|
|
|
|
@ -396,12 +396,12 @@ static int aead_multipart_internal_func( int key_type_arg, data_t *key_data,
|
|
|
|
|
if( is_encrypt )
|
|
|
|
|
{
|
|
|
|
|
final_output_size = PSA_AEAD_FINISH_OUTPUT_SIZE( key_type, alg );
|
|
|
|
|
TEST_ASSERT( final_output_size <= PSA_AEAD_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( final_output_size, PSA_AEAD_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
final_output_size = PSA_AEAD_VERIFY_OUTPUT_SIZE( key_type, alg );
|
|
|
|
|
TEST_ASSERT( final_output_size <= PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( final_output_size, PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ASSERT_ALLOC( final_data, final_output_size );
|
|
|
|
|
@ -557,18 +557,18 @@ static int aead_multipart_internal_func( int key_type_arg, data_t *key_data,
|
|
|
|
|
output_length += tag_length;
|
|
|
|
|
|
|
|
|
|
TEST_EQUAL( output_length,
|
|
|
|
|
PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg,
|
|
|
|
|
input_data->len ) );
|
|
|
|
|
TEST_ASSERT( output_length <=
|
|
|
|
|
PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
|
|
|
|
|
PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg,
|
|
|
|
|
input_data->len ) );
|
|
|
|
|
TEST_LE_U( output_length,
|
|
|
|
|
PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
TEST_EQUAL( output_length,
|
|
|
|
|
PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg,
|
|
|
|
|
input_data->len ) );
|
|
|
|
|
TEST_ASSERT( output_length <=
|
|
|
|
|
PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
|
|
|
|
|
TEST_LE_U( output_length,
|
|
|
|
|
PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -721,7 +721,7 @@ void static_checks( )
|
|
|
|
|
/* Check that the length for a truncated MAC always fits in the algorithm
|
|
|
|
|
* encoding. The shifted mask is the maximum truncated value. The
|
|
|
|
|
* untruncated algorithm may be one byte larger. */
|
|
|
|
|
TEST_ASSERT( PSA_MAC_MAX_SIZE <= 1 + max_truncated_mac_size );
|
|
|
|
|
TEST_LE_U( PSA_MAC_MAX_SIZE, 1 + max_truncated_mac_size );
|
|
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
|
|
|
|
|
|
|
|
|
@ -965,7 +965,7 @@ void import_export( data_t *data,
|
|
|
|
|
* and export_size. On errors, the exported length must be 0. */
|
|
|
|
|
TEST_ASSERT( exported_length != INVALID_EXPORT_LENGTH );
|
|
|
|
|
TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 );
|
|
|
|
|
TEST_ASSERT( exported_length <= export_size );
|
|
|
|
|
TEST_LE_U( exported_length, export_size );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( mem_is_char( exported + exported_length, 0,
|
|
|
|
|
export_size - exported_length ) );
|
|
|
|
|
@ -1000,10 +1000,10 @@ void import_export( data_t *data,
|
|
|
|
|
reexported, reexported_length );
|
|
|
|
|
PSA_ASSERT( psa_destroy_key( key2 ) );
|
|
|
|
|
}
|
|
|
|
|
TEST_ASSERT( exported_length <=
|
|
|
|
|
TEST_LE_U( exported_length,
|
|
|
|
|
PSA_EXPORT_KEY_OUTPUT_SIZE( type,
|
|
|
|
|
psa_get_key_bits( &got_attributes ) ) );
|
|
|
|
|
TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( exported_length, PSA_EXPORT_KEY_PAIR_MAX_SIZE );
|
|
|
|
|
|
|
|
|
|
destroy:
|
|
|
|
|
/* Destroy the key */
|
|
|
|
|
@ -1065,12 +1065,12 @@ void import_export_public_key( data_t *data,
|
|
|
|
|
size_t bits;
|
|
|
|
|
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
|
|
|
|
|
bits = psa_get_key_bits( &attributes );
|
|
|
|
|
TEST_ASSERT( expected_public_key->len <=
|
|
|
|
|
PSA_EXPORT_KEY_OUTPUT_SIZE( public_type, bits ) );
|
|
|
|
|
TEST_ASSERT( expected_public_key->len <=
|
|
|
|
|
PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_type, bits ) );
|
|
|
|
|
TEST_ASSERT( expected_public_key->len <=
|
|
|
|
|
PSA_EXPORT_PUBLIC_KEY_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( expected_public_key->len,
|
|
|
|
|
PSA_EXPORT_KEY_OUTPUT_SIZE( public_type, bits ) );
|
|
|
|
|
TEST_LE_U( expected_public_key->len,
|
|
|
|
|
PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_type, bits ) );
|
|
|
|
|
TEST_LE_U( expected_public_key->len,
|
|
|
|
|
PSA_EXPORT_PUBLIC_KEY_MAX_SIZE );
|
|
|
|
|
ASSERT_COMPARE( expected_public_key->x, expected_public_key->len,
|
|
|
|
|
exported, exported_length );
|
|
|
|
|
}
|
|
|
|
|
@ -1441,8 +1441,8 @@ void aead_key_policy( int policy_usage_arg,
|
|
|
|
|
size_t tag_length = tag_length_arg;
|
|
|
|
|
size_t output_length;
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( nonce_length <= sizeof( nonce ) );
|
|
|
|
|
TEST_ASSERT( tag_length <= sizeof( tag ) );
|
|
|
|
|
TEST_LE_U( nonce_length, sizeof( nonce ) );
|
|
|
|
|
TEST_LE_U( tag_length, sizeof( tag ) );
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_crypto_init( ) );
|
|
|
|
|
|
|
|
|
|
@ -2077,7 +2077,7 @@ void hash_compute_fail( int alg_arg, data_t *input,
|
|
|
|
|
status = psa_hash_compute( alg, input->x, input->len,
|
|
|
|
|
output, output_size, &output_length );
|
|
|
|
|
TEST_EQUAL( status, expected_status );
|
|
|
|
|
TEST_ASSERT( output_length <= output_size );
|
|
|
|
|
TEST_LE_U( output_length, output_size );
|
|
|
|
|
|
|
|
|
|
/* Hash Compute, multi-part */
|
|
|
|
|
status = psa_hash_setup( &operation, alg );
|
|
|
|
|
@ -2089,7 +2089,7 @@ void hash_compute_fail( int alg_arg, data_t *input,
|
|
|
|
|
status = psa_hash_finish( &operation, output, output_size,
|
|
|
|
|
&output_length );
|
|
|
|
|
if( status == PSA_SUCCESS )
|
|
|
|
|
TEST_ASSERT( output_length <= output_size );
|
|
|
|
|
TEST_LE_U( output_length, output_size );
|
|
|
|
|
else
|
|
|
|
|
TEST_EQUAL( status, expected_status );
|
|
|
|
|
}
|
|
|
|
|
@ -2769,7 +2769,7 @@ void mac_sign( int key_type_arg,
|
|
|
|
|
expected_mac->len + 1,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( mac_buffer_size, PSA_MAC_MAX_SIZE );
|
|
|
|
|
/* We expect PSA_MAC_LENGTH to be exact. */
|
|
|
|
|
TEST_ASSERT( expected_mac->len == mac_buffer_size );
|
|
|
|
|
|
|
|
|
|
@ -2847,7 +2847,7 @@ void mac_verify( int key_type_arg,
|
|
|
|
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
|
|
|
|
uint8_t *perturbed_mac = NULL;
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( expected_mac->len, PSA_MAC_MAX_SIZE );
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_crypto_init( ) );
|
|
|
|
|
|
|
|
|
|
@ -3320,14 +3320,14 @@ void cipher_alg_without_iv( int alg_arg, int key_type_arg, data_t *key_data,
|
|
|
|
|
PSA_ASSERT( psa_crypto_init( ) );
|
|
|
|
|
|
|
|
|
|
/* Validate size macros */
|
|
|
|
|
TEST_ASSERT( ciphertext->len <=
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, plaintext->len ) );
|
|
|
|
|
TEST_ASSERT( PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, plaintext->len ) <=
|
|
|
|
|
TEST_LE_U( ciphertext->len,
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, plaintext->len ) );
|
|
|
|
|
TEST_LE_U( PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, plaintext->len ),
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( plaintext->len ) );
|
|
|
|
|
TEST_ASSERT( plaintext->len <=
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, ciphertext->len ) );
|
|
|
|
|
TEST_ASSERT( PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, ciphertext->len ) <=
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( ciphertext->len ) );
|
|
|
|
|
TEST_LE_U( plaintext->len,
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, ciphertext->len ) );
|
|
|
|
|
TEST_LE_U( PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, ciphertext->len ),
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( ciphertext->len ) );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Set up key and output buffer */
|
|
|
|
|
@ -3367,7 +3367,7 @@ void cipher_alg_without_iv( int alg_arg, int key_type_arg, data_t *key_data,
|
|
|
|
|
plaintext->x, plaintext->len,
|
|
|
|
|
output, output_buffer_size,
|
|
|
|
|
&length ) );
|
|
|
|
|
TEST_ASSERT( length <= output_buffer_size );
|
|
|
|
|
TEST_LE_U( length, output_buffer_size );
|
|
|
|
|
output_length += length;
|
|
|
|
|
PSA_ASSERT( psa_cipher_finish( &operation,
|
|
|
|
|
output + output_length,
|
|
|
|
|
@ -3385,7 +3385,7 @@ void cipher_alg_without_iv( int alg_arg, int key_type_arg, data_t *key_data,
|
|
|
|
|
ciphertext->x, ciphertext->len,
|
|
|
|
|
output, output_buffer_size,
|
|
|
|
|
&length ) );
|
|
|
|
|
TEST_ASSERT( length <= output_buffer_size );
|
|
|
|
|
TEST_LE_U( length, output_buffer_size );
|
|
|
|
|
output_length += length;
|
|
|
|
|
PSA_ASSERT( psa_cipher_finish( &operation,
|
|
|
|
|
output + output_length,
|
|
|
|
|
@ -3499,10 +3499,10 @@ void cipher_encrypt_validation( int alg_arg,
|
|
|
|
|
