PMS, input too short depends_on:PSA_WANT_ALG_SHA_256 -derive_ecjpake_to_pms:"deadbeef":PSA_ERROR_INVALID_ARGUMENT:"":PSA_ERROR_INVALID_ARGUMENT +derive_ecjpake_to_pms:"deadbeef":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:"":PSA_ERROR_INVALID_ARGUMENT PSA key derivation: ECJPAKE to PMS, input too long depends_on:PSA_WANT_ALG_SHA_256 -derive_ecjpake_to_pms:"0400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000de":PSA_ERROR_INVALID_ARGUMENT:"":PSA_ERROR_INVALID_ARGUMENT +derive_ecjpake_to_pms:"0400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000de":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:"":PSA_ERROR_INVALID_ARGUMENT PSA key derivation: ECJPAKE to PMS, bad input format depends_on:PSA_WANT_ALG_SHA_256 -derive_ecjpake_to_pms:"0200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":PSA_ERROR_INVALID_ARGUMENT:"":PSA_ERROR_INVALID_ARGUMENT +derive_ecjpake_to_pms:"0200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:"":PSA_ERROR_INVALID_ARGUMENT #NIST CAVS 11.0 SHA-256 ShortMSG vector for L=256 PSA key derivation: ECJPAKE to PMS, good case depends_on:PSA_WANT_ALG_SHA_256 -derive_ecjpake_to_pms:"0409fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b950000000000000000000000000000000000000000000000000000000000000000":PSA_SUCCESS:"4f44c1c7fbebb6f9601829f3897bfd650c56fa07844be76489076356ac1886a4":PSA_SUCCESS +derive_ecjpake_to_pms:"0409fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b950000000000000000000000000000000000000000000000000000000000000000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"4f44c1c7fbebb6f9601829f3897bfd650c56fa07844be76489076356ac1886a4":PSA_SUCCESS + +PSA key derivation: ECJPAKE to PMS, bad derivation step +depends_on:PSA_WANT_ALG_SHA_256 +derive_ecjpake_to_pms:"0409fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b950000000000000000000000000000000000000000000000000000000000000000":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SEED:"4f44c1c7fbebb6f9601829f3897bfd650c56fa07844be76489076356ac1886a4":PSA_SUCCESS PSA key derivation: ECJPAKE to PMS, output too short depends_on:PSA_WANT_ALG_SHA_256 -derive_ecjpake_to_pms:"0409fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b950000000000000000000000000000000000000000000000000000000000000000":PSA_SUCCESS:"4f":PSA_ERROR_INVALID_ARGUMENT +derive_ecjpake_to_pms:"0409fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b950000000000000000000000000000000000000000000000000000000000000000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"4f":PSA_ERROR_INVALID_ARGUMENT PSA key derivation: ECJPAKE to PMS, output too long depends_on:PSA_WANT_ALG_SHA_256 -derive_ecjpake_to_pms:"0409fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b950000000000000000000000000000000000000000000000000000000000000000":PSA_SUCCESS:"4f44c1c7fbebb6f9601829f3897bfd650c56fa07844be76489076356ac1886a400":PSA_ERROR_INVALID_ARGUMENT +derive_ecjpake_to_pms:"0409fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b950000000000000000000000000000000000000000000000000000000000000000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"4f44c1c7fbebb6f9601829f3897bfd650c56fa07844be76489076356ac1886a400":PSA_ERROR_INVALID_ARGUMENT PSA key derivation: HKDF SHA-256, read maximum capacity minus 1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b04adcca4..0162c07d1 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -7235,11 +7235,12 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS:MBEDTLS_SHA256_C */ void derive_ecjpake_to_pms( data_t *input, int expected_input_status, - data_t *expected_output, int expected_output_status ) + int derivation_step, data_t *expected_output, + int expected_output_status ) { psa_algorithm_t alg = PSA_ALG_TLS12_ECJPAKE_TO_PMS; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - + psa_key_derivation_step_t step = (psa_key_derivation_step_t) derivation_step; uint8_t *output_buffer = NULL; psa_status_t status; @@ -7251,7 +7252,7 @@ void derive_ecjpake_to_pms( data_t *input, int expected_input_status, expected_output->len ) ); TEST_EQUAL( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, input->x, input->len ), + step, input->x, input->len ), (psa_status_t) expected_input_status ); if( ( (psa_status_t) expected_input_status ) != PSA_SUCCESS )