5e76952235
Add a function to configure entropy sources. For testing only. Use it to test that the library initialization fails properly if there is no entropy source.
170 lines
5.1 KiB
Text
170 lines
5.1 KiB
Text
/* BEGIN_HEADER */
|
|
#include <stdint.h>
|
|
|
|
#if defined(MBEDTLS_PSA_CRYPTO_SPM)
|
|
#include "spm/psa_defs.h"
|
|
#endif
|
|
#include "psa/crypto.h"
|
|
|
|
/* Some tests in this module configure entropy sources. */
|
|
#include "psa_crypto_invasive.h"
|
|
|
|
#include "mbedtls/entropy.h"
|
|
#include "mbedtls/entropy_poll.h"
|
|
|
|
#define ENTROPY_SOURCE_PLATFORM 0x00000001
|
|
#define ENTROPY_SOURCE_TIMING 0x00000002
|
|
#define ENTROPY_SOURCE_HAVEGE 0x00000004
|
|
#define ENTROPY_SOURCE_HARDWARE 0x00000008
|
|
#define ENTROPY_SOURCE_NV_SEED 0x00000010
|
|
static uint32_t custom_entropy_sources_mask;
|
|
|
|
/* This is a modified version of mbedtls_entropy_init() from entropy.c
|
|
* which chooses entropy sources dynamically. */
|
|
static void custom_entropy_init( mbedtls_entropy_context *ctx )
|
|
{
|
|
ctx->source_count = 0;
|
|
memset( ctx->source, 0, sizeof( ctx->source ) );
|
|
|
|
#if defined(MBEDTLS_THREADING_C)
|
|
mbedtls_mutex_init( &ctx->mutex );
|
|
#endif
|
|
|
|
ctx->accumulator_started = 0;
|
|
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
|
|
mbedtls_sha512_init( &ctx->accumulator );
|
|
#else
|
|
mbedtls_sha256_init( &ctx->accumulator );
|
|
#endif
|
|
#if defined(MBEDTLS_HAVEGE_C)
|
|
mbedtls_havege_init( &ctx->havege_data );
|
|
#endif
|
|
|
|
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
|
|
if( custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM )
|
|
mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
|
|
MBEDTLS_ENTROPY_MIN_PLATFORM,
|
|
MBEDTLS_ENTROPY_SOURCE_STRONG );
|
|
#endif
|
|
#if defined(MBEDTLS_TIMING_C)
|
|
if( custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING )
|
|
mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL,
|
|
MBEDTLS_ENTROPY_MIN_HARDCLOCK,
|
|
MBEDTLS_ENTROPY_SOURCE_WEAK );
|
|
#endif
|
|
#if defined(MBEDTLS_HAVEGE_C)
|
|
if( custom_entropy_sources_mask & ENTROPY_SOURCE_HAVEGE )
|
|
mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
|
|
MBEDTLS_ENTROPY_MIN_HAVEGE,
|
|
MBEDTLS_ENTROPY_SOURCE_STRONG );
|
|
#endif
|
|
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
|
|
if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE )
|
|
mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,
|
|
MBEDTLS_ENTROPY_MIN_HARDWARE,
|
|
MBEDTLS_ENTROPY_SOURCE_STRONG );
|
|
#endif
|
|
#if defined(MBEDTLS_ENTROPY_NV_SEED)
|
|
if( custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED )
|
|
mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL,
|
|
MBEDTLS_ENTROPY_BLOCK_SIZE,
|
|
MBEDTLS_ENTROPY_SOURCE_STRONG );
|
|
ctx->initial_entropy_run = 0;
|
|
#endif
|
|
}
|
|
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_PSA_CRYPTO_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE */
|
|
void init_deinit( int count )
|
|
{
|
|
psa_status_t status;
|
|
int i;
|
|
for( i = 0; i < count; i++ )
|
|
{
|
|
status = psa_crypto_init( );
|
|
TEST_ASSERT( status == PSA_SUCCESS );
|
|
status = psa_crypto_init( );
|
|
TEST_ASSERT( status == PSA_SUCCESS );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void deinit_without_init( int count )
|
|
{
|
|
int i;
|
|
for( i = 0; i < count; i++ )
|
|
{
|
|
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void validate_module_init_generate_random( int count )
|
|
{
|
|
psa_status_t status;
|
|
uint8_t random[10] = { 0 };
|
|
int i;
|
|
for( i = 0; i < count; i++ )
|
|
{
|
|
status = psa_crypto_init( );
|
|
TEST_ASSERT( status == PSA_SUCCESS );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
status = psa_generate_random( random, sizeof( random ) );
|
|
TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void validate_module_init_key_based( int count )
|
|
{
|
|
psa_status_t status;
|
|
uint8_t data[10] = { 0 };
|
|
int i;
|
|
for( i = 0; i < count; i++ )
|
|
{
|
|
status = psa_crypto_init( );
|
|
TEST_ASSERT( status == PSA_SUCCESS );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) );
|
|
TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void custom_entropy_sources( int sources_arg, int expected_init_status_arg )
|
|
{
|
|
psa_status_t expected_init_status = expected_init_status_arg;
|
|
int inited = 0;
|
|
uint8_t random[10] = { 0 };
|
|
|
|
custom_entropy_sources_mask = sources_arg;
|
|
TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
|
|
custom_entropy_init, mbedtls_entropy_free ) ==
|
|
PSA_SUCCESS );
|
|
|
|
TEST_ASSERT( psa_crypto_init( ) == expected_init_status );
|
|
if( expected_init_status != PSA_SUCCESS )
|
|
goto exit;
|
|
inited = 1;
|
|
|
|
TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) ==
|
|
PSA_SUCCESS );
|
|
|
|
exit:
|
|
if( inited )
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|