the output is not possible. Validating with multipart encryption. */
|
|
|
|
|
PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1,
|
|
|
|
|
output1_buffer_size, &output1_length ) );
|
|
|
|
|
TEST_ASSERT( output1_length <=
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) );
|
|
|
|
|
TEST_ASSERT( output1_length <=
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
TEST_LE_U( output1_length,
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) );
|
|
|
|
|
TEST_LE_U( output1_length,
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
|
|
|
|
|
PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) );
|
|
|
|
|
@ -3511,20 +3511,20 @@ void cipher_encrypt_validation( int alg_arg,
|
|
|
|
|
input->x, input->len,
|
|
|
|
|
output2, output2_buffer_size,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
output2_length += function_output_length;
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_cipher_finish( &operation,
|
|
|
|
|
output2 + output2_length,
|
|
|
|
|
output2_buffer_size - output2_length,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
output2_length += function_output_length;
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_cipher_abort( &operation ) );
|
|
|
|
|
@ -3584,15 +3584,15 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg );
|
|
|
|
|
ASSERT_ALLOC( output, output_buffer_size );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( first_part_size <= input->len );
|
|
|
|
|
TEST_LE_U( first_part_size, input->len );
|
|
|
|
|
PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
|
|
|
|
|
output, output_buffer_size,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length == output1_length );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size) );
|
|
|
|
|
total_output_length += function_output_length;
|
|
|
|
|
|
|
|
|
|
if( first_part_size < input->len )
|
|
|
|
|
@ -3605,12 +3605,12 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
|
|
|
|
|
output_buffer_size - total_output_length,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length == output2_length );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
|
|
|
|
|
alg,
|
|
|
|
|
input->len - first_part_size ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
|
|
|
|
|
alg,
|
|
|
|
|
input->len - first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
total_output_length += function_output_length;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@ -3619,10 +3619,10 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
|
|
|
|
|
output + total_output_length ),
|
|
|
|
|
output_buffer_size - total_output_length,
|
|
|
|
|
&function_output_length );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
total_output_length += function_output_length;
|
|
|
|
|
TEST_EQUAL( status, expected_status );
|
|
|
|
|
|
|
|
|
|
@ -3686,16 +3686,16 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg );
|
|
|
|
|
ASSERT_ALLOC( output, output_buffer_size );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( first_part_size <= input->len );
|
|
|
|
|
TEST_LE_U( first_part_size, input->len );
|
|
|
|
|
PSA_ASSERT( psa_cipher_update( &operation,
|
|
|
|
|
input->x, first_part_size,
|
|
|
|
|
output, output_buffer_size,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length == output1_length );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
|
|
|
|
|
total_output_length += function_output_length;
|
|
|
|
|
|
|
|
|
|
if( first_part_size < input->len )
|
|
|
|
|
@ -3708,12 +3708,12 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
|
|
|
|
|
output_buffer_size - total_output_length,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length == output2_length );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
|
|
|
|
|
alg,
|
|
|
|
|
input->len - first_part_size ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
|
|
|
|
|
alg,
|
|
|
|
|
input->len - first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
total_output_length += function_output_length;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@ -3722,10 +3722,10 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
|
|
|
|
|
output + total_output_length ),
|
|
|
|
|
output_buffer_size - total_output_length,
|
|
|
|
|
&function_output_length );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
