mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-16 08:42:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add key_destroyable parameter to psa_exercise_cipher_key

Browse Source 
If the key has been destroyed (and the new parameter is 1), we test that
psa_cipher_abort succeeds in this scenario.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
This commit is contained in:
Ryan Everett 2024-03-12 16:04:45 +00:00
parent 7763550884
commit 70691f3082
1 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
tests/src/psa_exercise_key.c
View File

@ -174,7 +174,8 @@ exit:
static int exercise_cipher_key(mbedtls_svc_key_id_t key, static int exercise_cipher_key(mbedtls_svc_key_id_t key,
psa_key_usage_t usage, psa_key_usage_t usage,
psa_algorithm_t alg) psa_algorithm_t alg,
int key_destroyable)
{ {
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
unsigned char iv[PSA_CIPHER_IV_MAX_SIZE] = { 0 }; unsigned char iv[PSA_CIPHER_IV_MAX_SIZE] = { 0 };
@ -186,13 +187,20 @@ static int exercise_cipher_key(mbedtls_svc_key_id_t key,
size_t ciphertext_length = sizeof(ciphertext); size_t ciphertext_length = sizeof(ciphertext);
unsigned char decrypted[sizeof(ciphertext)]; unsigned char decrypted[sizeof(ciphertext)];
size_t part_length; size_t part_length;
psa_status_t status = PSA_SUCCESS;
PSA_ASSERT(psa_get_key_attributes(key, &attributes)); PSA_ASSERT(psa_get_key_attributes(key, &attributes));
key_type = psa_get_key_type(&attributes); key_type = psa_get_key_type(&attributes);
iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg); iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg);
if (usage & PSA_KEY_USAGE_ENCRYPT) { if (usage & PSA_KEY_USAGE_ENCRYPT) {
PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); status = psa_cipher_encrypt_setup(&operation, key, alg);
if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
/* The key has been destroyed. */
PSA_ASSERT(psa_cipher_abort(&operation));
return 1;
}
PSA_ASSERT(status);
if (iv_length != 0) { if (iv_length != 0) {
PSA_ASSERT(psa_cipher_generate_iv(&operation, PSA_ASSERT(psa_cipher_generate_iv(&operation,
iv, sizeof(iv), iv, sizeof(iv),
@ -210,12 +218,17 @@ static int exercise_cipher_key(mbedtls_svc_key_id_t key,
} }
if (usage & PSA_KEY_USAGE_DECRYPT) { if (usage & PSA_KEY_USAGE_DECRYPT) {
psa_status_t status;
int maybe_invalid_padding = 0; int maybe_invalid_padding = 0;
if (!(usage & PSA_KEY_USAGE_ENCRYPT)) { if (!(usage & PSA_KEY_USAGE_ENCRYPT)) {
maybe_invalid_padding = !PSA_ALG_IS_STREAM_CIPHER(alg); maybe_invalid_padding = !PSA_ALG_IS_STREAM_CIPHER(alg);
} }
PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); status = psa_cipher_decrypt_setup(&operation, key, alg);
if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) {
/* The key has been destroyed. */
PSA_ASSERT(psa_cipher_abort(&operation));
return 1;
}
PSA_ASSERT(status);
if (iv_length != 0) { if (iv_length != 0) {
PSA_ASSERT(psa_cipher_set_iv(&operation, PSA_ASSERT(psa_cipher_set_iv(&operation,
iv, iv_length)); iv, iv_length));