From c9ad5910aa937bf7fcca9de707ed73d4b140a963 Mon Sep 17 00:00:00 2001 From: Unknown Date: Wed, 10 Jul 2019 06:45:31 -0400 Subject: [PATCH 1/9] crypto_se_driver: add mock tests Mock key importing and exporting --- tests/CMakeLists.txt | 1 + ..._suite_psa_crypto_se_driver_hal_mocks.data | 5 + ...te_psa_crypto_se_driver_hal_mocks.function | 206 ++++++++++++++++++ 3 files changed, 212 insertions(+) create mode 100644 tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data create mode 100644 tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 7e543700ee..7dcc98d0e4 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -143,6 +143,7 @@ add_test_suite(psa_crypto_init) add_test_suite(psa_crypto_metadata) add_test_suite(psa_crypto_persistent_key) add_test_suite(psa_crypto_se_driver_hal) +add_test_suite(psa_crypto_se_driver_hal_mocks) add_test_suite(psa_crypto_slot_management) add_test_suite(psa_its) add_test_suite(shax) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data new file mode 100644 index 0000000000..6be018e1ba --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -0,0 +1,5 @@ +SE key importing mock test +mock_import: + +SE key exporting mock test +mock_export: diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function new file mode 100644 index 0000000000..b0033f0929 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -0,0 +1,206 @@ +/* BEGIN_HEADER */ +#include "psa_crypto_helpers.h" +#include "psa/crypto_se_driver.h" + +#include "psa_crypto_se.h" + +static struct +{ + uint16_t called; + psa_key_slot_number_t key_slot; + psa_key_attributes_t attributes; + size_t data_length; +} mock_import_data; + +static struct +{ + uint16_t called; + psa_key_slot_number_t slot_number; + size_t data_size; +} mock_export_data; + +static struct +{ + uint16_t called; +} mock_allocate_data; + +static struct +{ + uint16_t called; + psa_key_slot_number_t slot_number; +} mock_destroy_data; + +static void mock_teardown( void ) +{ + memset( &mock_import_data, 0, sizeof( mock_import_data ) ); + memset( &mock_export_data, 0, sizeof( mock_export_data ) ); + memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); + memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); +} + +static psa_status_t mock_import( psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + size_t *bits ) +{ + (void) drv_context; + (void) data; + (void) bits; + + mock_import_data.called++; + mock_import_data.key_slot = key_slot; + mock_import_data.attributes = *attributes; + mock_import_data.data_length = data_length; + + return( PSA_SUCCESS ); +} + +psa_status_t mock_export( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length ) +{ + (void) context; + (void) p_data; + (void) p_data_length; + + mock_export_data.called++; + mock_export_data.slot_number = slot_number; + mock_export_data.data_size = data_size; + + return( PSA_SUCCESS ); +} + +psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, + void *persistent_data, + const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, + psa_key_slot_number_t *key_slot ) +{ + (void) drv_context; + (void) persistent_data; + (void) attributes; + (void) method; + (void) key_slot; + + mock_allocate_data.called++; + *key_slot = 0; + + return( PSA_SUCCESS ); +} + +psa_status_t mock_destroy( psa_drv_se_context_t *context, + void *persistent_data, + psa_key_slot_number_t slot_number ) +{ + (void) context; + (void) persistent_data; + + mock_destroy_data.called++; + mock_destroy_data.slot_number = slot_number; + + return( PSA_SUCCESS ); +} + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_SE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void mock_import( ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + key_management.p_import = mock_import; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + PSA_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) ); + + TEST_ASSERT( mock_allocate_data.called == 1 ); + TEST_ASSERT( mock_import_data.called == 1 ); + TEST_ASSERT( mock_import_data.attributes.core.type == PSA_KEY_TYPE_RAW_DATA ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + + TEST_ASSERT( mock_destroy_data.called == 1 ); + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mock_export( ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + uint8_t exported[sizeof( key_material )]; + size_t