total_output_length += function_output_length;
|
|
|
|
|
TEST_EQUAL( status, expected_status );
|
|
|
|
|
|
|
|
|
|
@ -3897,10 +3897,10 @@ void cipher_decrypt( int alg_arg,
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_cipher_decrypt( key, alg, input, input_buffer_size, output,
|
|
|
|
|
output_buffer_size, &output_length ) );
|
|
|
|
|
TEST_ASSERT( output_length <=
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ) );
|
|
|
|
|
TEST_ASSERT( output_length <=
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input_buffer_size ) );
|
|
|
|
|
TEST_LE_U( output_length,
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ) );
|
|
|
|
|
TEST_LE_U( output_length,
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input_buffer_size ) );
|
|
|
|
|
|
|
|
|
|
ASSERT_COMPARE( expected_output->x, expected_output->len,
|
|
|
|
|
output, output_length );
|
|
|
|
|
@ -3943,10 +3943,10 @@ void cipher_verify_output( int alg_arg,
|
|
|
|
|
PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len,
|
|
|
|
|
output1, output1_size,
|
|
|
|
|
&output1_length ) );
|
|
|
|
|
TEST_ASSERT( output1_length <=
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) );
|
|
|
|
|
TEST_ASSERT( output1_length <=
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
TEST_LE_U( output1_length,
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) );
|
|
|
|
|
TEST_LE_U( output1_length,
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
|
|
|
|
|
output2_size = output1_length;
|
|
|
|
|
ASSERT_ALLOC( output2, output2_size );
|
|
|
|
|
@ -3954,10 +3954,10 @@ void cipher_verify_output( int alg_arg,
|
|
|
|
|
PSA_ASSERT( psa_cipher_decrypt( key, alg, output1, output1_length,
|
|
|
|
|
output2, output2_size,
|
|
|
|
|
&output2_length ) );
|
|
|
|
|
TEST_ASSERT( output2_length <=
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) );
|
|
|
|
|
TEST_ASSERT( output2_length <=
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) );
|
|
|
|
|
TEST_LE_U( output2_length,
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) );
|
|
|
|
|
TEST_LE_U( output2_length,
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) );
|
|
|
|
|
|
|
|
|
|
ASSERT_COMPARE( input->x, input->len, output2, output2_length );
|
|
|
|
|
|
|
|
|
|
@ -4014,19 +4014,19 @@ void cipher_verify_output_multipart( int alg_arg,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
|
|
|
|
|
TEST_ASSERT( output1_buffer_size <=
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
TEST_LE_U( output1_buffer_size,
|
|
|
|
|
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
|
|
|
|
|
ASSERT_ALLOC( output1, output1_buffer_size );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( first_part_size <= input->len );
|
|
|
|
|
TEST_LE_U( first_part_size, input->len );
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
|
|
|
|
|
output1, output1_buffer_size,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
|
|
|
|
|
output1_length += function_output_length;
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_cipher_update( &operation1,
|
|
|
|
|
@ -4034,31 +4034,31 @@ void cipher_verify_output_multipart( int alg_arg,
|
|
|
|
|
input->len - first_part_size,
|
|
|
|
|
output1, output1_buffer_size,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
|
|
|
|
|
alg,
|
|
|
|
|
input->len - first_part_size ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len - first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
|
|
|
|
|
alg,
|
|
|
|
|
input->len - first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len - first_part_size ) );
|
|
|
|
|
output1_length += function_output_length;
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_cipher_finish( &operation1,
|
|
|
|
|
output1 + output1_length,
|
|
|
|
|
output1_buffer_size - output1_length,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
output1_length += function_output_length;
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_cipher_abort( &operation1 ) );
|
|
|
|
|
|
|
|
|
|
output2_buffer_size = output1_length;
|
|
|
|
|
TEST_ASSERT( output2_buffer_size <=
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) );
|
|
|
|
|
TEST_ASSERT( output2_buffer_size <=
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) );
|
|
|
|
|
