tests: psa: Add checks involving unknown key owner ids

Add checks involving unknown key owner identifiers in tests related to SE and persistent keys. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-07-29 15:24:05 +02:00 · 2020-07-29 15:24:05 +02:00 · f1c9a55947
commit f1c9a55947
parent 81e005042e
3 changed files with 28 additions and 0 deletions
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@ -1503,6 +1503,12 @@ void register_key_smoke_test( int lifetime_arg,
        goto exit;
    PSA_ASSERT( psa_close_key( handle ) );

+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    mbedtls_svc_key_id_t invalid_id =
+        mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg );
+    TEST_EQUAL( psa_open_key( invalid_id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
+#endif
+
    /* Restart and try again. */
    PSA_DONE( );
    PSA_ASSERT( psa_register_se_driver( location, &driver ) );
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@ -132,6 +132,10 @@ Copy persistent to persistent
 depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10000:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0

+Copy persistent to persistent, same id but different owner
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10001:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
+
 Copy persistent to persistent with enrollment algorithm
 depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
 copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x100000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0x100000:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@ -191,6 +191,12 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
    uint8_t *reexported = NULL;
    size_t reexported_length = -1;

+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    mbedtls_svc_key_id_t wrong_owner_id =
+        mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg );
+    psa_key_handle_t invalid_handle = 0;
+#endif
+
    TEST_USES_KEY_ID( id );

    PSA_ASSERT( psa_crypto_init( ) );
@ -205,6 +211,12 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
                                &handle ) );
    TEST_ASSERT( handle != 0 );
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ),
+                PSA_ERROR_DOES_NOT_EXIST );
+#endif
+
    PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
    TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
    TEST_ASSERT( mbedtls_svc_key_id_equal(
@ -216,6 +228,12 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,

    /* Close the key and reopen it. */
    PSA_ASSERT( psa_close_key( handle ) );
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+    TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ),
+                PSA_ERROR_DOES_NOT_EXIST );
+#endif
+
    PSA_ASSERT( psa_open_key( id, &handle ) );
    PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
    TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );