a2523b2c6d
PSA spec now defines more generic PSA storage types instead of the ITS specific ones. This is necessary in order to integrate with the newer implementation of PSA ITS landing in Mbed OS soon. Changes include the following: - psa_status_t replaces psa_its_status_t - psa_storage_info_t replaces psa_its_info_t - psa_storage_uid_t replaces psa_its_uid_t
95 lines
3.1 KiB
Text
95 lines
3.1 KiB
Text
/* BEGIN_HEADER */
|
|
#include <stdint.h>
|
|
|
|
#include "psa/crypto.h"
|
|
#include "psa_prot_internal_storage.h"
|
|
#include "mbedtls/entropy.h"
|
|
#include "mbedtls/entropy_poll.h"
|
|
|
|
/* Calculating the minimum allowed entropy size in bytes */
|
|
#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
|
|
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_HAS_ITS_IO:MBEDTLS_PSA_CRYPTO_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE */
|
|
void validate_entropy_seed_injection( int seed_length_a,
|
|
int expected_status_a,
|
|
int seed_length_b,
|
|
int expected_status_b )
|
|
{
|
|
psa_status_t status;
|
|
uint8_t output[32] = { 0 };
|
|
uint8_t zeros[32] = { 0 };
|
|
uint8_t *seed = NULL;
|
|
int i;
|
|
int seed_size;
|
|
if( seed_length_a > seed_length_b )
|
|
{
|
|
seed_size = seed_length_a;
|
|
}
|
|
else
|
|
{
|
|
seed_size = seed_length_b;
|
|
}
|
|
ASSERT_ALLOC( seed, seed_size );
|
|
/* fill seed with some data */
|
|
for( i = 0; i < seed_size; ++i )
|
|
{
|
|
seed[i] = i;
|
|
}
|
|
status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
|
|
TEST_ASSERT( ( status == PSA_SUCCESS ) ||
|
|
( status == PSA_ERROR_DOES_NOT_EXIST ) );
|
|
status = mbedtls_psa_inject_entropy( seed, seed_length_a );
|
|
TEST_EQUAL( status, expected_status_a );
|
|
status = mbedtls_psa_inject_entropy( seed, seed_length_b );
|
|
TEST_EQUAL( status, expected_status_b );
|
|
PSA_ASSERT( psa_crypto_init( ) );
|
|
PSA_ASSERT( psa_generate_random( output,
|
|
sizeof( output ) ) );
|
|
TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 );
|
|
exit:
|
|
mbedtls_free( seed );
|
|
psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void run_entropy_inject_with_crypto_init( )
|
|
{
|
|
psa_status_t status;
|
|
int i;
|
|
uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 };
|
|
/* fill seed with some data */
|
|
for( i = 0; i < sizeof( seed ); ++i )
|
|
{
|
|
seed[i] = i;
|
|
}
|
|
status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
|
|
TEST_ASSERT( ( status == PSA_SUCCESS ) ||
|
|
( status == PSA_ERROR_DOES_NOT_EXIST ) );
|
|
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
|
|
PSA_ASSERT( status );
|
|
status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
|
|
TEST_EQUAL( status, PSA_SUCCESS );
|
|
status = psa_crypto_init( );
|
|
TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY );
|
|
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
|
|
PSA_ASSERT( status );
|
|
status = psa_crypto_init( );
|
|
PSA_ASSERT( status );
|
|
mbedtls_psa_crypto_free( );
|
|
/* The seed is written by nv_seed callback functions therefore the injection will fail */
|
|
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
|
|
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
|
|
exit:
|
|
psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
|
|
mbedtls_psa_crypto_free( );
|
|
}
|
|
/* END_CASE */
|