Add Tests for psa crypto entropy incjection

tests/CMakeLists.txt

@@ -111,6 +111,7 @@ add_test_suite(pkparse)
 add_test_suite(pkwrite)
 add_test_suite(poly1305)
 add_test_suite(psa_crypto)
+add_test_suite(psa_crypto_entropy)
 add_test_suite(psa_crypto_hash)
 add_test_suite(psa_crypto_metadata)
 add_test_suite(psa_crypto_persistent_key)

tests/suites/test_suite_psa_crypto_entropy.data

@@ -0,0 +1,14 @@
+PSA validate entropy injection: good, minimum size
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_ERROR_NOT_PERMITTED
+
+PSA validate entropy injection: good, max size
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED
+
+PSA validate entropy injection: bad, too big
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
+
+PSA validate entropy injection: bad, too small
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
+
+PSA validate entropy injection: before and after crypto_init
+run_entropy_inject_with_crypto_init:

tests/suites/test_suite_psa_crypto_entropy.function

@@ -0,0 +1,88 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+#include "psa/crypto.h"
+#include "psa_prot_internal_storage.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_HAS_ITS_IO:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void validate_entropy_seed_injection( int seed_length_a,
+                                      int expected_status_a,
+                                      int seed_length_b,
+                                      int expected_status_b )
+{
+    psa_its_status_t its_status;
+    psa_status_t status;
+    uint8_t output[32] = { 0 };
+    uint8_t zeros[32] = { 0 };
+    uint8_t *seed = NULL;
+    int i;
+    int seed_size;
+    if( seed_length_a > seed_length_b)
+    {
+        seed_size = seed_length_a;
+    }
+    else
+    {
+        seed_size = seed_length_b;
+    }
+    ASSERT_ALLOC( seed, seed_size );
+    /* fill seed in some data */
+    for( i = 0; i < seed_size; ++i)
+    {
+        seed[i] = i;
+    }
+    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
+    status = mbedtls_psa_inject_entropy( seed, seed_length_a );
+    TEST_ASSERT( status == expected_status_a );
+    status = mbedtls_psa_inject_entropy( seed, seed_length_b );
+    TEST_ASSERT( status == expected_status_b );
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generate_random( output, sizeof( output ) ) == PSA_SUCCESS );
+    TEST_ASSERT( memcmp( output , zeros, sizeof( output ) ) != 0 );
+exit:
+    mbedtls_free( seed );
+    psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void run_entropy_inject_with_crypto_init( )
+{
+    psa_its_status_t its_status;
+    psa_status_t status;
+    int i;
+    uint8_t seed[MBEDTLS_ENTROPY_MIN_PLATFORM] = {0};
+    /* fill seed in some data */
+    for( i = 0; i < MBEDTLS_ENTROPY_MIN_PLATFORM; ++i)
+    {
+        seed[i] = i;
+    }
+    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    TEST_ASSERT( status == PSA_SUCCESS );
+    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+    mbedtls_psa_crypto_free( );
+    /* The seed is written by nv_seed callback functions therefore the injection will fail */
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+exit:
+    psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */