New test suite for not-supported cases: key creation (import, generate)

To start with, test that key creation fails as intended when the key type is not supported. This commit only covers psa_import_key and psa_generate_key. A follow-up will cover psa_key_derivation_output_key. My primary intent in creating this new test suite is to automatically generate test cases by enumerating the key types and algorithms that the library supports. But this commit only adds a few manually written test cases, to get the ball rolling. Move the relevant test cases of test_suite_psa_crypto.data that only depend on generic knowledge about the API. Keep test cases that depend more closely on the implementation, such as tests of non-supported key sizes, in test_suite_psa_crypto.data. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-11-26 03:05:44 +01:00 · 2021-01-26 21:48:19 +01:00 · 2021-01-26 21:48:19 +01:00 · 069346cdab
commit 069346cdab
parent 8ffb585659
4 changed files with 64 additions and 12 deletions
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@ -146,6 +146,7 @@ add_test_suite(psa_crypto_entropy)
 add_test_suite(psa_crypto_hash)
 add_test_suite(psa_crypto_init)
 add_test_suite(psa_crypto_metadata)
+add_test_suite(psa_crypto_not_supported.misc)
 add_test_suite(psa_crypto_persistent_key)
 add_test_suite(psa_crypto_se_driver_hal)
 add_test_suite(psa_crypto_se_driver_hal_mocks)
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@ -25,12 +25,6 @@ import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
 PSA import: bad usage flag
 import_with_policy:PSA_KEY_TYPE_RAW_DATA:0x40000000:0:PSA_ERROR_INVALID_ARGUMENT

-PSA import: invalid type (0)
-import_with_policy:PSA_KEY_TYPE_NONE:0:0:PSA_ERROR_NOT_SUPPORTED
-
-PSA import: invalid type (PSA_KEY_TYPE_CATEGORY_MASK)
-import_with_policy:PSA_KEY_TYPE_CATEGORY_MASK:0:0:PSA_ERROR_NOT_SUPPORTED
-
 PSA import AES: bad key size
 depends_on:MBEDTLS_AES_C
 import_with_data:"0123456789abcdef":PSA_KEY_TYPE_AES:0:PSA_ERROR_INVALID_ARGUMENT
@ -2809,12 +2803,6 @@ generate_random:MBEDTLS_CTR_DRBG_MAX_REQUEST + 1
 PSA generate random: 2*MBEDTLS_CTR_DRBG_MAX_REQUEST+1 bytes
 generate_random:2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1

-PSA generate key: bad type (0)
-generate_key:PSA_KEY_TYPE_NONE:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED:0
-
-PSA generate key: bad type (PSA_KEY_TYPE_CATEGORY_MASK)
-generate_key:PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED:0
-
 PSA generate key: bad type (RSA public key)
 generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED:0

--- a/tests/suites/test_suite_psa_crypto_not_supported.function
+++ b/tests/suites/test_suite_psa_crypto_not_supported.function
@ -0,0 +1,52 @@
+/* BEGIN_HEADER */
+
+#include "psa/crypto.h"
+#include "test/psa_crypto_helpers.h"
+
+#define INVALID_KEY_ID 0xfedcba98
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void import_not_supported( int key_type, data_t *key_material )
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_id_t key_id = INVALID_KEY_ID;
+
+    PSA_ASSERT( psa_crypto_init( ) );
+    psa_set_key_type( &attributes, key_type );
+    TEST_EQUAL( psa_import_key( &attributes,
+                                key_material->x, key_material->len,
+                                &key_id ),
+                PSA_ERROR_NOT_SUPPORTED );
+    TEST_EQUAL( key_id, 0 );
+
+exit:
+    psa_destroy_key( key_id );
+    PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void generate_not_supported( int key_type, int bits )
+{
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_id_t key_id = INVALID_KEY_ID;
+
+    PSA_ASSERT( psa_crypto_init( ) );
+    psa_set_key_type( &attributes, key_type );
+    psa_set_key_bits( &attributes, bits );
+    TEST_EQUAL( psa_generate_key( &attributes, &key_id ),
+                PSA_ERROR_NOT_SUPPORTED );
+    TEST_EQUAL( key_id, 0 );
+
+exit:
+    psa_destroy_key( key_id );
+    PSA_DONE( );
+}
+/* END_CASE */
--- a/tests/suites/test_suite_psa_crypto_not_supported.misc.data
+++ b/tests/suites/test_suite_psa_crypto_not_supported.misc.data
@ -0,0 +1,11 @@
+PSA import PSA_KEY_TYPE_NONE never supported
+import_not_supported:PSA_KEY_TYPE_NONE:"1234"
+
+PSA generate PSA_KEY_TYPE_NONE never supported
+generate_not_supported:PSA_KEY_TYPE_NONE:16
+
+PSA import PSA_KEY_TYPE_CATEGORY_SYMMETRIC never supported
+import_not_supported:PSA_KEY_TYPE_CATEGORY_SYMMETRIC:"1234"
+
+PSA generate PSA_KEY_TYPE_CATEGORY_SYMMETRIC never supported
+generate_not_supported:PSA_KEY_TYPE_CATEGORY_SYMMETRIC:16