yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
23317 commits 1 branch 0 tags 94 MiB
Commit graph

628 commits

Author SHA1 Message Date
Shaun Case
8b0ecbccf4 Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell. 
Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-05-11 21:25:51 +01:00
Przemek Stekiel
ead1bb9987 derive_output test: Adapt for HKDF-Extract/Expand algs 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-05-11 12:22:57 +02:00
Gilles Peskine
2b5d898eb4
Merge pull request #5644 from gilles-peskine-arm/psa-storage-format-test-exercise 
PSA storage format: exercise key
 2022-04-28 18:20:02 +02:00
Przemek Stekiel
4e47a91d2e Fix indentation issues 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-04-21 11:53:57 +02:00
Przemek Stekiel
4daaa2bd05 derive_output mix-psk test: add more cases for derivation of output key 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-04-21 11:53:57 +02:00
Przemek Stekiel
6aabc473ce derive_output test: remove redundant tests with raw key agreement 
Already handled by input_bytes().
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-04-21 11:53:57 +02:00
Przemek Stekiel
e665466a80 derive_output test: add other key type value 11 to handle raw key type 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-04-21 11:53:57 +02:00
Przemek Stekiel
38647defa8 derive_output() test: fix code style 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-04-21 11:53:57 +02:00
Przemek Stekiel
cd00d7f724 test PSA key derivation: add positive and negative cases for mixed-psk 
Mix-PSK-to-MS test vectors are generated using python-tls library:
https://github.com/python-tls/tls

Steps to generate test vectors:
1. git clone git@github.com:python-tls/tls.git
2. cd tls
3. python3 setup.py build
4. sudo python3 setup.py install
5. Use the python script below to generate Master Secret (see description for details):

"""
Script to derive MS using mixed PSK to MS algorithm.

Script can be used to generate expected result for mixed PSK to MS tests.

Script uses python tls library:
https://github.com/python-tls/tls

Example usage:
derive_ms.py <secret> <other_secret> <seed> <label> <hash>
derive_ms.py 01020304 ce2fa604b6a3e08fc42eda74ab647adace1168b199ed178dbaae12521d68271d7df56eb56c55878034cf01bd887ba4d7 5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f 6d617374657220736563726574 SHA256

secret          : 01020304
other_secret    : ce2fa604b6a3e08fc42eda74ab647adace1168b199ed178dbaae12521d68271d7df56eb56c55878034cf01bd887ba4d7
pms             : 0030ce2fa604b6a3e08fc42eda74ab647adace1168b199ed178dbaae12521d68271d7df56eb56c55878034cf01bd887ba4d7000401020304
seed            : 5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f
label           : 6d617374657220736563726574
output          : 168fecea35190f9df34c042f24ecaa5e7825337f2cd82719464df5462f16aae84cb38a65c0d612ca9273f998ad32c05b
"""
from cryptography.hazmat.primitives import hashes
from tls._common.prf import prf
import os
import sys

def build_pms(other_secret: bytes, secret: bytes) -> bytes:
    other_secret_size = len(other_secret).to_bytes(2, byteorder='big')
    secret_size = len(secret).to_bytes(2, byteorder='big')
    return(other_secret_size + other_secret + secret_size + secret)

def derive_ms(secret: bytes, other_secret: bytes, seed: bytes, label: bytes, hash: hashes.HashAlgorithm) -> bytes:
    return prf(build_pms(other_secret, secret), label, seed, hash, 48)

def main():
    #check args
    if len(sys.argv) != 6:
        print("Invalid number of arguments. Expected: <secret> <other_secret> <seed> <label> <hash>" )
        return
    if sys.argv[5] != 'SHA384' and sys.argv[5] != 'SHA256':
        print("Invalid hash algorithm. Expected: SHA256 or SHA384" )
        return

    secret = bytes.fromhex(sys.argv[1])
    other_secret = bytes.fromhex(sys.argv[2])
    seed = bytes.fromhex(sys.argv[3])
    label = bytes.fromhex(sys.argv[4])
    hash_func = hashes.SHA384() if sys.argv[5] == 'SHA384' else hashes.SHA256()
    pms = build_pms(other_secret, secret)

    actual_output = derive_ms(secret, other_secret, seed, label, hash_func)

    print('secret       : ' + secret.hex())
    print('other_secret : ' + other_secret.hex())
    print('pms          : ' + pms.hex())
    print('seed         : ' + seed.hex())
    print('label        : ' + label.hex())
    print('output       : ' + actual_output.hex())

if __name__ == "__main__":
    main()

