tests: psa: Add checks involving unknown key owner ids
Add checks involving unknown key owner identifiers in tests related to SE and persistent keys. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
parent
81e005042e
commit
f1c9a55947
3 changed files with 28 additions and 0 deletions
|
@ -1503,6 +1503,12 @@ void register_key_smoke_test( int lifetime_arg,
|
||||||
goto exit;
|
goto exit;
|
||||||
PSA_ASSERT( psa_close_key( handle ) );
|
PSA_ASSERT( psa_close_key( handle ) );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
|
||||||
|
mbedtls_svc_key_id_t invalid_id =
|
||||||
|
mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg );
|
||||||
|
TEST_EQUAL( psa_open_key( invalid_id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Restart and try again. */
|
/* Restart and try again. */
|
||||||
PSA_DONE( );
|
PSA_DONE( );
|
||||||
PSA_ASSERT( psa_register_se_driver( location, &driver ) );
|
PSA_ASSERT( psa_register_se_driver( location, &driver ) );
|
||||||
|
|
|
@ -132,6 +132,10 @@ Copy persistent to persistent
|
||||||
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||||
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10000:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10000:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
||||||
|
|
||||||
|
Copy persistent to persistent, same id but different owner
|
||||||
|
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
|
||||||
|
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x10000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:0x10001:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0
|
||||||
|
|
||||||
Copy persistent to persistent with enrollment algorithm
|
Copy persistent to persistent with enrollment algorithm
|
||||||
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
|
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
|
||||||
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x100000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0x100000:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
|
copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:0x100000:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0x100000:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
|
||||||
|
|
|
@ -191,6 +191,12 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
|
||||||
uint8_t *reexported = NULL;
|
uint8_t *reexported = NULL;
|
||||||
size_t reexported_length = -1;
|
size_t reexported_length = -1;
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
|
||||||
|
mbedtls_svc_key_id_t wrong_owner_id =
|
||||||
|
mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg );
|
||||||
|
psa_key_handle_t invalid_handle = 0;
|
||||||
|
#endif
|
||||||
|
|
||||||
TEST_USES_KEY_ID( id );
|
TEST_USES_KEY_ID( id );
|
||||||
|
|
||||||
PSA_ASSERT( psa_crypto_init( ) );
|
PSA_ASSERT( psa_crypto_init( ) );
|
||||||
|
@ -205,6 +211,12 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
|
||||||
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
|
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
|
||||||
&handle ) );
|
&handle ) );
|
||||||
TEST_ASSERT( handle != 0 );
|
TEST_ASSERT( handle != 0 );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
|
||||||
|
TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ),
|
||||||
|
PSA_ERROR_DOES_NOT_EXIST );
|
||||||
|
#endif
|
||||||
|
|
||||||
PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
|
PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
|
||||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
|
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
|
||||||
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
TEST_ASSERT( mbedtls_svc_key_id_equal(
|
||||||
|
@ -216,6 +228,12 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
|
||||||
|
|
||||||
/* Close the key and reopen it. */
|
/* Close the key and reopen it. */
|
||||||
PSA_ASSERT( psa_close_key( handle ) );
|
PSA_ASSERT( psa_close_key( handle ) );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
|
||||||
|
TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ),
|
||||||
|
PSA_ERROR_DOES_NOT_EXIST );
|
||||||
|
#endif
|
||||||
|
|
||||||
PSA_ASSERT( psa_open_key( id, &handle ) );
|
PSA_ASSERT( psa_open_key( id, &handle ) );
|
||||||
PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
|
PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
|
||||||
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
|
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
|
||||||
|
|
Loading…
Reference in a new issue