derive_output tests: add invalid input secret test for HKDF-Expand

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2025-04-10 06:44:28 +00:00 · 2022-05-19 10:28:58 +02:00 · 2022-05-19 10:28:58 +02:00 · fcdd023ba6
commit fcdd023ba6
parent b398d8693f
2 changed files with 10 additions and 2 deletions
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@ -5401,6 +5401,10 @@ PSA key derivation: HKDF-Expand SHA-256, RFC5869 #1, out 42+1 (over capacity)
 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
 derive_output:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":PSA_SUCCESS:0:"":PSA_SUCCESS:0:"":PSA_SUCCESS:"":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"00":0:1:0

+PSA key derivation: HKDF-Expand Invalid secret length
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e500":PSA_ERROR_INVALID_ARGUMENT:0:"":PSA_SUCCESS:0:"":PSA_SUCCESS:0:"":PSA_SUCCESS:"":42:"":"":0:0:0
+
 # Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
 PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0
 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@ -7005,9 +7005,13 @@ void derive_output( int alg_arg,
                switch( key_input_type )
                {
                    case 0: // input bytes
-                        PSA_ASSERT( psa_key_derivation_input_bytes(
+                        TEST_EQUAL( psa_key_derivation_input_bytes(
                                        &operation, steps[i],
-                                        inputs[i]->x, inputs[i]->len ) );
+                                        inputs[i]->x, inputs[i]->len ),
+                                    statuses[i] );
+
+                        if( statuses[i] != PSA_SUCCESS )
+                            goto exit;
                        break;
                    case 1: // input key
                        psa_set_key_usage_flags( &attributes1, PSA_KEY_USAGE_DERIVE );