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-04-21 11:41:41 +02:00
Gilles Peskine
286c314ae3 cipher_alg_without_iv: also test multipart decryption 
For multipart encrpytion, call psa_cipher_finish(). This is not actually
necessary for non-pathological implementations of ECB (the only currently
supported IV-less cipher algorithm) because it requires the input to be a
whole number of blocks and non-pathological implementations emit the output
block from update() as soon as an input block is available. But in principle
a driver could delay output and thus require a call to finish().

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-21 11:27:17 +02:00
Gilles Peskine
9e38f2c8fd cipher_alg_without_iv: generalized to also do decryption 
Test set_iv/generate_iv after decrypt_setup. Test successful decryption.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-21 11:25:00 +02:00
Gilles Peskine
9b9b614a02 cipher_encrypt_alg_without_iv: validate size macros independently 
Validate the size macros directly from the output length in the test data,
rather than using the value returned by the library. This is equivalent
since the value returned by the library is checked to be identical.

Enforce that SIZE() <= MAX_SIZE(), in addition to length <= SIZE(). This is
stronger than the previous code which merely enforced length <= SIZE() and
length <= MAX_SIZE().

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-21 11:24:48 +02:00
Przemek Stekiel
ffbb7d35fc derive_output: add optional step for derivation 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-04-12 11:27:00 +02:00
Manuel Pégourié-Gonnard
c11bffe989
Merge pull request #5139 from mprse/key_der_ecc 
PSA: implement key derivation for ECC keys
 2022-03-14 09:17:13 +01:00
Przemek Stekiel
c85f0912c4 psa_crypto.c, test_suite_psa_crypto.function: fix style 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-08 11:37:54 +01:00
Gilles Peskine
6bf5c8cb1d
Merge pull request #5506 from superna9999/4964-extend-psa-one-shot-multipart 
Extend PSA operation setup tests to always cover both one-shot and multipart
 2022-03-07 17:04:37 +01:00
Neil Armstrong
fd4c259a7b Use PSA_INIT() in mac_multipart_internal_func() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-07 10:11:11 +01:00
Neil Armstrong
fe6da1c35c Fix style issues in mac_sign_verify_multi() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-03 16:29:14 +01:00
Gilles Peskine
92e08fba4c
Merge pull request #5475 from miudr/fix_issue_5140 
Fix AEAD multipart incorrect offset in test_suite_psa_crypto.function
 2022-03-01 20:45:54 +01:00
Neil Armstrong
4766f99fe5 Add multi-part mac sign/verify test 
The test is based on the AEAD multi-part test, re-using the
design on aead_multipart_internal_func() to test differnet
sequence of psa_mac_update() for MAC update or verify.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-28 18:37:30 +01:00
Neil Armstrong
60234f87a6 Revert "Introduce new mac_key_policy_multi() variant of mac_key_policy() testing multiple updates occurences" 
This reverts commit 3ccd08b343.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-28 15:21:38 +01:00
Neil Armstrong
3ccd08b343 Introduce new mac_key_policy_multi() variant of mac_key_policy() testing multiple updates occurences 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-25 16:15:08 +01:00
Neil Armstrong
ee9686b446 Fix style issue in hash_setup() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-25 15:47:34 +01:00
Przemyslaw Stekiel
696b120650 Add tests for ECC key derivation 
Test code and test vectors are taken from PR #5218

