lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Merge pull request #4092 from ronald-cron-arm/psa-crypto-client

Browse Source 
Psa crypto client
This commit is contained in:
Ronald Cron
2021-02-15 10:46:35 +01:00
committed by GitHub
parent 7339335c7d 07907ae84e
commit 5cd00d28bf
17 changed files with 292 additions and 198 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tests/CMakeLists.txt
View File

@ -141,6 +141,7 @@ add_test_suite(pkparse)
add_test_suite(pkwrite)
add_test_suite(poly1305)
add_test_suite(psa_crypto)
add_test_suite(psa_crypto_attributes)
add_test_suite(psa_crypto_entropy)
add_test_suite(psa_crypto_hash)
add_test_suite(psa_crypto_init)

11
tests/scripts/all.sh
View File

@ -798,6 +798,17 @@ component_test_psa_crypto_key_id_encodes_owner () {
make test
}
component_test_psa_crypto_client () {
msg "build: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make"
scripts/config.py unset MBEDTLS_PSA_CRYPTO_C
scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
scripts/config.py set MBEDTLS_PSA_CRYPTO_CLIENT
make
msg "test: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make"
make test
}
component_test_zlib_make() {
msg "build: zlib enabled, make"
scripts/config.py set MBEDTLS_ZLIB_SUPPORT

27
tests/suites/test_suite_psa_crypto.data
View File

@ -1,33 +1,6 @@
PSA compile-time sanity checks
static_checks:
PSA key attributes structure
attributes_set_get:0xffff1234:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128
PSA key attributes: id only
persistence_attributes:0x1234:0x5678:-1:-1:0:0x1234:0x5678:PSA_KEY_LIFETIME_PERSISTENT
PSA key attributes: lifetime=3 only
persistence_attributes:-1:0:3:-1:0:0:0:3
PSA key attributes: id then back to volatile
persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_VOLATILE:-1:0:0:0x5678:PSA_KEY_LIFETIME_VOLATILE
PSA key attributes: id then back to non local volatile
persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1):-1:0:0:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1)
PSA key attributes: id then lifetime
persistence_attributes:0x1234:0x5678:3:-1:0:0x1234:0x5678:3
PSA key attributes: lifetime then id
persistence_attributes:0x1234:0x5678:3:0x1235:0x5679:0x1235:0x5679:3
PSA key attributes: non local volatile lifetime then id
persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,3):0x1235:0x5679:0x1235:0x5679:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_PERSISTENT,3)
PSA key attributes: slot number
slot_number_attribute:
PSA import/export raw: 1 bytes
import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:0:PSA_SUCCESS:1

121
tests/suites/test_suite_psa_crypto.function
View File

@ -1363,127 +1363,6 @@ void static_checks( )
}
/* END_CASE */
/* BEGIN_CASE */
void attributes_set_get( int owner_id_arg, int id_arg, int lifetime_arg,
int usage_flags_arg, int alg_arg,
int type_arg, int bits_arg )
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
psa_key_lifetime_t lifetime = lifetime_arg;
psa_key_usage_t usage_flags = usage_flags_arg;
psa_algorithm_t alg = alg_arg;
psa_key_type_t type = type_arg;
size_t bits = bits_arg;
TEST_EQUAL(
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
TEST_EQUAL(
MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
psa_set_key_id( &attributes, id );
psa_set_key_lifetime( &attributes, lifetime );
psa_set_key_usage_flags( &attributes, usage_flags );
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, type );
psa_set_key_bits( &attributes, bits );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), id ) );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
psa_reset_key_attributes( &attributes );
TEST_EQUAL(
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
TEST_EQUAL(
MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
}
/* END_CASE */
/* BEGIN_CASE */
void persistence_attributes( int id1_arg, int owner_id1_arg, int lifetime_arg,
int id2_arg, int owner_id2_arg,
int expected_id_arg, int expected_owner_id_arg,
int expected_lifetime_arg )
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
mbedtls_svc_key_id_t id1 =
mbedtls_svc_key_id_make( owner_id1_arg, id1_arg );
psa_key_lifetime_t lifetime = lifetime_arg;
mbedtls_svc_key_id_t id2 =
mbedtls_svc_key_id_make( owner_id2_arg, id2_arg );
mbedtls_svc_key_id_t expected_id =
mbedtls_svc_key_id_make( expected_owner_id_arg, expected_id_arg );
psa_key_lifetime_t expected_lifetime = expected_lifetime_arg;
if( id1_arg != -1 )
psa_set_key_id( &attributes, id1 );
if( lifetime_arg != -1 )
psa_set_key_lifetime( &attributes, lifetime );
if( id2_arg != -1 )
psa_set_key_id( &attributes, id2 );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), expected_id ) );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), expected_lifetime );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_SE_C */
void slot_number_attribute( )
{
psa_key_slot_number_t slot_number = 0xdeadbeef;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
/* Initially, there is no slot number. */
TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
PSA_ERROR_INVALID_ARGUMENT );
/* Test setting a slot number. */
psa_set_key_slot_number( &attributes, 0 );
PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
TEST_EQUAL( slot_number, 0 );
/* Test changing the slot number. */
psa_set_key_slot_number( &attributes, 42 );
PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
TEST_EQUAL( slot_number, 42 );
/* Test clearing the slot number. */
psa_clear_key_slot_number( &attributes );
TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
PSA_ERROR_INVALID_ARGUMENT );
/* Clearing again should have no effect. */
psa_clear_key_slot_number( &attributes );
TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
PSA_ERROR_INVALID_ARGUMENT );
/* Test that reset clears the slot number. */
psa_set_key_slot_number( &attributes, 42 );
PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
TEST_EQUAL( slot_number, 42 );
psa_reset_key_attributes( &attributes );
TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
PSA_ERROR_INVALID_ARGUMENT );
}
/* END_CASE */
/* BEGIN_CASE */
void import_with_policy( int type_arg,
int usage_arg, int alg_arg,