TEST_LE_U( output2_buffer_size,
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) );
|
|
|
|
|
TEST_LE_U( output2_buffer_size,
|
|
|
|
|
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) );
|
|
|
|
|
ASSERT_ALLOC( output2, output2_buffer_size );
|
|
|
|
|
|
|
|
|
|
if( iv_length > 0 )
|
|
|
|
|
@ -4070,10 +4070,10 @@ void cipher_verify_output_multipart( int alg_arg,
|
|
|
|
|
PSA_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
|
|
|
|
|
output2, output2_buffer_size,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
|
|
|
|
|
output2_length += function_output_length;
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_cipher_update( &operation2,
|
|
|
|
|
@ -4081,22 +4081,22 @@ void cipher_verify_output_multipart( int alg_arg,
|
|
|
|
|
output1_length - first_part_size,
|
|
|
|
|
output2, output2_buffer_size,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
|
|
|
|
|
alg,
|
|
|
|
|
output1_length - first_part_size ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( output1_length - first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
|
|
|
|
|
alg,
|
|
|
|
|
output1_length - first_part_size ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( output1_length - first_part_size ) );
|
|
|
|
|
output2_length += function_output_length;
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_cipher_finish( &operation2,
|
|
|
|
|
output2 + output2_length,
|
|
|
|
|
output2_buffer_size - output2_length,
|
|
|
|
|
&function_output_length ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
|
|
|
|
|
TEST_ASSERT( function_output_length <=
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
|
|
|
|
|
TEST_LE_U( function_output_length,
|
|
|
|
|
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
output2_length += function_output_length;
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_cipher_abort( &operation2 ) );
|
|
|
|
|
@ -4154,8 +4154,8 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
|
|
|
|
|
{
|
|
|
|
|
TEST_EQUAL( output_size,
|
|
|
|
|
PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) );
|
|
|
|
|
TEST_ASSERT( output_size <=
|
|
|
|
|
PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
|
|
|
|
|
TEST_LE_U( output_size,
|
|
|
|
|
PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
|
|
|
|
|
}
|
|
|
|
|
ASSERT_ALLOC( output_data, output_size );
|
|
|
|
|
|
|
|
|
|
@ -4187,8 +4187,8 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
|
|
|
|
|
TEST_EQUAL( input_data->len,
|
|
|
|
|
PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, output_length ) );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( input_data->len <=
|
|
|
|
|
PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( output_length ) );
|
|
|
|
|
TEST_LE_U( input_data->len,
|
|
|
|
|
PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( output_length ) );
|
|
|
|
|
|
|
|
|
|
TEST_EQUAL( psa_aead_decrypt( key, alg,
|
|
|
|
|
nonce->x, nonce->len,
|
|
|
|
|
@ -4246,8 +4246,8 @@ void aead_encrypt( int key_type_arg, data_t *key_data,
|
|
|
|
|
* should be exact. */
|
|
|
|
|
TEST_EQUAL( output_size,
|
|
|
|
|
PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) );
|
|
|
|
|
TEST_ASSERT( output_size <=
|
|
|
|
|
PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
|
|
|
|
|
TEST_LE_U( output_size,
|
|
|
|
|
PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
|
|
|
|
|
ASSERT_ALLOC( output_data, output_size );
|
|
|
|
|
|
|
|
|
|
status = psa_aead_encrypt( key, alg,
|
|
|
|
|
@ -4317,8 +4317,8 @@ void aead_decrypt( int key_type_arg, data_t *key_data,
|
|
|
|
|
* should be exact. */
|
|
|
|
|
TEST_EQUAL( output_size,
|
|
|
|
|
PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) );
|
|
|
|
|
TEST_ASSERT( output_size <=
|
|
|
|
|
PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
|
|
|
|
|
TEST_LE_U( output_size,
|
|
|
|
|
PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
|
|
|
|
|
}
|
|
|
|
|
ASSERT_ALLOC( output_data, output_size );
|
|
|
|
|
|
|
|
|
|
@ -4579,7 +4579,7 @@ void aead_multipart_generate_nonce( int key_type_arg, data_t *key_data,
|
|
|
|
|
|
|
|
|
|
ciphertext_size = PSA_AEAD_FINISH_OUTPUT_SIZE( key_type, alg );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( ciphertext_size <= PSA_AEAD_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( ciphertext_size, PSA_AEAD_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
