mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-30 06:33:06 +00:00
mbedtls_pk_import_into_psa: negative tests for different ECC curve
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
parent
fc3d866ad2
commit
10e9c412c0
@ -1145,6 +1145,42 @@ PSA import into PSA: ECDSA pair to RSA (bad)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME
|
||||
pk_import_into_psa_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: ECKEY pair to different curve (bad)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES
|
||||
pk_import_into_psa_fail:MBEDTLS_PK_ECKEY:1:PSA_KEY_TYPE_ECC_KEY_PAIR(MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY):MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: ECKEY_DH pair to different curve (bad)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES
|
||||
pk_import_into_psa_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_TYPE_ECC_KEY_PAIR(MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY):MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: ECDSA pair to different curve (bad)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES:MBEDTLS_PK_CAN_ECDSA_SOME
|
||||
pk_import_into_psa_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_TYPE_ECC_KEY_PAIR(MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY):MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: ECKEY pair to public, different curve (bad)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES
|
||||
pk_import_into_psa_fail:MBEDTLS_PK_ECKEY:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY):MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: ECKEY_DH pair to public, different curve (bad)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES
|
||||
pk_import_into_psa_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY):MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: ECDSA pair to public, different curve (bad)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES:MBEDTLS_PK_CAN_ECDSA_SOME
|
||||
pk_import_into_psa_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY):MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: ECKEY public to different curve (bad)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES
|
||||
pk_import_into_psa_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_TYPE_ECC_PUBLIC_KEY(MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY):MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: ECKEY_DH public to different curve (bad)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES
|
||||
pk_import_into_psa_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_TYPE_ECC_PUBLIC_KEY(MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY):MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: ECDSA public to different curve (bad)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES:MBEDTLS_PK_CAN_ECDSA_SOME
|
||||
pk_import_into_psa_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_TYPE_ECC_PUBLIC_KEY(MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY):MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: ECKEY public to pair (bad)
|
||||
depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE
|
||||
pk_import_into_psa_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(MBEDTLS_TEST_PSA_ECC_ONE_FAMILY):MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
@ -1280,6 +1316,10 @@ PSA import into PSA: opaque ECC, different type (bad)
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:PSA_WANT_ALG_ECDSA
|
||||
pk_import_into_psa_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(MBEDTLS_TEST_PSA_ECC_ONE_FAMILY):MBEDTLS_PSA_ECC_ONE_CURVE_BITS:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0:PSA_KEY_TYPE_HMAC:MBEDTLS_PSA_ECC_ONE_CURVE_BITS:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0:MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: opaque ECC, different family (bad)
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES:PSA_WANT_ALG_ECDSA
|
||||
pk_import_into_psa_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(MBEDTLS_TEST_PSA_ECC_ONE_FAMILY):MBEDTLS_PSA_ECC_ONE_CURVE_BITS:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0:PSA_KEY_TYPE_ECC_KEY_PAIR(MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY):MBEDTLS_PSA_ECC_ONE_CURVE_BITS:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0:MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
PSA import into PSA: opaque ECC to public (ok)
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:PSA_WANT_ALG_ECDSA
|
||||
pk_import_into_psa_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(MBEDTLS_TEST_PSA_ECC_ONE_FAMILY):MBEDTLS_PSA_ECC_ONE_CURVE_BITS:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_PUBLIC_KEY(MBEDTLS_TEST_PSA_ECC_ONE_FAMILY):MBEDTLS_PSA_ECC_ONE_CURVE_BITS:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0
|
||||
@ -1294,3 +1334,7 @@ pk_import_into_psa_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(MBEDTLS_TEST_PSA_ECC_ONE_FAM
|
||||
PSA import into PSA: opaque ECC to public, different bits (bad)
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:PSA_WANT_ALG_ECDSA
|
||||
pk_import_into_psa_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(MBEDTLS_TEST_PSA_ECC_ONE_FAMILY):MBEDTLS_PSA_ECC_ONE_CURVE_BITS:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_PUBLIC_KEY(MBEDTLS_TEST_PSA_ECC_ONE_FAMILY):MBEDTLS_PSA_ECC_ONE_CURVE_BITS + 8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):MBEDTLS_ERR_PK_INVALID_ALG
|
||||
|
||||
PSA import into PSA: opaque ECC to public, different family (bad)
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES:PSA_WANT_ALG_ECDSA
|
||||
pk_import_into_psa_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(MBEDTLS_TEST_PSA_ECC_ONE_FAMILY):MBEDTLS_PSA_ECC_ONE_CURVE_BITS:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0:PSA_KEY_TYPE_ECC_PUBLIC_KEY(MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY):MBEDTLS_PSA_ECC_ONE_CURVE_BITS:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0:MBEDTLS_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
@ -114,6 +114,26 @@
|
||||
#define MBEDTLS_TEST_ECP_DP_ONE_CURVE 0
|
||||
#endif
|
||||
|
||||
/* Pick a second curve, for tests that need two supported curves of the
|
||||
* same size. For simplicity, we only handle a subset of configurations,
|
||||
* and both curves will support both ECDH and ECDSA. */
|
||||
#if defined(PSA_WANT_ECC_SECP_R1_192) && defined(PSA_WANT_ECC_SECP_K1_192)
|
||||
/* Identical redefinition of the ONE macros, to confirm that they have
|
||||
* the values we expect here. */
|
||||
#define MBEDTLS_TEST_PSA_ECC_ONE_FAMILY PSA_ECC_FAMILY_SECP_R1
|
||||
#define MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY PSA_ECC_FAMILY_SECP_K1
|
||||
#define MBEDTLS_PSA_ECC_ONE_CURVE_BITS 192
|
||||
#define MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES
|
||||
#elif defined(PSA_WANT_ECC_SECP_R1_256) && defined(PSA_WANT_ECC_SECP_K1_256)
|
||||
#define MBEDTLS_TEST_PSA_ECC_ONE_FAMILY PSA_ECC_FAMILY_SECP_R1
|
||||
#define MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY PSA_ECC_FAMILY_SECP_K1
|
||||
#define MBEDTLS_PSA_ECC_ONE_CURVE_BITS 256
|
||||
#define MBEDTLS_TEST_PSA_ECC_HAVE_TWO_FAMILIES
|
||||
#else
|
||||
/* Always define the macros so that we can use them in test data. */
|
||||
#define MBEDTLS_TEST_PSA_ECC_ANOTHER_FAMILY 0
|
||||
#endif
|
||||
|
||||
#endif /* defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) */
|
||||
|
||||
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user