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-22 13:35:26 +01:00
Neil Armstrong
66a479f8fb Add Cipher Decrypt Fail multi-part case 
Make `PSA symetric decrypt: CCM*-no-tag, input too short (15 bytes)`
depend on MBEDTLS_CCM_C otherwise the multi-part test fails on
the missing CCM* instead on the input length validity for CCM*.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
d8dba4e0aa Add Cipher Encrypt Fail multi-part case 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
3ee335dbe3 Add Cipher Encrypt multi-part case 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
752d811015 Add AEAD Key Policy check multi-part cases 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
78aeaf8ad7 Add Cipher Key Policy check one-shot cases 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
3af9b97a29 Add Multipart Message authentication Compute & Verify cases 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
ca30a00aad Add Multipart Hash Compute & Compare tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
55a1be1f48 Add Multipart Hash Compare fail tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
161ec5c368 Add Multipart Hash Compute fail tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Neil Armstrong
edb20865c7 Add One-Shot Hash setup test 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 10:56:18 +01:00
Manuel Pégourié-Gonnard
1ab2d6966c
Merge pull request #5385 from AndrzejKurek/use-psa-crypto-reduced-configs 
Resolve problems with reduced configs using USE_PSA_CRYPTO
 2022-02-02 10:20:26 +01:00
Mircea Udrea
657ff4fd09 Fix AEAD multipart incorrect offset in test_suite_psa_crypto.function 
When working with block cipher modes like GCM(PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER),
aead_multipart_internal_func() should calculate the offset in output buffer
based on output_length, not using the offset of the input buffer(part_offset).

Signed-off-by: Mircea Udrea <mircea.udrea@silexinsight.com>
 2022-01-31 13:51:56 +01:00
Gilles Peskine
c6753a6c90
Merge pull request #5363 from AndrzejKurek/clarify-testing-set-nonce-set-lengths 
PSA AEAD: extend testing of set_nonce + set_lengths
 2022-01-25 17:02:26 +01:00
Andrzej Kurek
f881601c91 Detect invalid tag lengths in psa_aead_setup 
Read tag lengths from the driver and validate against preset values.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-01-20 07:40:12 -05:00
Andrzej Kurek
031df4a93a Clarify test descriptions 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-01-19 12:44:49 -05:00
Andrzej Kurek
e5f94fb556 PSA AEAD: test long plaintext lengths for psa_set_lengths 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-01-19 12:36:50 -05:00
Andrzej Kurek
1e8e1745a8 PSA AEAD: test more combinations of set_nonce and set_lengths 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-01-19 12:36:50 -05:00
Andrzej Kurek
a2ce72e5bf Test calling psa_aead_set_lengths and set_nonce in various order 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-01-19 12:36:50 -05:00
Andrzej Kurek
77b8e098f9 Add missing MBEDTLS_ASN1_WRITE_C dependency in test_suite_psa_crypto 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-01-19 12:34:23 -05:00
Manuel Pégourié-Gonnard
a15503fcdd
Merge pull request #5344 from AndrzejKurek/psa-aead-more-generate-nonce-combinations 
PSA AEAD: test more combinations of generate_nonce and set_lengths
 2022-01-17 13:12:04 +01:00
Andrzej Kurek
ad83752811 PSA AEAD: test more combinations of generate_nonce and set_lengths 
Extend PSA AEAD testing by adding CCM and ChaChaPoly.
Add more combinations of functions to test the API.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2021-12-15 15:30:29 +01:00
Ronald Cron
8188d19b0e Merge branch 'development-restricted' into mbedtls-3.1.0rc-pr 2021-12-14 10:58:18 +01:00
Gilles Peskine
d5b2a59826
Merge pull request #5047 from paul-elliott-arm/psa-m-aead-ccm 
PSA Multipart AEAD CCM Internal implementation and tests.
 2021-12-09 14:49:42 +01:00
Paul Elliott
37ec16b579 Add explanation for workaround in test code 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-09 09:44:11 +00:00
Manuel Pégourié-Gonnard
39c2aba920
Merge pull request #849 from ronald-cron-arm/fix-cipher-iv 
Avoid using encryption output buffer to pass generated IV to PSA driver
 2021-12-08 13:30:06 +01:00
Ronald Cron
6c9bb0f71e test: psa cipher: Add unexpected IV setting/generation negative tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-11-26 15:46:20 +01:00
Dave Rodgman
491d849ad1 Fix derive_input test ignoring parameter 
Fix derive_input test hardcoding key type instead of using test argument.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-11-16 16:05:06 +00:00
Manuel Pégourié-Gonnard
087f04783d
Merge pull request #5076 from mstarzyk-mobica/psa_ccm_no_tag 
PSA CCM*-no-tag
 2021-11-10 10:18:55 +01:00
Gilles Peskine
f7b4137e69 Untangle PSA_ALG_IS_HASH_AND_SIGN and PSA_ALG_IS_SIGN_HASH 
The current definition of PSA_ALG_IS_HASH_AND_SIGN includes
PSA_ALG_RSA_PKCS1V15_SIGN_RAW and PSA_ALG_ECDSA_ANY, which don't strictly
follow the hash-and-sign paradigm: the algorithm does not encode a hash
algorithm that is applied prior to the signature step. The definition in
fact encompasses what can be used with psa_sign_hash/psa_verify_hash, so
it's the correct definition for PSA_ALG_IS_SIGN_HASH. Therefore this commit
moves definition of PSA_ALG_IS_HASH_AND_SIGN to PSA_ALG_IS_SIGN_HASH, and
replace the definition of PSA_ALG_IS_HASH_AND_SIGN by a correct one (based
on PSA_ALG_IS_SIGN_HASH, excluding the algorithms where the pre-signature
step isn't to apply the hash encoded in the algorithm).

In the definition of PSA_ALG_SIGN_GET_HASH, keep the condition for a nonzero
output to be PSA_ALG_IS_HASH_AND_SIGN.

Everywhere else in the code base (definition of PSA_ALG_IS_SIGN_MESSAGE, and
every use of PSA_ALG_IS_HASH_AND_SIGN outside of crypto_values.h), we meant
PSA_ALG_IS_SIGN_HASH where we wrote PSA_ALG_IS_HASH_AND_SIGN, so do a
global replacement.
```
git grep -l IS_HASH_AND_SIGN ':!include/psa/crypto_values.h' | xargs perl -i -pe 's/ALG_IS_HASH_AND_SIGN/ALG_IS_SIGN_HASH/g'
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-11-03 15:48:15 +01:00
Mateusz Starzyk
ed71e92730 Add tests for CCM*-no-tag. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-21 11:33:41 +02:00
Paul Elliott
76bda48f8c Add Multipart AEAD CCM Finish buffer tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-07 18:06:03 +01:00
Paul Elliott
47b9a14dc6 Add Multipart AEAD CCM update buffer tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-07 18:06:03 +01:00
Paul Elliott
d79c5c5105 Add Multipart AEAD CCM generate nonce tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-07 18:06:03 +01:00
Paul Elliott
e4c08ed257 Add Multipart AEAD CCM set nonce tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-07 18:06:03 +01:00
Paul Elliott
fec6f37669 Add Multipart AEAD CCM verify tests 
Known failures, concentrating on verify (bad signature etc.)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-07 18:06:03 +01:00
Paul Elliott
32f46ba16a Remove ability to turn off chunked ad/data tests 
This is no longer required, as both PolyChaCha and GCM now support
both chunked body data and additional data.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-24 11:20:10 +01:00
Paul Elliott
71b0567c87 Merge remote-tracking branch 'upstream/development' into psa-m-aead-merge 
Also fiixed the following merge problems:

crypto_struct.h   : Added MBEDTLS_PRIVATE to psa_aead_operation_s
                    members (merge conflict)
psa_crypto_aead.c : Added ciphertext_length to mbedtls_gcm_finish
                    call (change of API during development)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-24 11:18:13 +01:00
Paul Elliott
3db0b70263 Remove unnecessary test steps 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:18 +01:00
Paul Elliott
88ecbe176d Test generated nonce test generates expected sizes 
(But only in the positive test cases)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
fbb4c6d9a2 Replace AEAD operation init func with macro 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
a2a09b096c Remove double initialisation of AEAD operation 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
bb979e7748 Rename enum types 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
bdc2c68d97 Add missing not setting nonce tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
64555bd98c Add missing initialisation to setup test. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-20 18:47:28 +01:00
Paul Elliott
4a760882bb Fix leaked test buffer 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-20 09:43:46 +01:00
Paul Elliott
6043e49039 Fix missed documentation header pt 2 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-20 09:43:46 +01:00
Paul Elliott
8eec8d4436 Fix missed documentation header 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 22:39:06 +01:00
Paul Elliott
f94bd99368 Add missing aead state tests. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
5221ef638a Add aead setup tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
1c67e0b38c Add extra verify edge test cases 
Add ability to pass NULL tag buffer (with length zero)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
9961a668bd Remove negative tests from multipart_decrypt 
Multipart decrypt now always expects positive result (i.e. the plaintext
that is passed in). Added new test that expects fail, and does no
multipart versions and concentrates on aead_verify.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
fd0c154ce3 Add tests to oversend data/ad when lengths set 
Previous tests only tested when the expected lengths were set to zero.
New test sends all data/ad then goes over by one byte.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
f38adbe558 Ensure tests expected to fail actually fail 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
