Fix opaque key test vector dependency to PSA_CRYPTO_DRIVER_TEST
instead of MBEDTLS_PSA_CRYPTO_DRIVERS while validating with
test drivers.
Signed-off-by: Archana <archana.madhavan@silabs.com>
A minimal test driver extension is added to support
copy of opaque keys within the same location.
Test vector support is extended to cover opaque keys.
Signed-off-by: Archana <archana.madhavan@silabs.com>
-Add test driver support to import/export while wrapping keys
meant to be stored in the PSA core as opaque( emulating an
SE without storage ).
-Export validate_unstructured_key_bit_size as
psa_validate_unstructured_key_bit_size, thereby changing its scope.
-Improve the import/export test cases in test_suite_psa_crypto to also
cover opaque keys, thereby avoiding duplication.
Signed-off-by: Archana <archana.madhavan@silabs.com>
Add the missing nonce length checks (this function is being used by
oneshot functions as well as multipart, and thus all cipher suites are
being used) and cover the case where a NULL buffer gets passed in.
Extended the set nonce test to cover this.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Make all encrypt/decrypt tests use the same function. Cleanup arguments
that were poorly named and document internal function. Removed one test
as I didn't want to write another test purely for it, when its already
tested in one shot.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Call the output size macros specifically with asymmetric keys, which
would cause a crash (and thus test fail) should this fix get regressed.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
* Add tests to validate MSB not ok for Curve25519 and
Curve448.
* Add a test to generate key for for Curve448.
Signed-off-by: Archana <archana.madhavan@silabs.com>
Enable Curve448 support
Add test vectors to evaluate
* RFC 7748
* a known-answer public key export test.
* a known-answer ECDH (X448) test.
Signed-off-by: Archana <archana.madhavan@silabs.com>
Tests for psa_cipher_encrypt and psa_cipher_decrypt functions.
The psa_cipher_encrypt function takes no parameter for IV and always generates
it therefore there will be a randomness in the calculation and cannot be
validated by comparing the actual output with the expected output.
The function is tested by:
- doing a prtially randomized test with an encryption then a decryption
and validating the input with output of the decryption
- validating against the multipart encryption
The combination of this two methods provides enough coverage like a
known answer test.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
The psa_verify_hash() is the pre-hashed version of the API and supposed
to work on hashes generated by the user. There were tests passing that
were getting "hashes" of sizes different from the expected.
Transform these into properly failing tests.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Reverting some deleted tests and changing the deprecated algo
Deleting deprecated headers from /alt-dummy dir
Corrections to the comments
Removal of deleted functions from compat-2.x.h
Corrections to tests/data_files/Makefile
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
Add HKDF tests where the sequence of inputs differs from the nominal
case: missing step, duplicate step, step out of order, or invalid step.
There were already similar tests for TLS 1.2 PRF. Add one with a key
agreement which has slightly different code.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The test "PSA generate key: RSA, 1024 bits, good, encrypt (OAEP
SHA-256)" had a dependency on MBEDTLS_GENPRIME, but this was not listed
in the dependencies. Add MBEDTLS_GENPRIME to the test's dependencies to
ensure it has what it needs to run.
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Add (internal only) define to config.h which allows the temporary
implementation of CCM to work, by removing the buffer zeroization on tag
fail when decrypting. This will obviously be removed when multipart CCM
is properaly implemented
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Update the mbedtls_test_psa_exercise_key to handle and use
PSA_KEY_USAGE_SIGN_MESSAGE and PSA_KEY_USAGE_VERIFY_MESSAGE key policies.
Add new tests for PSA_KEY_USAGE_SIGN_MESSAGE and PSA_KEY_USAGE_VERIFY_MESSAGE
policies.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
The reference output data was created with cryptodome for RSA algorithms and
python-ecdsa for ECDSA algorithms.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Modify function and test case names that testing psa_sign_hash and
psa_verify_hash funtions to be less confusing with the newly introduced
function and test case names which tests psa_sign_message and
psa_verify_message functions.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Corresponds better to the validation done in other modules of PSA Crypto.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add negative tests checking that psa_copy_key()
returns PSA_ERROR_INVALID_ARGUMENT when passed in
an invalid key identifier or key lifetime for the
target key.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Given the PSA_WANT_* config options added lately,
update set_psa_test_dependencies.py and run it
on test_suite_psa_crypto*.data files but the SE
and generated ones.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The commit
commit dcdde59c6f
Author: David Brown <david.brown@linaro.org>
Date: Tue Feb 23 15:48:13 2021 -0700
tests: psa: Change Elliptic curve defines to PSA names
when rebased on
commit bb9cbc7a23
Author: Ronald Cron <ronald.cron@arm.com>
Date: Thu Mar 4 17:09:00 2021 +0100
psa: ecdsa: Prefer NOT_SUPPORTED error code
had an incorrect merge conflict resolution. Correct this, allowing the
test "PSA sign: invalid algorithm for ECC key" to pass again.
