lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity

test: add test with persitent key whose length is larger than MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE

Browse Source 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti
2024-08-14 09:16:23 +02:00
parent 2a3c9b347c
commit c975d5e602
2 changed files with 36 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
tf-psa-crypto/tests/suites/test_suite_psa_crypto_storage_format.function
View File

@@ -1,6 +1,7 @@
/* BEGIN_HEADER */ /* BEGIN_HEADER */
#include <psa/crypto.h> #include <psa/crypto.h>
#include <psa_crypto_storage.h>
#include <test/psa_crypto_helpers.h> #include <test/psa_crypto_helpers.h>
#include <test/psa_exercise_key.h> #include <test/psa_exercise_key.h>
@@ -9,6 +10,7 @@
#define TEST_FLAG_EXERCISE 0x00000001 #define TEST_FLAG_EXERCISE 0x00000001
#define TEST_FLAG_READ_ONLY 0x00000002 #define TEST_FLAG_READ_ONLY 0x00000002
#define TEST_FLAG_OVERSIZED_KEY 0x00000004
/** Write a key with the given attributes and key material to storage. /** Write a key with the given attributes and key material to storage.
* Test that it has the expected representation. * Test that it has the expected representation.
@@ -158,6 +160,12 @@ static int test_read_key(const psa_key_attributes_t *expected_attributes,
/* Prime the storage with a key file. */ /* Prime the storage with a key file. */
PSA_ASSERT(psa_its_set(uid, representation->len, representation->x, 0)); PSA_ASSERT(psa_its_set(uid, representation->len, representation->x, 0));
if (flags & TEST_FLAG_OVERSIZED_KEY) {
TEST_EQUAL(psa_get_key_attributes(key_id, &actual_attributes), PSA_ERROR_DATA_INVALID);
ok = 1;
goto exit;
}
/* Check that the injected key exists and looks as expected. */ /* Check that the injected key exists and looks as expected. */
PSA_ASSERT(psa_get_key_attributes(key_id, &actual_attributes)); PSA_ASSERT(psa_get_key_attributes(key_id, &actual_attributes));
TEST_ASSERT(mbedtls_svc_key_id_equal(key_id, TEST_ASSERT(mbedtls_svc_key_id_equal(key_id,
@@ -281,6 +289,7 @@ void key_storage_read(int lifetime_arg, int type_arg, int bits_arg,
mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(0, 1); mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(0, 1);
psa_storage_uid_t uid = 1; psa_storage_uid_t uid = 1;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t *custom_key_data = NULL, *custom_storage_data = NULL;
PSA_INIT(); PSA_INIT();
TEST_USES_KEY_ID(key_id); TEST_USES_KEY_ID(key_id);
@@ -293,6 +302,23 @@ void key_storage_read(int lifetime_arg, int type_arg, int bits_arg,
psa_set_key_algorithm(&attributes, alg); psa_set_key_algorithm(&attributes, alg);
psa_set_key_enrollment_algorithm(&attributes, alg2); psa_set_key_enrollment_algorithm(&attributes, alg2);
/* Create a persistent key which is intentionally larger than the specified
* bit size. */
if (flags & TEST_FLAG_OVERSIZED_KEY) {
TEST_CALLOC(custom_key_data, PSA_BITS_TO_BYTES(bits) + 1);
memset(custom_key_data, 0xAA, PSA_BITS_TO_BYTES(bits) + 1);
material->len = PSA_BITS_TO_BYTES(bits) + 1;
material->x = custom_key_data;
/* 36 bytes are the overhead of psa_persistent_key_storage_format */
TEST_CALLOC(custom_storage_data, PSA_BITS_TO_BYTES(bits) + 1 + 36);
representation->len = PSA_BITS_TO_BYTES(bits) + 1 + 36;
representation->x = custom_storage_data;
psa_format_key_data_for_storage(custom_key_data, PSA_BITS_TO_BYTES(bits) + 1,
&attributes, custom_storage_data);
}
/* Test that we can use a key with the given representation. This /* Test that we can use a key with the given representation. This
* guarantees backward compatibility with keys that were stored by * guarantees backward compatibility with keys that were stored by
* past versions of Mbed TLS. */ * past versions of Mbed TLS. */
@@ -300,6 +326,8 @@ void key_storage_read(int lifetime_arg, int type_arg, int bits_arg,
uid, representation, flags)); uid, representation, flags));
exit: exit:
mbedtls_free(custom_key_data);
mbedtls_free(custom_storage_data);
psa_reset_key_attributes(&attributes); psa_reset_key_attributes(&attributes);
PSA_DONE(); PSA_DONE();
} }

6
tf-psa-crypto/tests/suites/test_suite_psa_crypto_storage_format.misc.data
View File

@@ -9,3 +9,9 @@ key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_
PSA storage save: AES-GCM+CTR PSA storage save: AES-GCM+CTR
depends_on:PSA_WANT_KEY_TYPE_AES depends_on:PSA_WANT_KEY_TYPE_AES
key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:PSA_ALG_CTR:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800001010000000250050010c00410000000404142434445464748494a4b4c4d4e4f" key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:PSA_ALG_CTR:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800001010000000250050010c00410000000404142434445464748494a4b4c4d4e4f"
# Create a persistent key which is larger than MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE
# so that when psa_get_key_attributes() tries to load it from the storage it will fail.
PSA storage read: key larger than MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA:MBEDTLS_PSA_STATIC_KEY_SLOTS
key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE*8:PSA_KEY_USAGE_EXPORT:PSA_ALG_NONE:PSA_ALG_NONE:"":"":TEST_FLAG_OVERSIZED_KEY