26
tests/suites/test_suite_psa_crypto_attributes.data Normal file
View File

@ -0,0 +1,26 @@
PSA key attributes structure
attributes_set_get:0xffff1234:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128
PSA key attributes: id only
persistence_attributes:0x1234:0x5678:-1:-1:0:0x1234:0x5678:PSA_KEY_LIFETIME_PERSISTENT
PSA key attributes: lifetime=3 only
persistence_attributes:-1:0:3:-1:0:0:0:3
PSA key attributes: id then back to volatile
persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_VOLATILE:-1:0:0:0x5678:PSA_KEY_LIFETIME_VOLATILE
PSA key attributes: id then back to non local volatile
persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1):-1:0:0:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1)
PSA key attributes: id then lifetime
persistence_attributes:0x1234:0x5678:3:-1:0:0x1234:0x5678:3
PSA key attributes: lifetime then id
persistence_attributes:0x1234:0x5678:3:0x1235:0x5679:0x1235:0x5679:3
PSA key attributes: non local volatile lifetime then id
persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,3):0x1235:0x5679:0x1235:0x5679:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_PERSISTENT,3)
PSA key attributes: slot number
slot_number_attribute:

129
tests/suites/test_suite_psa_crypto_attributes.function Normal file
View File

@ -0,0 +1,129 @@
/* BEGIN_HEADER */
#include "psa/crypto.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_PSA_CRYPTO_CLIENT
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void attributes_set_get( int owner_id_arg, int id_arg, int lifetime_arg,
int usage_flags_arg, int alg_arg,
int type_arg, int bits_arg )
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
psa_key_lifetime_t lifetime = lifetime_arg;
psa_key_usage_t usage_flags = usage_flags_arg;
psa_algorithm_t alg = alg_arg;
psa_key_type_t type = type_arg;
size_t bits = bits_arg;
TEST_EQUAL(
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
TEST_EQUAL(
MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
psa_set_key_id( &attributes, id );
psa_set_key_lifetime( &attributes, lifetime );
psa_set_key_usage_flags( &attributes, usage_flags );
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, type );
psa_set_key_bits( &attributes, bits );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), id ) );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
psa_reset_key_attributes( &attributes );
TEST_EQUAL(
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
TEST_EQUAL(
MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
}
/* END_CASE */
/* BEGIN_CASE */
void persistence_attributes( int id1_arg, int owner_id1_arg, int lifetime_arg,
int id2_arg, int owner_id2_arg,
int expected_id_arg, int expected_owner_id_arg,
int expected_lifetime_arg )
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
mbedtls_svc_key_id_t id1 =
mbedtls_svc_key_id_make( owner_id1_arg, id1_arg );
psa_key_lifetime_t lifetime = lifetime_arg;
mbedtls_svc_key_id_t id2 =
mbedtls_svc_key_id_make( owner_id2_arg, id2_arg );
mbedtls_svc_key_id_t expected_id =
mbedtls_svc_key_id_make( expected_owner_id_arg, expected_id_arg );
psa_key_lifetime_t expected_lifetime = expected_lifetime_arg;
if( id1_arg != -1 )
psa_set_key_id( &attributes, id1 );
if( lifetime_arg != -1 )
psa_set_key_lifetime( &attributes, lifetime );
if( id2_arg != -1 )
psa_set_key_id( &attributes, id2 );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), expected_id ) );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), expected_lifetime );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_SE_C */
void slot_number_attribute( )
{
psa_key_slot_number_t slot_number = 0xdeadbeef;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
/* Initially, there is no slot number. */
TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
PSA_ERROR_INVALID_ARGUMENT );
/* Test setting a slot number. */
psa_set_key_slot_number( &attributes, 0 );
PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
TEST_EQUAL( slot_number, 0 );
/* Test changing the slot number. */
psa_set_key_slot_number( &attributes, 42 );
PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
TEST_EQUAL( slot_number, 42 );
/* Test clearing the slot number. */
psa_clear_key_slot_number( &attributes );
TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
PSA_ERROR_INVALID_ARGUMENT );
/* Clearing again should have no effect. */
psa_clear_key_slot_number( &attributes );
TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
PSA_ERROR_INVALID_ARGUMENT );
/* Test that reset clears the slot number. */
psa_set_key_slot_number( &attributes, 42 );
PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) );
TEST_EQUAL( slot_number, 42 );
psa_reset_key_attributes( &attributes );
TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ),
PSA_ERROR_INVALID_ARGUMENT );
}
/* END_CASE */

2
tests/suites/test_suite_psa_crypto_metadata.function
View File

@ -184,7 +184,7 @@ exit: ;
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_PSA_CRYPTO_C
* depends_on:MBEDTLS_PSA_CRYPTO_CLIENT
* END_DEPENDENCIES
*/