72 Commits

Author SHA1 Message Date
Valerio Setti
8473390bbb tests: fix guards in test suites to allow testing with PSASIM
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-07-02 15:45:55 +02:00
Ryan Everett
6de38ac91c Add missing PSA_ASSERT in mbedtls_test_psa_raw_key_agreement_with_self
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-14 17:50:39 +00:00
Ryan Everett
fbf815d9cb Add key_destroyable parameter to key export smoke tests
These are only called from mbedtls_test_psa_exercise_key

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-13 14:31:11 +00:00
Ryan Everett
73e4ea37f4 Add key_destroyable parameter to non-raw key agreement smoke tests
All current usages have this parameter set to 0 (this means the tests are unchanged).
Remove the GENERIC_ERROR return behaviour, in favour of returning the actual status.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-13 14:31:11 +00:00
Ryan Everett
8163028fbd Add key_destroyable parameter to raw key agreement smoke tests
All current usages have this parameter set to 0 (meaning the behaviour
of these tests hasn't changed). We also now return the actual error code, not GENERIC_ERROR

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-12 17:01:09 +00:00
Ryan Everett
c1cc6686f0 Add key_destroyable parameter to key derivation smoke tests
All current usages have this parameter set to 0 (in this case the behaviour of
the test is unchanged)

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-12 17:01:09 +00:00
Ryan Everett
d48fc102d3 Add key_destroyable parameter to exercise_asymmetric_encryption_key
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-12 17:01:09 +00:00
Ryan Everett
6edd40819e Add key_destroyable parameter to exercise_signature_key
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-12 17:01:09 +00:00
Ryan Everett
fbe703de2a Add key_destroyable parameter to exercise_aead_key
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-12 17:01:09 +00:00
Ryan Everett
70691f3082 Add key_destroyable parameter to psa_exercise_cipher_key
If the key has been destroyed (and the new parameter is 1), we test that
psa_cipher_abort succeeds in this scenario.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-12 17:01:09 +00:00
Ryan Everett
7763550884 Add key_destroyable parameter to exercise_mac_key
If the key has been destroyed (and the new parameter is 1) then we test that
psa_mac_abort succeeds in this scenario.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-12 17:01:09 +00:00
Ryan Everett
f08a93fbe5 Add key_destroyable parameter to check_key_attributes_sanity
This function is currently only used in the exercise_key smoke test.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-12 17:01:09 +00:00
Ryan Everett
0a271fde76 Add key_destroyable parameter to mbedtls_test_psa_exercise_key
This will allow us to use this smoke test to ensure that key slot content reads are
only performed when we are registered to read a full slot. We will destroy the key
on another thread while the key is being exercised, and fail the test if an unexpected
error code is hit. Future commits will incrementally implement this new parameter.

All current usages of this function have this parameter set to 0, in which case
the new behaviour must be the same as the old behaviour

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-12 17:01:09 +00:00
Gilles Peskine
6fe8a06f7e New test helper: mbedtls_test_key_consistency_psa_pk
Test that a PK key and a PSA key are consistent, i.e. that they have the
same type (or are a key pair and the corresponding public key) and that
they have the same public key.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-15 17:21:17 +01:00
Gilles Peskine
f50cd59b51 Fix encrypt/decrypt confusion
The values are the same for all supported mechanisms (RSA-based), so no
semantic change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-15 13:13:26 +01:00
Gilles Peskine
34955677e5 Don't exercise if the algorithm is not supported
Parsing a key and importing it into PSA may result in a policy that
specifies an algorithm that is not included in the build. This happens if
the key type is supported, but not the algorithm, e.g. in a build with
MBEDTLS_ECP_C but not MBEDTLS_ECDSA_C.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-12 19:31:55 +01:00
Gilles Peskine
fdb809ef86 exercise_key: fix asymmetric encrypt/decrypt with >2028-bit RSA
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-12 17:31:03 +01:00
Gilles Peskine
4781bd9773 exercise_key: allow SIGN_MESSAGE/VERIFY_MESSAGE with PSA_ALG_ANY_HASH
There was already code to instantiate the wildcard for sign/verify-hash.
Make that work with sign/verify-message as well.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-12 17:30:27 +01:00
Kusumit Ghoderao
2c4264bd41 Add hkdf_extract, hkdf_expand and ecjpake_to_pms cases
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2024-01-10 21:49:09 +05:30
Dave Rodgman
16799db69a update headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Kusumit Ghoderao
94d319065a Set input cost as 1 for psa_key_exercise test
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-09-05 19:30:22 +05:30
Kusumit Ghoderao
ac7a04ac15 Move parse_binary_string function to psa_crypto_helpers
Add test code for pbkdf2 in psa_exercise_key

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-08-18 22:04:16 +05:30
Tom Cosgrove
e7700a7d0a
Merge pull request from AgathiyanB/assert-false-macro
Add TEST_FAIL macro for tests
2023-08-10 15:01:34 +00:00
Tom Cosgrove
05b2a87ea0 For tests, rename TEST_CALLOC_OR_FAIL() to just TEST_CALLOC()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-21 11:32:25 +01:00
Tom Cosgrove
f9ffd11e7a For tests, rename ASSERT_ALLOC() to TEST_CALLOC_OR_FAIL()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-20 16:51:21 +01:00
Agathiyan Bragadeesh
dc28a5a105 Rename ASSERT_FALSE to TEST_FAIL
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-18 11:45:28 +01:00
Agathiyan Bragadeesh
ebb40bc336 Add ASSERT_FALSE macro for tests
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-18 11:38:04 +01:00
Gilles Peskine
36ad151b20
Merge pull request from oberon-microsystems/fix-test-sign-hash-check-for-pure-eddsa
Fix test conditions because PURE_EDDSA does not support sign_hash
2023-05-25 18:59:40 +02:00
Fredrik Hesse
cc207bc379 Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments.
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
2023-05-12 14:59:01 +01:00
Przemek Stekiel
4c0da51ee7 mbedtls_test_psa_exported_key_sanity_check: check for length equality for DH keys
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-27 13:04:20 +02:00
Przemek Stekiel
654bef0be0 Fix typos, comments, style, optimize macros
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-26 09:07:20 +02:00
Przemek Stekiel
7cf26dfca3 Add sanity check for FFDH key excercise
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-26 09:07:20 +02:00
Valerio Setti
2dbc3066c7 test: remove useless ECP_LIGHT guard in psa_exercise_key
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-17 12:03:48 +02:00
Valerio Setti
d49cbc1493 test: fix remaining failures in test due to the ECP_LIGHT symbol
Changes in test_suite_psa_crypto are to enforce the dependency
on ECP_C which is mandatory for some key's derivation.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 11:33:50 +02:00
Stephan Koch
6eb73113b1 Fix codestyle with uncrustify.
Signed-off-by: Stephan Koch <koch@oberon.ch>
2023-03-03 17:48:40 +01:00
oberon-sk
f7a824b961 Add check, if the algorithm supports psa_sign_hash() before running the test.
Signed-off-by: Stephan Koch <koch@oberon.ch>
2023-02-17 11:26:51 +01:00
oberon-sk
6d50173d9c Handle Edwards curves similar to Montgomery curves wrt key export length.
Signed-off-by: Stephan Koch <koch@oberon.ch>
2023-02-17 11:19:20 +01:00
Gilles Peskine
449bd8303e Switch to the new code style
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-11 14:50:10 +01:00
Przemek Stekiel
8258ea7b7d test_suite_psa_crypto: adapt dependenies and guards so the test can run in the driver-only build
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-19 13:20:20 +02:00
Gabor Mezei
dc3f3bb8b1
Initilize variable
Coverity scan detected a problem of an uinitilized variable.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-07-01 15:06:34 +02:00
Gilles Peskine
36aeb7f163
Merge pull request from mprse/HKDF_1
HKDF 1: PSA: implement HKDF_Expand and HKDF_Extract algorithms
2022-06-20 15:27:46 +02:00
Przemek Stekiel
6c9fd61565 exercise_key_agreement_key: add special handling for HKDF_EXPAND
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-14 14:41:42 +02:00
Przemek Stekiel
d898745f70 exercise_key_agreement_key: provide SALT for HKDF_EXTRACT
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-14 11:41:52 +02:00
Shaun Case
8b0ecbccf4 Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.
Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 21:25:51 +01:00
Gilles Peskine
b29d814169 Use MAX_SIZE macros instead of hard-coding IV/nonce max size
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-21 11:33:17 +02:00
Gilles Peskine
5eef11af2c Remove redundant initialization of iv_length
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-21 11:33:11 +02:00
Gilles Peskine
f96e977584 No need to recalculate iv_length
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
aa3449dd22 exercise_key: support combined key agreement+derivation algorithms
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
d586b82e12 exercise_key: signature: detect function/algorithm incompatibility
Don't try to use {sign,verify}_message on algorithms that only support
{sign_verify}_hash. Normally exercise_key() tries all usage that is
supported by policy, however PSA_KEY_USAGE_{SIGN,VERIFY}_MESSAGE is implied
by PSA_KEY_USAGE_{SIGN,VERIFY}_HASH so it's impossible for the test data to
omit the _MESSAGE policies with hash-only algorithms.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
7acb1980ee Use PSA_AEAD_NONCE_LENGTH when exercising AEAD keys
Don't re-code the logic to determine a valid nonce length.

This fixes exercise_key() for PSA_ALG_CHACHA20_POLY1305, which was trying to
use a 16-byte nonce.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00