yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-26 20:05:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add mock and negative testing to cipher driver

Browse Source 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
Steven Cooreman 2020-09-10 18:07:57 +02:00
parent a07b9970c6
commit 89e54f2edc
3 changed files with 222 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
tests/src/drivers/cipher.c
View File

@ -296,6 +296,8 @@ psa_status_t test_transparent_cipher_decrypt_setup(
psa_status_t test_transparent_cipher_abort(
test_transparent_cipher_operation_t *operation)
{
test_driver_cipher_hooks.hits++;
if( operation->alg == 0 )
return( PSA_SUCCESS );
if( operation->alg != PSA_ALG_CTR )
@ -309,7 +311,6 @@ psa_status_t test_transparent_cipher_abort(
* struct. */
memset( operation, 0, sizeof( *operation ) );
test_driver_cipher_hooks.hits++;
return( PSA_SUCCESS );
}
@ -325,6 +326,9 @@ psa_status_t test_transparent_cipher_generate_iv(
test_driver_cipher_hooks.hits++;
if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( test_driver_cipher_hooks.forced_status );
if( operation->alg != PSA_ALG_CTR )
return( PSA_ERROR_BAD_STATE );
@ -356,6 +360,9 @@ psa_status_t test_transparent_cipher_set_iv(
test_driver_cipher_hooks.hits++;
if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( test_driver_cipher_hooks.forced_status );
if( operation->alg != PSA_ALG_CTR )
return( PSA_ERROR_BAD_STATE );
@ -386,6 +393,9 @@ psa_status_t test_transparent_cipher_update(
test_driver_cipher_hooks.hits++;
if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( test_driver_cipher_hooks.forced_status );
if( operation->alg != PSA_ALG_CTR )
return( PSA_ERROR_BAD_STATE );
@ -425,6 +435,9 @@ psa_status_t test_transparent_cipher_finish(
test_driver_cipher_hooks.hits++;
if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( test_driver_cipher_hooks.forced_status );
if( operation->alg != PSA_ALG_CTR )
return( PSA_ERROR_BAD_STATE );

39
tests/suites/test_suite_psa_crypto_driver_wrappers.data
View File

@ -42,27 +42,51 @@ generate_key:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR
PSA symmetric encrypt: AES-CTR, 16 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS:PSA_SUCCESS
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encrypt: AES-CTR, 15 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS:PSA_SUCCESS
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encrypt: AES-CTR, 16 bytes, fallback
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA symmetric encrypt: AES-CTR, 15 bytes, fallback
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA symmetric encrypt: AES-CTR, 16 bytes, fallback w/ fake
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":1:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA symmetric encrypt: AES-CTR, 15 bytes, fallback w/ fake
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":1:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA symmetric encrypt: AES-CTR, 16 bytes, fake
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encrypt: AES-CTR, 15 bytes, fake
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decrypt: AES-CTR, 16 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS:PSA_SUCCESS
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decrypt: AES-CTR, 16 bytes, fallback
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA symmetric decrypt: AES-CTR, 16 bytes, fallback w/ fake
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":1:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA symmetric decrypt: AES-CTR, 16 bytes, fake
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
@ -135,3 +159,6 @@ cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf715880
PSA symmetric decryption multipart: AES-CTR, 16+0 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
Cipher driver: negative testing on all entry points
cipher_entry_points:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a"