|
|
|
|
|
ASSERT_ALLOC( ciphertext, ciphertext_size );
|
|
|
|
|
|
|
|
|
|
@ -4608,7 +4608,7 @@ void aead_multipart_generate_nonce( int key_type_arg, data_t *key_data,
|
|
|
|
|
TEST_EQUAL( actual_nonce_length, PSA_AEAD_NONCE_LENGTH( key_type,
|
|
|
|
|
alg ) );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( actual_nonce_length <= PSA_AEAD_NONCE_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( actual_nonce_length, PSA_AEAD_NONCE_MAX_SIZE );
|
|
|
|
|
|
|
|
|
|
if( expected_status == PSA_SUCCESS )
|
|
|
|
|
{
|
|
|
|
|
@ -4683,7 +4683,7 @@ void aead_multipart_set_nonce( int key_type_arg, data_t *key_data,
|
|
|
|
|
|
|
|
|
|
ciphertext_size = PSA_AEAD_FINISH_OUTPUT_SIZE( key_type, alg );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( ciphertext_size <= PSA_AEAD_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( ciphertext_size, PSA_AEAD_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
|
|
|
|
|
ASSERT_ALLOC( ciphertext, ciphertext_size );
|
|
|
|
|
|
|
|
|
|
@ -5121,7 +5121,7 @@ void aead_multipart_state_test( int key_type_arg, data_t *key_data,
|
|
|
|
|
|
|
|
|
|
tag_length = PSA_AEAD_TAG_LENGTH( key_type, key_bits, alg );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( tag_length <= PSA_AEAD_TAG_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( tag_length, PSA_AEAD_TAG_MAX_SIZE );
|
|
|
|
|
|
|
|
|
|
output_size = PSA_AEAD_UPDATE_OUTPUT_SIZE( key_type, alg, input_data->len );
|
|
|
|
|
|
|
|
|
|
@ -5129,7 +5129,7 @@ void aead_multipart_state_test( int key_type_arg, data_t *key_data,
|
|
|
|
|
|
|
|
|
|
finish_output_size = PSA_AEAD_FINISH_OUTPUT_SIZE( key_type, alg );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( finish_output_size <= PSA_AEAD_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( finish_output_size, PSA_AEAD_FINISH_OUTPUT_MAX_SIZE );
|
|
|
|
|
|
|
|
|
|
ASSERT_ALLOC( final_data, finish_output_size );
|
|
|
|
|
|
|
|
|
|
@ -5969,7 +5969,7 @@ void sign_hash_deterministic( int key_type_arg, data_t *key_data,
|
|
|
|
|
signature_size = PSA_SIGN_OUTPUT_SIZE( key_type,
|
|
|
|
|
key_bits, alg );
|
|
|
|
|
TEST_ASSERT( signature_size != 0 );
|
|
|
|
|
TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( signature_size, PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
ASSERT_ALLOC( signature, signature_size );
|
|
|
|
|
|
|
|
|
|
/* Perform the signature. */
|
|
|
|
|
@ -6029,7 +6029,7 @@ void sign_hash_fail( int key_type_arg, data_t *key_data,
|
|
|
|
|
* whatever it is, it should be less than signature_size, so that
|
|
|
|
|
* if the caller tries to read *signature_length bytes without
|
|
|
|
|
* checking the error code then they don't overflow a buffer. */
|
|
|
|
|
TEST_ASSERT( signature_length <= signature_size );
|
|
|
|
|
TEST_LE_U( signature_length, signature_size );
|
|
|
|
|
|
|
|
|
|
exit:
|
|
|
|
|
psa_reset_key_attributes( &attributes );
|
|
|
|
|
@ -6068,7 +6068,7 @@ void sign_verify_hash( int key_type_arg, data_t *key_data,
|
|
|
|
|
signature_size = PSA_SIGN_OUTPUT_SIZE( key_type,
|
|
|
|
|
key_bits, alg );
|
|
|
|
|
TEST_ASSERT( signature_size != 0 );
|
|
|
|
|
TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( signature_size, PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
ASSERT_ALLOC( signature, signature_size );
|
|
|
|
|
|
|
|
|
|
/* Perform the signature. */
|
|
|
|
|
@ -6077,7 +6077,7 @@ void sign_verify_hash( int key_type_arg, data_t *key_data,
|
|
|
|
|
signature, signature_size,
|
|
|
|
|
&signature_length ) );
|
|
|
|
|
/* Check that the signature length looks sensible. */
|
|
|
|
|
TEST_ASSERT( signature_length <= signature_size );
|
|
|
|
|
TEST_LE_U( signature_length, signature_size );
|
|
|
|
|
TEST_ASSERT( signature_length > 0 );
|
|
|
|
|
|
|
|
|
|
/* Use the library to verify that the signature is correct. */
|
|
|
|
|
@ -6120,7 +6120,7 @@ void verify_hash( int key_type_arg, data_t *key_data,
|
|
|
|
|
psa_algorithm_t alg = alg_arg;
|
|
|
|
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( signature_data->len <= PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( signature_data->len, PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_crypto_init( ) );
