test: add test with persitent key whose length is larger than MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

tf-psa-crypto/tests/suites/test_suite_psa_crypto_storage_format.function

@@ -1,6 +1,7 @@
 /* BEGIN_HEADER */
 
 #include <psa/crypto.h>
+#include <psa_crypto_storage.h>
 
 #include <test/psa_crypto_helpers.h>
 #include <test/psa_exercise_key.h>
@@ -9,6 +10,7 @@
 
 #define TEST_FLAG_EXERCISE              0x00000001
 #define TEST_FLAG_READ_ONLY             0x00000002
+#define TEST_FLAG_OVERSIZED_KEY         0x00000004
 
 /** Write a key with the given attributes and key material to storage.
  * Test that it has the expected representation.
@@ -158,6 +160,12 @@ static int test_read_key(const psa_key_attributes_t *expected_attributes,
     /* Prime the storage with a key file. */
     PSA_ASSERT(psa_its_set(uid, representation->len, representation->x, 0));
 
+    if (flags & TEST_FLAG_OVERSIZED_KEY) {
+        TEST_EQUAL(psa_get_key_attributes(key_id, &actual_attributes), PSA_ERROR_DATA_INVALID);
+        ok = 1;
+        goto exit;
+    }
+
     /* Check that the injected key exists and looks as expected. */
     PSA_ASSERT(psa_get_key_attributes(key_id, &actual_attributes));
     TEST_ASSERT(mbedtls_svc_key_id_equal(key_id,
@@ -281,6 +289,7 @@ void key_storage_read(int lifetime_arg, int type_arg, int bits_arg,
     mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(0, 1);
     psa_storage_uid_t uid = 1;
     psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    uint8_t *custom_key_data = NULL, *custom_storage_data = NULL;
 
     PSA_INIT();
     TEST_USES_KEY_ID(key_id);
@@ -293,6 +302,23 @@ void key_storage_read(int lifetime_arg, int type_arg, int bits_arg,
     psa_set_key_algorithm(&attributes, alg);
     psa_set_key_enrollment_algorithm(&attributes, alg2);
 
+    /* Create a persistent key which is intentionally larger than the specified
+     * bit size. */
+    if (flags & TEST_FLAG_OVERSIZED_KEY) {
+        TEST_CALLOC(custom_key_data, PSA_BITS_TO_BYTES(bits) + 1);
+        memset(custom_key_data, 0xAA, PSA_BITS_TO_BYTES(bits) + 1);
+        material->len = PSA_BITS_TO_BYTES(bits) + 1;
+        material->x = custom_key_data;
+
+        /* 36 bytes are the overhead of psa_persistent_key_storage_format */
+        TEST_CALLOC(custom_storage_data, PSA_BITS_TO_BYTES(bits) + 1 + 36);
+        representation->len = PSA_BITS_TO_BYTES(bits) + 1 + 36;
+        representation->x = custom_storage_data;
+
+        psa_format_key_data_for_storage(custom_key_data, PSA_BITS_TO_BYTES(bits) + 1,
+                                        &attributes, custom_storage_data);
+    }
+
     /* Test that we can use a key with the given representation. This
      * guarantees backward compatibility with keys that were stored by
      * past versions of Mbed TLS. */
@@ -300,6 +326,8 @@ void key_storage_read(int lifetime_arg, int type_arg, int bits_arg,
                               uid, representation, flags));
 
 exit:
+    mbedtls_free(custom_key_data);
+    mbedtls_free(custom_storage_data);
     psa_reset_key_attributes(&attributes);
     PSA_DONE();
 }

tf-psa-crypto/tests/suites/test_suite_psa_crypto_storage_format.misc.data

@@ -9,3 +9,9 @@ key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_
 PSA storage save: AES-GCM+CTR
 depends_on:PSA_WANT_KEY_TYPE_AES
 key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:PSA_ALG_CTR:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800001010000000250050010c00410000000404142434445464748494a4b4c4d4e4f"
+
+# Create a persistent key which is larger than MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE
+# so that when psa_get_key_attributes() tries to load it from the storage it will fail.
+PSA storage read: key larger than MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA:MBEDTLS_PSA_STATIC_KEY_SLOTS
+key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE*8:PSA_KEY_USAGE_EXPORT:PSA_ALG_NONE:PSA_ALG_NONE:"":"":TEST_FLAG_OVERSIZED_KEY