175
tests/suites/test_suite_psa_crypto_driver_wrappers.function
View File

@ -188,6 +188,7 @@ exit:
void cipher_encrypt( int alg_arg, int key_type_arg,
data_t *key, data_t *iv,
data_t *input, data_t *expected_output,
int mock_output_arg,
int force_status_arg,
int expected_status_arg )
{
@ -227,6 +228,12 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
if( mock_output_arg )
{
test_driver_cipher_hooks.forced_output = expected_output->x;
test_driver_cipher_hooks.forced_output_length = expected_output->len;
}
PSA_ASSERT( psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
@ -234,6 +241,12 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
test_driver_cipher_hooks.hits = 0;
if( mock_output_arg )
{
test_driver_cipher_hooks.forced_output = NULL;
test_driver_cipher_hooks.forced_output_length = 0;
}
total_output_length += function_output_length;
status = psa_cipher_finish( &operation,
output + total_output_length,
@ -441,6 +454,7 @@ exit:
void cipher_decrypt( int alg_arg, int key_type_arg,
data_t *key, data_t *iv,
data_t *input, data_t *expected_output,
int mock_output_arg,
int force_status_arg,
int expected_status_arg )
{
@ -480,6 +494,12 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
if( mock_output_arg )
{
test_driver_cipher_hooks.forced_output = expected_output->x;
test_driver_cipher_hooks.forced_output_length = expected_output->len;
}
PSA_ASSERT( psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
@ -487,6 +507,12 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
test_driver_cipher_hooks.hits = 0;
if( mock_output_arg )
{
test_driver_cipher_hooks.forced_output = NULL;
test_driver_cipher_hooks.forced_output_length = 0;
}
total_output_length += function_output_length;
status = psa_cipher_finish( &operation,
output + total_output_length,
@ -515,3 +541,152 @@ exit:
test_driver_cipher_hooks = test_driver_cipher_hooks_init();
}
/* END_CASE */
/* BEGIN_CASE */
void cipher_entry_points( int alg_arg, int key_type_arg,
data_t *key, data_t *iv,
data_t *input )
{
psa_key_handle_t handle = 0;
psa_status_t status;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
size_t function_output_length = 0;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
test_driver_cipher_hooks = test_driver_cipher_hooks_init();
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
/* Test setup call, encrypt */
test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_encrypt_setup( &operation,
handle, alg );
/* When setup fails, it shouldn't call any further entry points */
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
/* Test setup call failure, decrypt */
status = psa_cipher_decrypt_setup( &operation,
handle, alg );
/* When setup fails, it shouldn't call any further entry points */
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
/* Test IV setting failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation,
handle, alg );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
/* When setting the IV fails, it should call abort too */
TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
psa_cipher_abort( &operation );
test_driver_cipher_hooks.hits = 0;
/* Test IV generation failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation,
handle, alg );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
ASSERT_ALLOC( output, 16 );
status = psa_cipher_generate_iv( &operation, output, 16, &output_buffer_size );
/* When setting the IV fails, it should call abort too */
TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
mbedtls_free( output );
output = NULL;
psa_cipher_abort( &operation );
test_driver_cipher_hooks.hits = 0;
/* Test update failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation,
handle, alg );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
ASSERT_ALLOC( output, input->len + 16 );
output_buffer_size = input->len + 16;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
/* When the update call fails, it should call abort too */
TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
mbedtls_free( output );
output = NULL;
psa_cipher_abort( &operation );
test_driver_cipher_hooks.hits = 0;
/* Test finish failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
status = psa_cipher_encrypt_setup( &operation,
handle, alg );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
status = psa_cipher_set_iv( &operation, iv->x, iv->len );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
ASSERT_ALLOC( output, input->len + 16 );
output_buffer_size = input->len + 16;
status = psa_cipher_update( &operation,
input->x, input->len,
output, output_buffer_size,
&function_output_length );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
status = psa_cipher_finish( &operation,
output + function_output_length,
output_buffer_size - function_output_length,
&function_output_length );
/* When the finish call fails, it should call abort too */
TEST_EQUAL( test_driver_cipher_hooks.hits, 2 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
mbedtls_free( output );
output = NULL;
psa_cipher_abort( &operation );
test_driver_cipher_hooks.hits = 0;
exit:
psa_cipher_abort( &operation );
mbedtls_free( output );
psa_destroy_key( handle );
PSA_DONE( );
test_driver_cipher_hooks = test_driver_cipher_hooks_init();
}
/* END_CASE */