|
|
|
|
|
|
|
|
|
|
@ -6205,7 +6205,7 @@ void sign_message_deterministic( int key_type_arg,
|
|
|
|
|
|
|
|
|
|
signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg );
|
|
|
|
|
TEST_ASSERT( signature_size != 0 );
|
|
|
|
|
TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( signature_size, PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
ASSERT_ALLOC( signature, signature_size );
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_sign_message( key, alg,
|
|
|
|
|
@ -6264,7 +6264,7 @@ void sign_message_fail( int key_type_arg,
|
|
|
|
|
* whatever it is, it should be less than signature_size, so that
|
|
|
|
|
* if the caller tries to read *signature_length bytes without
|
|
|
|
|
* checking the error code then they don't overflow a buffer. */
|
|
|
|
|
TEST_ASSERT( signature_length <= signature_size );
|
|
|
|
|
TEST_LE_U( signature_length, signature_size );
|
|
|
|
|
|
|
|
|
|
exit:
|
|
|
|
|
psa_reset_key_attributes( &attributes );
|
|
|
|
|
@ -6303,14 +6303,14 @@ void sign_verify_message( int key_type_arg,
|
|
|
|
|
|
|
|
|
|
signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg );
|
|
|
|
|
TEST_ASSERT( signature_size != 0 );
|
|
|
|
|
TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( signature_size, PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
ASSERT_ALLOC( signature, signature_size );
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_sign_message( key, alg,
|
|
|
|
|
input_data->x, input_data->len,
|
|
|
|
|
signature, signature_size,
|
|
|
|
|
&signature_length ) );
|
|
|
|
|
TEST_ASSERT( signature_length <= signature_size );
|
|
|
|
|
TEST_LE_U( signature_length, signature_size );
|
|
|
|
|
TEST_ASSERT( signature_length > 0 );
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_verify_message( key, alg,
|
|
|
|
|
@ -6350,7 +6350,7 @@ void verify_message( int key_type_arg,
|
|
|
|
|
psa_algorithm_t alg = alg_arg;
|
|
|
|
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( signature_data->len <= PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( signature_data->len, PSA_SIGNATURE_MAX_SIZE );
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_crypto_init( ) );
|
|
|
|
|
|
|
|
|
|
@ -6444,7 +6444,7 @@ void asymmetric_encrypt( int key_type_arg,
|
|
|
|
|
key_bits = psa_get_key_bits( &attributes );
|
|
|
|
|
|
|
|
|
|
output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
|
|
|
|
|
TEST_ASSERT( output_size <= PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE );
|
|
|
|
|
ASSERT_ALLOC( output, output_size );
|
|
|
|
|
|
|
|
|
|
/* Encrypt the input */
|
|
|
|
|
@ -6518,13 +6518,13 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
|
|
|
|
|
key_bits = psa_get_key_bits( &attributes );
|
|
|
|
|
|
|
|
|
|
output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
|
|
|
|
|
TEST_ASSERT( output_size <= PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE );
|
|
|
|
|
ASSERT_ALLOC( output, output_size );
|
|
|
|
|
|
|
|
|
|
output2_size = input_data->len;
|
|
|
|
|
TEST_ASSERT( output2_size <=
|
|
|
|
|
PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg ) );
|
|
|
|
|
TEST_ASSERT( output2_size <= PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( output2_size,
|
|
|
|
|
PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg ) );
|
|
|
|
|
TEST_LE_U( output2_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE );
|
|
|
|
|
ASSERT_ALLOC( output2, output2_size );
|
|
|
|
|
|
|
|
|
|
/* We test encryption by checking that encrypt-then-decrypt gives back
|
|
|
|
|
@ -6537,7 +6537,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
|
|
|
|
|
&output_length ) );
|
|
|
|
|
/* We don't know what ciphertext length to expect, but check that
|
|
|
|
|
* it looks sensible. */
|
|
|
|
|
TEST_ASSERT( output_length <= output_size );
|
|
|
|
|
TEST_LE_U( output_length, output_size );
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_asymmetric_decrypt( key, alg,
|
|
|
|
|
output, output_length,
|
|
|
|
|
@ -6592,7 +6592,7 @@ void asymmetric_decrypt( int key_type_arg,
|
|
|
|
|
|
|
|
|
|
/* Determine the maximum ciphertext length */
|
|
|
|
|
output_size = PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
|
|
|
|
|
TEST_ASSERT( output_size <= PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( output_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE );
|
|
|
|
|
ASSERT_ALLOC( output, output_size );
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_asymmetric_decrypt( key, alg,
|
|
|
|
|
@ -6665,7 +6665,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
|
|
|
|
|
output, output_size,
|
|
|
|
|
&output_length );
|
|
|
|
|
TEST_EQUAL( actual_status, expected_status );
|
|
|
|
|
TEST_ASSERT( output_length <= output_size );
|
|
|
|
|
TEST_LE_U( output_length, output_size );
|
|
|
|
|
|
|
|
|
|
/* If the label is empty, the test framework puts a non-null pointer
|
|
|
|
|
* in label->x. Test that a null pointer works as well. */
|
|
|
|
|
@ -6680,7 +6680,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
|
|
|
|
|
output, output_size,
|
|
|
|
|
&output_length );
|
|
|
|
|
TEST_EQUAL( actual_status, expected_status );
|
|
|
|
|
TEST_ASSERT( output_length <= output_size );
|
|
|
|
|
TEST_LE_U( output_length, output_size );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
exit:
|
|
|
|
|
@ -7021,8 +7021,8 @@ void derive_output( int alg_arg,
|
|
|
|
|
if( PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
|
|
|
|
|
{
|
|
|
|
|
PSA_ASSERT( psa_get_key_attributes( keys[i], &attributes1 ) );
|
|
|
|
|
TEST_ASSERT( PSA_BITS_TO_BYTES( psa_get_key_bits( &attributes1 ) ) <=
|
|
|
|
|
PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE );
|
|
|
|
|
TEST_LE_U( PSA_BITS_TO_BYTES( psa_get_key_bits( &attributes1 ) ),
|
|
|
|
|
PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
PSA_ASSERT( psa_key_derivation_input_key( &operation,
|
|
|
|
|
@ -7550,7 +7550,6 @@ void raw_key_agreement( int alg_arg,
|
|
|
|
|
size_t output_length = ~0;
|
|
|
|
|
size_t key_bits;
|
|
|
|
|
|
|
|
|
|
ASSERT_ALLOC( output, expected_output->len );
|
|
|
|
|
PSA_ASSERT( psa_crypto_init( ) );
|
|
|
|
|
|
|
|
|
|
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
|
|
|
|
|
@ -7563,16 +7562,47 @@ void raw_key_agreement( int alg_arg,
|
|
|
|
|
PSA_ASSERT( psa_get_key_attributes( our_key, &attributes ) );
|
|
|
|
|
key_bits = psa_get_key_bits( &attributes );
|
|
|
|
|
|
|
|
|
|
/* Validate size macros */
|
|
|
|
|
TEST_LE_U( expected_output->len,
|
|
|
|
|
PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( our_key_type, key_bits ) );
|
|
|
|
|
TEST_LE_U( PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( our_key_type, key_bits ),
|
|
|
|
|
PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE );
|
|
|
|
|
|
|
|
|
|
/* Good case with exact output size */
|
|
|
|
|
ASSERT_ALLOC( output, expected_output->len );
|
|
|
|
|
PSA_ASSERT( psa_raw_key_agreement( alg, our_key,
|
|
|
|
|
peer_key_data->x, peer_key_data->len,
|
|
|
|
|
output, expected_output->len,
|
|
|
|
|
&output_length ) );
|
|
|
|
|
ASSERT_COMPARE( output, output_length,
|
|
|
|
|
expected_output->x, expected_output->len );
|
|
|
|
|
TEST_ASSERT( output_length <=
|
|
|
|
|
PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( our_key_type, key_bits ) );
|
|
|
|
|
TEST_ASSERT( output_length <=
|
|
|
|
|
PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE );
|
|
|
|
|
mbedtls_free( output );
|
|
|
|
|
output = NULL;
|
|
|
|
|
output_length = ~0;
|
|
|
|
|
|
|
|
|
|
/* Larger buffer */
|
|
|
|
|
ASSERT_ALLOC( output, expected_output->len + 1 );
|
|
|
|
|
PSA_ASSERT( psa_raw_key_agreement( alg, our_key,
|
|
|
|
|
peer_key_data->x, peer_key_data->len,
|
|
|
|
|
output, expected_output->len + 1,
|
|
|
|
|
&output_length ) );
|
|
|
|
|
ASSERT_COMPARE( output, output_length,
|
|
|
|
|
expected_output->x, expected_output->len );
|
|
|
|
|
mbedtls_free( output );
|
|
|
|
|
output = NULL;
|
|
|
|
|
output_length = ~0;
|
|
|
|
|
|
|
|
|
|
/* Buffer too small */
|
|
|
|
|
ASSERT_ALLOC( output, expected_output->len - 1 );
|
|
|
|
|
TEST_EQUAL( psa_raw_key_agreement( alg, our_key,
|
|
|
|
|
peer_key_data->x, peer_key_data->len,
|
|
|
|
|
output, expected_output->len - 1,
|
|
|
|
|
&output_length ),
|
|
|
|
|
PSA_ERROR_BUFFER_TOO_SMALL );
|
|
|
|
|
/* Not required by the spec, but good robustness */
|
|
|
|
|
TEST_LE_U( output_length, expected_output->len - 1 );
|
|
|
|
|
mbedtls_free( output );
|
|
|
|
|
output = NULL;
|
|
|
|
|
|
|
|
|
|
exit:
|
|
|
|
|
mbedtls_free( output );
|
|
|
|
|
|
Paul Elliott
GitHub