exported_length; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + key_management.p_import = mock_import; + key_management.p_export = mock_export; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + PSA_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) ); + + PSA_ASSERT( psa_export_key( handle, + exported, sizeof( exported ), + &exported_length ) ); + + TEST_ASSERT( mock_export_data.called == 1 ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + + TEST_ASSERT( mock_destroy_data.called == 1 ); + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ From 9fd6b0cb6fa8a05d874d1f077f76fc2950e6ba93 Mon Sep 17 00:00:00 2001 From: Unknown Date: Wed, 10 Jul 2019 07:02:36 -0400 Subject: [PATCH 2/9] crypto_se_driver: add key generation mock and test --- ..._suite_psa_crypto_se_driver_hal_mocks.data | 3 + ...te_psa_crypto_se_driver_hal_mocks.function | 69 +++++++++++++++++++ 2 files changed, 72 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index 6be018e1ba..5f440fd0f7 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -3,3 +3,6 @@ mock_import: SE key exporting mock test mock_export: + +SE key generating mock test +mock_generate: diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index b0033f0929..1a132fd91c 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -4,6 +4,14 @@ #include "psa_crypto_se.h" +static struct +{ + uint16_t called; + psa_key_slot_number_t key_slot; + psa_key_attributes_t attributes; + size_t pubkey_size; +} mock_generate_data; + static struct { uint16_t called; @@ -36,6 +44,26 @@ static void mock_teardown( void ) memset( &mock_export_data, 0, sizeof( mock_export_data ) ); memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); + memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); +} + +static psa_status_t mock_generate( psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, + const psa_key_attributes_t *attributes, + uint8_t *pubkey, + size_t pubkey_size, + size_t *pubkey_length ) +{ + (void) drv_context; + (void) pubkey; + (void) pubkey_length; + + mock_generate_data.called++; + mock_generate_data.key_slot = key_slot; + mock_generate_data.attributes = *attributes; + mock_generate_data.pubkey_size = pubkey_size; + + return( PSA_SUCCESS ); } static psa_status_t mock_import( psa_drv_se_context_t *drv_context, @@ -204,3 +232,44 @@ exit: mock_teardown( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void mock_generate( ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + key_management.p_generate = mock_generate; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); + TEST_ASSERT( mock_allocate_data.called == 1 ); + TEST_ASSERT( mock_generate_data.called == 1 ); + + if( expected_result == PSA_SUCCESS ) + { + PSA_ASSERT( psa_destroy_key( handle ) ); + TEST_ASSERT( mock_destroy_data.called == 1 ); + } + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ From 903b5da51c009d2299c7d8b5b147f2059c6a6e3b Mon Sep 17 00:00:00 2001 From: Unknown Date: Wed, 10 Jul 2019 09:11:01 -0400 Subject: [PATCH 3/9] crypto_se_driver: add an error injection mechanism to the mocks --- ..._suite_psa_crypto_se_driver_hal_mocks.data | 21 +++++- ...te_psa_crypto_se_driver_hal_mocks.function | 74 +++++++++++++------ 2 files changed, 71 insertions(+), 24 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index 5f440fd0f7..bb6586d853 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -1,8 +1,23 @@ SE key importing mock test -mock_import: +mock_import:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +SE key importing mock test: alloc failed +mock_import:PSA_ERROR_HARDWARE_FAILURE:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE + +SE key importing mock test: import failed +mock_import:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE SE key exporting mock test -mock_export: +mock_export:PSA_SUCCESS:PSA_SUCCESS + +SE key exporting mock test: export failed +mock_export:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE SE key generating mock test -mock_generate: +mock_generate:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +SE key generating mock test: alloc failed +mock_generate:PSA_ERROR_HARDWARE_FAILURE:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE + +SE key generating mock test: generating failed +mock_generate:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 1a132fd91c..78eaedaa3f 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -10,6 +10,7 @@ static struct psa_key_slot_number_t key_slot; psa_key_attributes_t attributes; size_t pubkey_size; + psa_status_t return_value; } mock_generate_data; static struct @@ -18,6 +19,7 @@ static struct psa_key_slot_number_t key_slot; psa_key_attributes_t attributes; size_t data_length; + psa_status_t return_value; } mock_import_data; static struct @@ -25,17 +27,20 @@ static struct uint16_t called; psa_key_slot_number_t slot_number; size_t data_size; + psa_status_t return_value; } mock_export_data; static struct { uint16_t called; + psa_status_t return_value; } mock_allocate_data; static struct { uint16_t called; psa_key_slot_number_t slot_number; + psa_status_t return_value; } mock_destroy_data; static void mock_teardown( void ) @@ -63,7 +68,7 @@ static psa_status_t mock_generate( psa_drv_se_context_t *drv_context, mock_generate_data.attributes = *attributes; mock_generate_data.pubkey_size = pubkey_size; - return( PSA_SUCCESS ); + return( mock_generate_data.return_value ); } static psa_status_t mock_import( psa_drv_se_context_t *drv_context, @@ -82,7 +87,7 @@ static psa_status_t mock_import( psa_drv_se_context_t *drv_context, mock_import_data.attributes = *attributes; mock_import_data.data_length = data_length; - return( PSA_SUCCESS ); + return( mock_import_data.return_value ); } psa_status_t mock_export( psa_drv_se_context_t *context, @@ -99,7 +104,7 @@ psa_status_t mock_export( psa_drv_se_context_t *context, mock_export_data.slot_number = slot_number; mock_export_data.data_size = data_size; - return( PSA_SUCCESS ); + return( mock_export_data.return_value ); } psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, @@ -117,7 +122,7 @@ psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, mock_allocate_data.called++; *key_slot = 0; - return( PSA_SUCCESS ); + return( mock_allocate_data.return_value ); } psa_status_t mock_destroy( psa_drv_se_context_t *context, @@ -130,7 +135,7 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, mock_destroy_data.called++; mock_destroy_data.slot_number = slot_number; - return( PSA_SUCCESS ); + return( mock_destroy_data.return_value ); } /* END_HEADER */ @@ -141,7 +146,9 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, */ /* BEGIN_CASE */ -void mock_import( ) +void mock_import( int mock_alloc_return_value, + int mock_import_return_value, + int expected_result ) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; @@ -151,6 +158,8 @@ void mock_import( ) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + mock_allocate_data.return_value = mock_alloc_return_value; + mock_import_data.return_value = mock_import_return_value; memset( &driver, 0, sizeof( driver ) ); memset( &key_management, 0, sizeof( key_management ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; @@ -166,18 +175,27 @@ void mock_import( ) psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &handle ) ); + TEST_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) == expected_result ); TEST_ASSERT( mock_allocate_data.called == 1 ); - TEST_ASSERT( mock_import_data.called == 1 ); - TEST_ASSERT( mock_import_data.attributes.core.type == PSA_KEY_TYPE_RAW_DATA ); - - PSA_ASSERT( psa_destroy_key( handle ) ); - - TEST_ASSERT( mock_destroy_data.called == 1 ); + TEST_ASSERT( mock_import_data.called == + ( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) ); + TEST_ASSERT( mock_import_data.attributes.core.id == + ( mock_alloc_return_value == PSA_SUCCESS? id : 0 ) ); + TEST_ASSERT( mock_import_data.attributes.core.lifetime == + ( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) ); + TEST_ASSERT( mock_import_data.attributes.core.policy.usage == + ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_USAGE_EXPORT : 0 ) ); + TEST_ASSERT( mock_import_data.attributes.core.type == + ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_TYPE_RAW_DATA : 0 ) ); + if( expected_result == PSA_SUCCESS ) + { + PSA_ASSERT( psa_destroy_key( handle ) ); + TEST_ASSERT( mock_destroy_data.called == 1 ); + } exit: PSA_DONE( ); mock_teardown( ); @@ -185,7 +203,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mock_export( ) +void mock_export( int mock_export_return_value, int expected_result ) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; @@ -197,6 +215,7 @@ void mock_export( ) uint8_t exported[sizeof( key_material )]; size_t exported_length; + mock_export_data.return_value = mock_export_return_value; memset( &driver, 0, sizeof( driver ) ); memset( &key_management, 0, sizeof( key_management ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; @@ -217,9 +236,9 @@ void mock_export( ) key_material, sizeof( key_material ), &handle ) ); - PSA_ASSERT( psa_export_key( handle, + TEST_ASSERT( psa_export_key( handle, exported, sizeof( exported ), - &exported_length ) ); + &exported_length ) == expected_result ); TEST_ASSERT( mock_export_data.called == 1 ); @@ -234,7 +253,9 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mock_generate( ) +void mock_generate( int mock_alloc_return_value, + int mock_generate_return_value, + int expected_result ) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; @@ -243,6 +264,8 @@ void mock_generate( ) psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mock_allocate_data.return_value = mock_alloc_return_value; + mock_generate_data.return_value = mock_generate_return_value; memset( &driver, 0, sizeof( driver ) ); memset( &key_management, 0, sizeof( key_management ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; @@ -258,9 +281,18 @@ void mock_generate( ) psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); + TEST_ASSERT( psa_generate_key( &attributes, &handle ) == expected_result ); TEST_ASSERT( mock_allocate_data.called == 1 ); - TEST_ASSERT( mock_generate_data.called == 1 ); + TEST_ASSERT( mock_generate_data.called == + ( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) ); + TEST_ASSERT( mock_generate_data.attributes.core.id == + ( mock_alloc_return_value == PSA_SUCCESS? id : 0 ) ); + TEST_ASSERT( mock_generate_data.attributes.core.lifetime == + ( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) ); + TEST_ASSERT( mock_generate_data.attributes.core.policy.usage == + ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_USAGE_EXPORT : 0 ) ); + TEST_ASSERT( mock_generate_data.attributes.core.type == + ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_TYPE_RAW_DATA : 0 ) ); if( expected_result == PSA_SUCCESS ) { From 136901c24c8f2ebc6398cdf2b8a604d0a74e8ae6 Mon Sep 17 00:00:00 2001 From: Unknown Date: Thu, 11 Jul 2019 04:11:17 -0400 Subject: [PATCH 4/9] crypto_se_driver: add public key exporting test --- ..._suite_psa_crypto_se_driver_hal_mocks.data | 6 ++ ...te_psa_crypto_se_driver_hal_mocks.function | 75 +++++++++++++++++++ 2 files changed, 81 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index bb6586d853..deab44fff3 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -13,6 +13,12 @@ mock_export:PSA_SUCCESS:PSA_SUCCESS SE key exporting mock test: export failed mock_export:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE +SE public key exporting mock test +mock_export_public:PSA_SUCCESS:PSA_SUCCESS + +SE public key exporting mock test: export failed +mock_export_public:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE + SE key generating mock test mock_generate:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 78eaedaa3f..bce3c18f89 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -30,6 +30,14 @@ static struct psa_status_t return_value; } mock_export_data; +static struct +{ + uint16_t called; + psa_key_slot_number_t slot_number; + size_t data_size; + psa_status_t return_value; +} mock_export_public_data; + static struct { uint16_t called; @@ -47,6 +55,7 @@ static void mock_teardown( void ) { memset( &mock_import_data, 0, sizeof( mock_import_data ) ); memset( &mock_export_data, 0, sizeof( mock_export_data ) ); + memset( &mock_export_public_data, 0, sizeof( mock_export_public_data ) ); memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); @@ -107,6 +116,23 @@ psa_status_t mock_export( psa_drv_se_context_t *context, return( mock_export_data.return_value ); } +psa_status_t mock_export_public( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length ) +{ + (void) context; + (void) p_data; + (void) p_data_length; + + mock_export_public_data.called++; + mock_export_public_data.slot_number = slot_number; + mock_export_public_data.data_size = data_size; + + return( mock_export_public_data.return_value ); +} + psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, @@ -305,3 +331,52 @@ exit: mock_teardown( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void