AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #170 from ARMmbed/increase_psa_key_derivation_code_coverage

Browse Source 
add tests that increase key derivation code coverage slightly
This commit is contained in:
Jaeden Amero 2018-11-06 09:17:19 +00:00 committed by GitHub
commit fe9f771e88
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 94 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
tests/suites/test_suite_psa_crypto.data
View File

@ -1290,6 +1290,10 @@ PSA key derivation: HKDF-SHA-256, good case
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS
PSA key derivation: HKDF-SHA-512, good case
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_512):"":"":42:PSA_SUCCESS
PSA key derivation: bad key type
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
@ -1302,6 +1306,18 @@ PSA key derivation: unsupported key derivation algorithm
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):"":"":42:PSA_ERROR_NOT_SUPPORTED
PSA key derivation: unsupported key derivation algorithm
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_CATEGORY_KEY_DERIVATION:"":"":42:PSA_ERROR_NOT_SUPPORTED
PSA key derivation: invalid generator state ( double generate + read past capacity )
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
test_derive_invalid_generator_state:
PSA key derivation: invalid generator state ( call read/get_capacity after init and abort )
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
test_derive_invalid_generator_tests:
PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""

78
tests/suites/test_suite_psa_crypto.function
View File

@ -3077,6 +3077,84 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
void test_derive_invalid_generator_state( )
{
psa_key_slot_t base_key = 1;
size_t key_type = PSA_KEY_TYPE_DERIVE;
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
psa_algorithm_t alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 );
uint8_t buffer[42];
size_t capacity = sizeof( buffer );
const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
psa_key_policy_t policy;
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS );
TEST_ASSERT( psa_import_key( base_key, key_type,
key_data,
sizeof( key_data ) ) == PSA_SUCCESS );
/* valid key derivation */
TEST_ASSERT( psa_key_derivation( &generator, base_key, alg,
NULL, 0,
NULL, 0,
capacity ) == PSA_SUCCESS );
/* state of generator shouldn't allow additional generation */
TEST_ASSERT( psa_key_derivation( &generator, base_key, alg,
NULL, 0,
NULL, 0,
capacity ) == PSA_ERROR_BAD_STATE );
TEST_ASSERT( psa_generator_read( &generator, buffer, capacity )
== PSA_SUCCESS );
TEST_ASSERT( psa_generator_read( &generator, buffer, capacity )
== PSA_ERROR_INSUFFICIENT_CAPACITY );
exit:
psa_generator_abort( &generator );
psa_destroy_key( base_key );
mbedtls_psa_crypto_free( );
}
/* END_CASE */
/* BEGIN_CASE */
void test_derive_invalid_generator_tests( )
{
uint8_t output_buffer[16];
size_t buffer_size = 16;
size_t capacity = 0;
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size )
== PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183
TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
== PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:#183
TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size )
== PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183
TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
== PSA_SUCCESS );// should be PSA_ERROR_BAD_STATE:#183
exit:
psa_generator_abort( &generator );
}
/* END_CASE */
/* BEGIN_CASE */
void derive_output( int alg_arg,
data_t *key_data,