mbedtls/tests/suites/test_suite_psa_crypto_entropy.function
Gilles Peskine 6bf4baef95 Remove compilation option MBEDTLS_PSA_HAS_ITS_IO
MBEDTLS_PSA_HAS_ITS_IO is not really useful since it doesn't actually
enable anything except the entropy seed file support, which only
requires the ITS interface and not a native implemetation. Remove it.
2019-03-15 11:15:13 +01:00

95 lines
3 KiB
Text

/* BEGIN_HEADER */
#include <stdint.h>
#include "psa/crypto.h"
#include "psa_prot_internal_storage.h"
#include "mbedtls/entropy.h"
#include "mbedtls/entropy_poll.h"
/* Calculating the minimum allowed entropy size in bytes */
#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_CRYPTO_STORAGE_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void validate_entropy_seed_injection( int seed_length_a,
int expected_status_a,
int seed_length_b,
int expected_status_b )
{
psa_status_t status;
uint8_t output[32] = { 0 };
uint8_t zeros[32] = { 0 };
uint8_t *seed = NULL;
int i;
int seed_size;
if( seed_length_a > seed_length_b )
{
seed_size = seed_length_a;
}
else
{
seed_size = seed_length_b;
}
ASSERT_ALLOC( seed, seed_size );
/* fill seed with some data */
for( i = 0; i < seed_size; ++i )
{
seed[i] = i;
}
status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
TEST_ASSERT( ( status == PSA_SUCCESS ) ||
( status == PSA_ERROR_DOES_NOT_EXIST ) );
status = mbedtls_psa_inject_entropy( seed, seed_length_a );
TEST_EQUAL( status, expected_status_a );
status = mbedtls_psa_inject_entropy( seed, seed_length_b );
TEST_EQUAL( status, expected_status_b );
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_generate_random( output,
sizeof( output ) ) );
TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 );
exit:
mbedtls_free( seed );
psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
mbedtls_psa_crypto_free( );
}
/* END_CASE */
/* BEGIN_CASE */
void run_entropy_inject_with_crypto_init( )
{
psa_status_t status;
int i;
uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 };
/* fill seed with some data */
for( i = 0; i < sizeof( seed ); ++i )
{
seed[i] = i;
}
status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
TEST_ASSERT( ( status == PSA_SUCCESS ) ||
( status == PSA_ERROR_DOES_NOT_EXIST ) );
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
PSA_ASSERT( status );
status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
TEST_EQUAL( status, PSA_SUCCESS );
status = psa_crypto_init( );
TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY );
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
PSA_ASSERT( status );
status = psa_crypto_init( );
PSA_ASSERT( status );
mbedtls_psa_crypto_free( );
/* The seed is written by nv_seed callback functions therefore the injection will fail */
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
exit:
psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
mbedtls_psa_crypto_free( );
}
/* END_CASE */