mock_export_public( int mock_export_public_return_value, + int expected_result ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + uint8_t exported[sizeof( key_material )]; + size_t exported_length; + + mock_export_public_data.return_value = mock_export_public_return_value; + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + key_management.p_import = mock_import; + key_management.p_export_public = mock_export_public; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_PUBLIC_KEY ); + + PSA_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) ); + + TEST_ASSERT( psa_export_public_key( handle, exported, sizeof(exported), + &exported_length ) == expected_result ); + TEST_ASSERT( mock_export_public_data.called == 1 ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + TEST_ASSERT( mock_destroy_data.called == 1 ); + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ From b7656a8a85c6863ae77b6caec7133a00d975f416 Mon Sep 17 00:00:00 2001 From: Unknown Date: Thu, 11 Jul 2019 06:01:33 -0400 Subject: [PATCH 5/9] crypto_se_driver: add signing mock test --- ..._suite_psa_crypto_se_driver_hal_mocks.data | 6 ++ ...te_psa_crypto_se_driver_hal_mocks.function | 90 +++++++++++++++++++ 2 files changed, 96 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index deab44fff3..ca294c2a4a 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -27,3 +27,9 @@ mock_generate:PSA_ERROR_HARDWARE_FAILURE:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE SE key generating mock test: generating failed mock_generate:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE + +SE signing mock test +mock_sign:PSA_SUCCESS:PSA_SUCCESS + +SE signing mock test: sign failed +mock_sign:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index bce3c18f89..dae0905d58 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -38,6 +38,16 @@ static struct psa_status_t return_value; } mock_export_public_data; +static struct +{ + uint16_t called; + psa_key_slot_number_t key_slot; + psa_algorithm_t alg; + size_t hash_length; + size_t signature_size; + psa_status_t return_value; +} mock_sign_data; + static struct { uint16_t called; @@ -56,6 +66,7 @@ static void mock_teardown( void ) memset( &mock_import_data, 0, sizeof( mock_import_data ) ); memset( &mock_export_data, 0, sizeof( mock_export_data ) ); memset( &mock_export_public_data, 0, sizeof( mock_export_public_data ) ); + memset( &mock_sign_data, 0, sizeof( mock_sign_data ) ); memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); @@ -133,6 +144,29 @@ psa_status_t mock_export_public( psa_drv_se_context_t *context, return( mock_export_public_data.return_value ); } +psa_status_t mock_sign( psa_drv_se_context_t *context, + psa_key_slot_number_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length ) +{ + (void) context; + (void) p_hash; + (void) p_signature; + (void) p_signature_length; + + mock_sign_data.called++; + mock_sign_data.key_slot = key_slot; + mock_sign_data.alg = alg; + mock_sign_data.hash_length = hash_length; + mock_sign_data.signature_size = signature_size; + + return mock_sign_data.return_value; +} + psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, @@ -380,3 +414,59 @@ exit: mock_teardown( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void mock_sign( int mock_sign_return_value, int expected_result ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_drv_se_asymmetric_t asymmetric; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); + size_t signature_length; + + mock_sign_data.return_value = mock_sign_return_value; + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + memset( &asymmetric, 0, sizeof( asymmetric ) ); + + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + + driver.key_management = &key_management; + key_management.p_import = mock_import; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + driver.asymmetric = &asymmetric; + asymmetric.p_sign = mock_sign; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_algorithm( &attributes, algorithm ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_KEY_PAIR ); + + PSA_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) ); + + TEST_ASSERT( psa_asymmetric_sign( handle, algorithm, NULL, 0, NULL, 0, + &signature_length) + == expected_result ); + TEST_ASSERT( mock_sign_data.called == 1 ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + TEST_ASSERT( mock_destroy_data.called == 1 ); + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ From f740b0abbbbdd819f7aa2f73996bb4ddd352cd00 Mon Sep 17 00:00:00 2001 From: Unknown Date: Thu, 11 Jul 2019 06:35:46 -0400 Subject: [PATCH 6/9] crypto_se_driver: add verification mock test --- ..._suite_psa_crypto_se_driver_hal_mocks.data | 6 ++ ...te_psa_crypto_se_driver_hal_mocks.function | 86 +++++++++++++++++++ 2 files changed, 92 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index ca294c2a4a..c05b18274c 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -33,3 +33,9 @@ mock_sign:PSA_SUCCESS:PSA_SUCCESS SE signing mock test: sign failed mock_sign:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE + +SE verification mock test +mock_verify:PSA_SUCCESS:PSA_SUCCESS + +SE verification mock test: verify failed +mock_verify:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index dae0905d58..ba51428231 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -48,6 +48,16 @@ static struct psa_status_t return_value; } mock_sign_data; +static struct +{ + uint16_t called; + psa_key_slot_number_t key_slot; + psa_algorithm_t alg; + size_t hash_length; + size_t signature_length; + psa_status_t return_value; +} mock_verify_data; + static struct { uint16_t called; @@ -67,6 +77,7 @@ static void mock_teardown( void ) memset( &mock_export_data, 0, sizeof( mock_export_data ) ); memset( &mock_export_public_data, 0, sizeof( mock_export_public_data ) ); memset( &mock_sign_data, 0, sizeof( mock_sign_data ) ); + memset( &mock_verify_data, 0, sizeof( mock_verify_data ) ); memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); @@ -167,6 +178,27 @@ psa_status_t mock_sign( psa_drv_se_context_t *context, return mock_sign_data.return_value; } +psa_status_t mock_verify( psa_drv_se_context_t *context, + psa_key_slot_number_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length ) +{ + (void) context; + (void) p_hash; + (void) p_signature; + + mock_verify_data.called++; + mock_verify_data.key_slot = key_slot; + mock_verify_data.alg = alg; + mock_verify_data.hash_length = hash_length; + mock_verify_data.signature_length = signature_length; + + return mock_verify_data.return_value; +} + psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, @@ -470,3 +502,57 @@ exit: mock_teardown( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void mock_verify( int mock_verify_return_value, int expected_result ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_drv_se_asymmetric_t asymmetric; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); + + mock_verify_data.return_value = mock_verify_return_value; + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + memset( &asymmetric, 0, sizeof( asymmetric ) ); + + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + + driver.key_management = &key_management; + key_management.p_import = mock_import; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + driver.asymmetric = &asymmetric; + asymmetric.p_verify = mock_verify; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_algorithm( &attributes, algorithm ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + + PSA_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) ); + + TEST_ASSERT( psa_asymmetric_verify( handle, algorithm, NULL, 0, NULL, 0) + == expected_result ); + TEST_ASSERT( mock_verify_data.called == 1 ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + TEST_ASSERT( mock_destroy_data.called == 1 ); + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ From 4abb40cab3003567f1b4d1c91ffd9ba6033b7cdc Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 30 Jul 2019 16:01:45 +0100 Subject: [PATCH 7/9] Clean up core storage between tests --- ...te_psa_crypto_se_driver_hal_mocks.function | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index ba51428231..9d73d8f1ac 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -3,6 +3,7 @@ #include "psa/crypto_se_driver.h" #include "psa_crypto_se.h" +#include "psa_crypto_storage.h" static struct { @@ -71,6 +72,23 @@ static struct psa_status_t return_value; } mock_destroy_data; +#define MAX_KEY_ID_FOR_TEST 10 +static void psa_purge_storage( void ) +{ + psa_key_id_t id; + psa_key_lifetime_t lifetime; + /* The tests may have potentially created key ids from 