Signed-off-by: David Brown <david.brown@linaro.org>
Now that PSA crypto config supports the new PSA_WANT_ECC_xxx defines,
change the psa-specific test suites to use these new names.
Signed-off-by: David Brown <david.brown@linaro.org>
When ECDSA is not supported by the library, prefer
to return NOT_SUPPORTED than INVALID_ARGUMENT when
asked for an ECDSA signature.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Move the check that ECDSA is supported from the
caller of the function responsible for Mbed TLS
ECDSA signatures to this function, namely
mbedtls_psa_ecdsa_sign_hash().
This makes the caller code more readable and is
more aligned with what is expected from a
sign_hash() PSA driver entry point.
Add a negative test case where a deterministic
ECDSA signature is requested while the library
does not support deterministic ECDSA.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Reworked the validation of MAC algorithm with the used key type by
introducing psa_mac_key_can_do, which guarantees that PSA_MAC_LENGTH can
be called successfully after validation of the algorithm and key type.
This means psa_get_mac_output_length is no longer required.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
To start with, test that key creation fails as intended when the key
type is not supported. This commit only covers psa_import_key and
psa_generate_key. A follow-up will cover psa_key_derivation_output_key.
My primary intent in creating this new test suite is to automatically
generate test cases by enumerating the key types and algorithms that
the library supports. But this commit only adds a few manually written
test cases, to get the ball rolling.
Move the relevant test cases of test_suite_psa_crypto.data that only
depend on generic knowledge about the API. Keep test cases that depend
more closely on the implementation, such as tests of non-supported key
sizes, in test_suite_psa_crypto.data.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Now that the support for key generation in the transparent
test driver is at the same level as the support in the
Mbed TLS library, remove the restriction on the generate
key test case that was introduced by the work on key
import and export through the PSA driver interface.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This brings them in line with PSA Crypto API 1.0.0
PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH -> PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG
PSA_ALG_AEAD_WITH_TAG_LENGTH -> PSA_ALG_AEAD_WITH_SHORTENED_TAG
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Attempting to create an ECC key with a curve specification that is not
valid can plausibly fail with PSA_ERROR_INVALID_ARGUMENT ("this is not
a curve specification at all") or PSA_ERROR_NOT_SUPPORTED ("this may
be a curve specification, but not one I support"). The choice of error
is somewhat subjective.
Before this commit, due to happenstance in the implementation, an
attempt to use a curve that is declared in the PSA API but not
implemented in Mbed TLS returned PSA_ERROR_INVALID_ARGUMENT, whereas
an attempt to use a curve that Mbed TLS supports but for which support
was disabled at compile-time returned PSA_ERROR_NOT_SUPPORTED. This
inconsistency made it difficult to write negative tests that could
work whether the curve is implemented via Mbed TLS code or via a
driver.
After this commit, any attempt to use parameters that are not
recognized fails with NOT_SUPPORTED, whether a curve with the
specified size might plausibly exist or not, because "might plausibly
exist" is not something Mbed TLS can determine.
To keep returning INVALID_ARGUMENT when importing an ECC key with an
explicit "bits" attribute that is inconsistent with the size of the
key material, this commit changes the way mbedtls_ecc_group_of_psa()
works: it now works on a size in bits rather than bytes, with an extra
flag indicating whether the bit-size must be exact or not.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Both tests do not require a lot of RAM, even though it may seem
like it at first sight. The derivation output is generated blockwise
from the KDF function, which only keeps state amounting to a couple
of blocks of the underlying hash primitive at a time.
There is never an allocation to keep the full derivation capacity in
memory...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