e49fe45478 Remove unneccesary nesting 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
4e4d71a838 Move hidden logic into loop 'for' statement 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
33746aac32 Convert set lengths options over to enum 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
9454cfa911 Remove unneccesary safety check in test 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
6bfd0fbbc6 Convert all uint32_t lengths over to size_t 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
5a9642ff28 Correct switched blocks for output sizes 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
719c1324a1 Add tag buffer size tests to finish buffer tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
e58cb1e0cf Aligh finish_buffer_test vars with PSA standard 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
4023ffd275 Re-add option of NULL buffer for nonce tests 
NULL/zero length or valid buffer/zero length both now tested

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
e64deda873 Add missing check to multipart decrypt 
Ensure that the test actually does something, rather than skipping both
parts, also add comment to this effect.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Archana
9d17bf4215
Styling and refactoring 
Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-09-10 07:16:08 +05:30
Archana
8a180368fb
Add opaque test driver support for copy key 
A minimal test driver extension is added to support
copy of opaque keys within the same location.
Test vector support is extended to cover opaque keys.

Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-09-08 22:04:07 +05:30
Archana
4d7ae1d8cf
Add test driver support for opaque key import 
-Add test driver support to import/export while wrapping keys
 meant to be stored in the PSA core as opaque( emulating an
 SE without storage ).
-Export validate_unstructured_key_bit_size as
 psa_validate_unstructured_key_bit_size, thereby changing its scope.
-Improve the import/export test cases in test_suite_psa_crypto to also
 cover opaque keys, thereby avoiding duplication.

Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-09-08 22:03:54 +05:30
Paul Elliott
b0450febe6 Tests for sending too much data after set lengths 
We previously had tests for not sending enough (additional) data, but
were missing tests for sending too much. I have added these to the state
tests, as I don't think this is complex enough to deserve a standalone
test.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-01 15:09:15 +01:00
Paul Elliott
7f62842247 Add test for calling update when nonce not set 
Previously only testing calling update_ad in this state.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-01 15:09:15 +01:00
Paul Elliott
c6d11d02f5 Aligh update buffer test variables with psa naming 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-01 15:09:15 +01:00
Mateusz Starzyk
1ebcd55afa Extend mac_key_policy test. 
Add checks for psa_mac_compute and psa_mac_verify.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-30 17:11:01 +02:00
Paul Elliott
5e69aa5709 Remove NULL check for set nonce 
Also remove tests which would pass NULL to this function.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-08-25 17:40:40 +01:00
Paul Elliott
6f0e72038d Align set nonce variables with psa convention 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-08-25 17:40:40 +01:00
Paul Elliott
f127763ec9 Align generate nonce variables with psa convention 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-08-25 17:40:40 +01:00
Mateusz Starzyk
d07f4fc30f Use separate expected results for MAC sign and verify key policy. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-24 14:16:55 +02:00
Mateusz Starzyk
cb0a7cd142 Fix mac_key_policy test function 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-20 11:34:49 +02:00
Paul Elliott
66696b5591 Improve nonce length checks 
Add the missing nonce length checks (this function is being used by
oneshot functions as well as multipart, and thus all cipher suites are
being used) and cover the case where a NULL buffer gets passed in.
Extended the set nonce test to cover this.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-08-16 18:44:50 +01:00