1 to + * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id + * 0, which file-based storage uses as a temporary file. */ + for( id = 0; id <= MAX_KEY_ID_FOR_TEST; id++ ) + psa_destroy_persistent_key( id ); + /* Purge the transaction file. */ + psa_crypto_stop_transaction( ); + /* Purge driver persistent data. */ + for( lifetime = 0; lifetime < PSA_MAX_SE_LIFETIME; lifetime++ ) + psa_destroy_se_persistent_data( lifetime ); +} + static void mock_teardown( void ) { memset( &mock_import_data, 0, sizeof( mock_import_data ) ); @@ -81,6 +99,7 @@ static void mock_teardown( void ) memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); + psa_purge_storage( ); } static psa_status_t mock_generate( psa_drv_se_context_t *drv_context, From 74c932e596e23bf5a8034ce5b80c7b116deb139b Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Fri, 16 Aug 2019 15:24:14 +0100 Subject: [PATCH 8/9] Parametrize key bits in import mock test --- .../test_suite_psa_crypto_se_driver_hal_mocks.data | 12 +++++++++--- ...est_suite_psa_crypto_se_driver_hal_mocks.function | 6 +++++- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index c05b18274c..dba68758fe 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -1,11 +1,17 @@ SE key importing mock test -mock_import:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +mock_import:PSA_SUCCESS:PSA_SUCCESS:0:PSA_SUCCESS + +SE key importing mock test: max key bits +mock_import:PSA_SUCCESS:PSA_SUCCESS:PSA_MAX_KEY_BITS:PSA_SUCCESS + +SE key importing mock test: more than max key bits +mock_import:PSA_SUCCESS:PSA_ERROR_NOT_SUPPORTED:PSA_MAX_KEY_BITS+1:PSA_ERROR_NOT_SUPPORTED SE key importing mock test: alloc failed -mock_import:PSA_ERROR_HARDWARE_FAILURE:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE +mock_import:PSA_ERROR_HARDWARE_FAILURE:PSA_SUCCESS:0:PSA_ERROR_HARDWARE_FAILURE SE key importing mock test: import failed -mock_import:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE +mock_import:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:0:PSA_ERROR_HARDWARE_FAILURE SE key exporting mock test mock_export:PSA_SUCCESS:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 9d73d8f1ac..e3641789fa 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -19,6 +19,7 @@ static struct uint16_t called; psa_key_slot_number_t key_slot; psa_key_attributes_t attributes; + size_t bits; size_t data_length; psa_status_t return_value; } mock_import_data; @@ -130,7 +131,8 @@ static psa_status_t mock_import( psa_drv_se_context_t *drv_context, { (void) drv_context; (void) data; - (void) bits; + + *bits = mock_import_data.bits; mock_import_data.called++; mock_import_data.key_slot = key_slot; @@ -259,6 +261,7 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, /* BEGIN_CASE */ void mock_import( int mock_alloc_return_value, int mock_import_return_value, + int bits, int expected_result ) { psa_drv_se_t driver; @@ -271,6 +274,7 @@ void mock_import( int mock_alloc_return_value, mock_allocate_data.return_value = mock_alloc_return_value; mock_import_data.return_value = mock_import_return_value; + mock_import_data.bits = bits; memset( &driver, 0, sizeof( driver ) ); memset( &key_management, 0, sizeof( key_management ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; From 0892d0fbbf5778d40d9cd1c81ba841d86e19c5c4 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 20 Aug 2019 09:50:14 +0100 Subject: [PATCH 9/9] Initialize key bits to max size + 1 in psa_import_key In psa_import_key, the key bits value was uninitialized before calling the secure element driver import function. There is a potential issue if the driver returns PSA_SUCCESS without setting the key bits. This shouldn't happen, but shouldn't be discounted either, so we initialize the key bits to an invalid issue. --- library/psa_crypto.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6ec2a1c383..93af0d398c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1835,7 +1835,9 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, if( driver != NULL ) { const psa_drv_se_t *drv = psa_get_se_driver_methods( driver ); - size_t bits; + /* The driver should set the number of key bits, however in + * case it doesn't, we initialize bits to an invalid value. */ + size_t bits = PSA_MAX_KEY_BITS + 1; if( drv->key_management == NULL || drv->key_management->p_import == NULL ) {