diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index ea6c9b32c4..08a8b29dd5 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -305,6 +305,22 @@ PSA AEAD decrypt, AES-GCM, 144 bytes #1, INSUFFICIENT_MEMORY depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INSUFFICIENT_MEMORY +PSA MAC sign multipart, through driver: HMAC-SHA-224, parts: 0 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC +mac_sign_multipart:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"ba7d81028e07b30466b867d8fefaa52db111d56b45df5a0e1465bf39":0:PSA_SUCCESS + +PSA MAC sign multipart, through driver: HMAC-SHA-224, parts: 1 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC +mac_sign_multipart:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":1:PSA_SUCCESS + +PSA MAC sign multipart, through driver: HMAC-SHA-224, parts: 2 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC +mac_sign_multipart:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":2:PSA_SUCCESS + +PSA MAC sign multipart, through driver: HMAC-SHA-224, parts: 3 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC +mac_sign_multipart:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":3:PSA_SUCCESS + PSA MAC sign, through driver: HMAC-SHA-224 depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_SUCCESS @@ -329,6 +345,22 @@ PSA MAC sign, driver reports error: CMAC-AES-128 depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_GENERIC_ERROR +PSA MAC verify multipart, through driver: HMAC-SHA-224, parts: 0 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC +mac_verify_multipart:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"ba7d81028e07b30466b867d8fefaa52db111d56b45df5a0e1465bf39":0:PSA_SUCCESS + +PSA MAC verify multipart, through driver: HMAC-SHA-224, parts: 1 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC +mac_verify_multipart:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":1:PSA_SUCCESS + +PSA MAC verify multipart, through driver: HMAC-SHA-224, parts: 2 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC +mac_verify_multipart:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":2:PSA_SUCCESS + +PSA MAC verify multipart, through driver: HMAC-SHA-224, parts: 3 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC +mac_verify_multipart:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":3:PSA_SUCCESS + PSA MAC verify, through driver: HMAC-SHA-224 depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC:MBEDTLS_PSA_ACCEL_ALG_HMAC mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22":PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 64adba97d8..aab81fbd49 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1247,9 +1247,64 @@ void mac_sign( int key_type_arg, else TEST_EQUAL( forced_status, status ); - if( mac_buffer_size > 0 ) - memset( actual_mac, 0, mac_buffer_size ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); + + if( forced_status == PSA_SUCCESS ) + { + ASSERT_COMPARE( expected_mac->x, expected_mac->len, + actual_mac, mac_length ); + } + + mbedtls_free( actual_mac ); + actual_mac = NULL; + +exit: + psa_mac_abort( &operation ); + psa_destroy_key( key ); + PSA_DONE( ); + mbedtls_free( actual_mac ); mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mac_sign_multipart( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input, + data_t *expected_mac, + int fragments_count, + int forced_status_arg ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t *actual_mac = NULL; + size_t mac_buffer_size = + PSA_MAC_LENGTH( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg ); + size_t mac_length = 0; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t forced_status = forced_status_arg; + uint8_t *input_x = input->x; + mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); + + TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE ); + /* We expect PSA_MAC_LENGTH to be exact. */ + TEST_ASSERT( expected_mac->len == mac_buffer_size ); + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + ASSERT_ALLOC( actual_mac, mac_buffer_size ); mbedtls_test_driver_mac_hooks.forced_status = forced_status; /* @@ -1266,25 +1321,38 @@ void mac_sign( int key_type_arg, else TEST_EQUAL( forced_status, status ); - status = psa_mac_update( &operation, - input->x, input->len ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) + if ( fragments_count ) { - PSA_ASSERT( status ); + TEST_ASSERT( ( input->len / fragments_count ) > 0 ); + } + + for ( int i = 0; i < fragments_count; i++) + { + int fragment_size = input->len / fragments_count; + if ( i == fragments_count - 1 ) + fragment_size += ( input->len % fragments_count ); + + status = psa_mac_update( &operation, + input_x, fragment_size ); + if( forced_status == PSA_SUCCESS ) + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 + i ); + else + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); + if( forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED ) + { + PSA_ASSERT( status ); + } + else + TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); + input_x += fragment_size; } - else - TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); status = psa_mac_sign_finish( &operation, actual_mac, mac_buffer_size, &mac_length ); if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 3 + fragments_count ); else TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); @@ -1298,7 +1366,7 @@ void mac_sign( int key_type_arg, PSA_ASSERT( psa_mac_abort( &operation ) ); if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 3 + fragments_count ); else TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); @@ -1365,7 +1433,46 @@ void mac_verify( int key_type_arg, else TEST_EQUAL( forced_status, status ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); +exit: + psa_mac_abort( &operation ); + psa_destroy_key( key ); + PSA_DONE( ); mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mac_verify_multipart( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input, + data_t *expected_mac, + int fragments_count, + int forced_status_arg ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status = PSA_ERROR_GENERIC_ERROR; + psa_status_t forced_status = forced_status_arg; + uint8_t *input_x = input->x; + mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); + + TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE ); + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + mbedtls_test_driver_mac_hooks.forced_status = forced_status; /* @@ -1382,26 +1489,39 @@ void mac_verify( int key_type_arg, else TEST_EQUAL( forced_status, status ); - status = psa_mac_update( &operation, - input->x, input->len ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) + if ( fragments_count ) { - PSA_ASSERT( status ); + TEST_ASSERT( ( input->len / fragments_count ) > 0 ); + } + + for ( int i = 0; i < fragments_count; i++) + { + int fragment_size = input->len / fragments_count; + if ( i == fragments_count - 1 ) + fragment_size += ( input->len % fragments_count ); + + status = psa_mac_update( &operation, + input_x, fragment_size ); + if( forced_status == PSA_SUCCESS ) + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 + i ); + else + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); + + if( forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED ) + { + PSA_ASSERT( status ); + } + else + TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); + input_x += fragment_size; } - else - TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); status = psa_mac_verify_finish( &operation, expected_mac->x, expected_mac->len ); if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 3 + fragments_count ); else TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); @@ -1416,7 +1536,7 @@ void mac_verify( int key_type_arg, PSA_ASSERT( psa_mac_abort( &operation ) ); if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); + TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 3 + fragments_count ); else TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );