Call the output size macros specifically with asymmetric keys, which
would cause a crash (and thus test fail) should this fix get regressed.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Tests for psa_cipher_encrypt and psa_cipher_decrypt functions.
The psa_cipher_encrypt function takes no parameter for IV and always generates
it therefore there will be a randomness in the calculation and cannot be
validated by comparing the actual output with the expected output.
The function is tested by:
- doing a prtially randomized test with an encryption then a decryption
and validating the input with output of the decryption
- validating against the multipart encryption
The combination of this two methods provides enough coverage like a
known answer test.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Various functions for PSA hash operations call abort
on failure; test that this is done. The PSA spec does not require
this behaviour, but it makes our implementation more robust in
case the user does not abort the operation as required by the
PSA spec.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Various functions for PSA cipher and mac operations call abort
on failure; test that this is done. The PSA spec does not require
this behaviour, but it makes our implementation more robust in
case the user does not abort the operation as required by the
PSA spec.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
The cipher_bad_order test happened to pass, but was not testing the
failure case it intended to test.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Ensure finish only called when encrypting and verify only called for
decrypting, and add tests to ensure this.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Tests for psa_mac_compute and psa_mac_verify functions.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add HKDF tests where the sequence of inputs differs from the nominal
case: missing step, duplicate step, step out of order, or invalid step.
There were already similar tests for TLS 1.2 PRF. Add one with a key
agreement which has slightly different code.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
All tests should have an abort call in case of test failure to make sure
everything is cleaned up. Also removed unused define.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Some tests cause a zero length input or output, which can mean the
allocated test output buffers can be zero length. Protect against
calling memcpy blindly in these situations.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
The reference output data was created with cryptodome for RSA algorithms and
python-ecdsa for ECDSA algorithms.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Modify function and test case names that testing psa_sign_hash and
psa_verify_hash funtions to be less confusing with the newly introduced
function and test case names which tests psa_sign_message and
psa_verify_message functions.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Add negative tests checking that psa_copy_key()
returns PSA_ERROR_INVALID_ARGUMENT when passed in
an invalid key identifier or key lifetime for the
target key.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
