Commit Graph

182 Commits

Author SHA1 Message Date
Gilles Peskine
5968559a9c Key agreement test functions 2018-11-14 21:15:37 +01:00
Gilles Peskine
01d718cee8 New API function: psa_key_agreement
Set up a generator from a key agreement.
2018-11-14 21:15:37 +01:00
Jaeden Amero
594a330eb7 psa: test: Fix truncation of message by snprintf
We had only allocated 40 bytes for printing into, but we wanted to print 46
bytes. Update the buffer to be 47 bytes, which is large enough to hold what
we want to print plus a terminating null byte.
2018-11-08 17:32:45 +00:00
Moran Peker
ce50007f90 Add tests of using cipher in bad state cases
- cipher setup after import key failure.
- cipher setup after set key policy but no key material
creation.
2018-11-07 16:20:07 +02:00
Moran Peker
3455009116 Add tests that check export failures after illegal behavior
- export a key after import key failure.
- export a key after the key was destroyed.
- export a key after set key policy but no key material
creation.
2018-11-07 16:19:34 +02:00
Moran Peker
28a38e6e38 Add tests that checks key management corner cases
- import a key into a non empty key slot.
- export a key from invalid slot number.
2018-11-07 16:18:24 +02:00
Jaeden Amero
fe9f771e88
Merge pull request #170 from ARMmbed/increase_psa_key_derivation_code_coverage
add tests that increase key derivation code coverage slightly
2018-11-06 09:17:19 +00:00
Jaeden Amero
40f1cb104f
Merge pull request #182 from ARMmbed/psa-asymmetric-format-raw_private_key
Asymmetric import/export format: raw private EC keys
2018-11-06 09:02:25 +00:00
itayzafrir
27e6945f43 Refactor and rename test hash_verify_bad_paths to hash_verify_bad_args
1. Updated test scenarios.
2. Renamed test and updated test description.
3. Some documentation updates.
4. Test dependency moved to .function file.
2018-11-05 18:36:05 +02:00
itayzafrir
b2dd5ed1e6 Rename test hash_finish_bad_paths to hash_finish_bad_args
Test dependency moved to .function file.
2018-11-05 18:36:05 +02:00
itayzafrir
f86548d674 Add test hash_bad_order
1. New test for testing bad order of hash function calls.
2. Removed test hash_update_bad_paths since it's test scenario
   was moved to the new test.
3. Moved some scenarios from test hash_verify_bad_paths to
   the new test.
2018-11-05 18:36:05 +02:00
itayzafrir
58028321b9 Split test hash_bad_paths into 3 different tests
1. Rename hash_bad_paths to hash_verify_bad_paths
2. Add test hash_update_bad_paths
3. Add test hash_finish_bad_paths

The different scenarios tested as part of hash_bad_paths are
moved to the relevant test.
2018-11-05 18:36:05 +02:00
itayzafrir
4271df932c Add scenario to test case hash_bad_paths
Tests where the verification hash digest is prefixed with
the expected digest but also has extra bytes appended at the end of it.
2018-11-05 18:36:05 +02:00
itayzafrir
69290f0e71 Update hash tests documentation 2018-11-05 18:36:05 +02:00
itayzafrir
02d6295e53 Move positive hash tests into a new test suite
Move hash_finish, hash_verify and hash_multi_part to a
new test suite test_suite_psa_crypto_hash.
2018-11-05 18:36:05 +02:00
itayzafrir
931fa6d663 Remove input parameter validations from hash test functions
Remove from hash_finish, hash_verify and hash_multi_part
2018-11-05 18:34:16 +02:00
itayzafrir
f5b3eb85b5 Add hash test for multipart operation
Test vectors migrated from mbedTLS
2018-11-05 18:34:16 +02:00
itayzafrir
ec93d30b45 Add hash bad paths test
Increase code coverage
2018-11-05 18:34:16 +02:00
Nir Sonnenschein
1caf6d24f2 Fix code style and clarify issue comment
* remove unneeded constants
* clarify comment reference to issue 183
* add additional reference comment
* fix brace spacing issues
2018-11-01 12:27:20 +02:00
Nir Sonnenschein
dd69d8b7ff Streamline test function API by removing parameter
streamline the API for the test test_derive_invalid_generator_state: by removing
the key_data parameter.
This parameter is not important for test flow and can be hard-coded.
2018-11-01 12:24:23 +02:00
Nir Sonnenschein
f8964b9580 updated test to work around https://github.com/ARMmbed/mbedtls-psa/issues/183
test should check the correct error values once this issue is fixed
2018-10-31 18:06:14 +02:00
Nir Sonnenschein
5078930459 fix whitespace issues 2018-10-31 12:16:38 +02:00
Nir Sonnenschein
4eda37bb9e streamline test function API by removing parameter
streamline the API for the test test_derive_invalid_generator_state by removing
the key type paramter (it is assumed to always be PSA_KEY_TYPE_DERIVE)
2018-10-31 12:15:58 +02:00
Gilles Peskine
5b802a366a Private EC key format: remove ASN.1-based sanity checks
In preparation for the import/export format change for private
elliptic curve keys from RFC 5915 to the raw secret value,
remove ASN.1-based sanity checks. For the raw secret value, most byte
strings of the correct length are valid (the details depend on the
curve), so as a sanity check, just check the length.
2018-10-29 19:21:41 +01:00
Gilles Peskine
d8b7d4f87e In export tests, also test PSA_KEY_EXPORT_MAX_SIZE
When testing psa_export_key or psa_export_public_key, test that the
expected result fits in the size given by PSA_KEY_EXPORT_MAX_SIZE.
2018-10-29 15:18:41 +01:00
Gilles Peskine
49c2591916 Improve export_public_key test function
In the test function for export_public_key, don't just check the
length of the result. Compare the actual result to the expected
result.

Take an extra argument that allows using an export buffer that's
larger or smaller than needed. Zero is the size given by
PSA_KEY_EXPORT_MAX_SIZE.

Don't check the output of psa_get_key_information. That's useful in
import_export because it tests both import and export, but not in
import_export_public_key whose goal is only to test public key export.

This commit adjusts the existing test data but does not add new test
cases.
2018-10-29 15:15:31 +01:00
Nir Sonnenschein
b46e7ca16b add additional generator tests and generalize key derivation test
Key derivation test now uses an indirect way to test generator validity
as the direct way previously used isn't compatible with the PSA IPC
implementation. Additional bad path test for the generator added
to check basic bad-path scenarios.
2018-10-25 14:46:09 +03:00
Nir Sonnenschein
e5204c94a1 add tests that increase key derivation code coverage slightly
added tests that increase code coverage for the key derivation functions slightly
by reaching error cases not covered before.
2018-10-22 17:24:55 +03:00
Gilles Peskine
e1f2d7d1ac Document and check the consistency of truncated MAC encodings
Add comments noting that the maximum length of a MAC must fit in
PSA_ALG_MAC_TRUNCATION_MASK. Add a unit test that verifies that the
maximum MAC size fits.
2018-10-17 13:54:47 +02:00
Gilles Peskine
7da96b0d91 Reorder parameters of AEAD unit tests to be more logical
Pass the nonce first, then the AD, then the input. This is the order
in which the data is processed and it's the order of the parameters to
the API functions.
2018-10-08 14:42:11 +02:00
Gilles Peskine
a7aa442c7c Add tests for mac_sign 2018-10-08 14:42:11 +02:00
Gilles Peskine
f7ab5ad13a Skip calling memset when the size is 0
memset(NULL, c, 0) has undefined behavior, so don't do it. clang-asan
complains.
2018-09-27 13:57:45 +02:00
Gilles Peskine
bd7dea9e64 Use ASSERT_COMPARE instead of memcmp in PSA tests
This commit fixes some missing size comparison. In
aead_encrypt_decrypt, aead_encrypt and aead_decrypt, the test code
would not have noticed if the library function had reported an output
length that was not the expected length.
2018-09-27 13:57:19 +02:00
Gilles Peskine
8cebbba7e6 Use ASSERT_ALLOC instead of mbedtls_calloc in PSA tests
This commit resolves a bug whereby some test cases failed on systems
where mbedtls_calloc returns NULL when the size of 0, because the test
case asserted `pointer != NULL` regardless of the size.
2018-09-27 13:54:18 +02:00
Gilles Peskine
acec7b6fa1 exercise_export_key: fix public key case
Public keys are always exportable, even if their usage doesn't include
the EXPORT flag.
2018-09-17 14:33:43 +02:00
itayzafrir
90d8c7a728 Ensure the module is initialized in key based functions 2018-09-16 12:15:47 +03:00
itayzafrir
0adf0fc31c Ensure the module is initialized in psa_generate_random 2018-09-16 12:15:46 +03:00
Jaeden Amero
c0454a7369 Merge pull request #135 from ARMmbed/export_sanity_tests
Document asymmetric key export formats
2018-09-14 10:02:30 +01:00
Gilles Peskine
dea46cf8f1 Clarify comment in test
In RSAPrivateKey, Version is an INTEGER. The version must be 0.
2018-09-14 10:02:29 +01:00
Gilles Peskine
c6290c043e Minor documentation improvements 2018-09-14 10:02:29 +01:00
Gilles Peskine
b67f308c4f Fix re-import size in import_export test with non-canonical input 2018-09-14 10:02:29 +01:00
Gilles Peskine
ae3d2a2c26 Avoid non-standard C constructs
Don't rely on static initialization of a flexible array member, that's
a GNU extension. The previous code also triggered a Clang warning
"suggest braces around initialization of subobject" (-Wmissing-braces)
for `struct {char a[]} = {"foo"}`.
2018-09-14 10:02:29 +01:00
Gilles Peskine
8f609239d5 Do export sanity checks in import_export as well
This is not useful to validate the implementation when importing
canonical input, which is the case for most import/export test cases,
but it helps validate the sanity checks themselves.
2018-09-14 10:02:29 +01:00
Gilles Peskine
dd2f95b855 Improve and augment export sanity checks
Implement sanity checks of exported public keys, using ASN.1 parsing.
Rewrite the sanity checks of key pairs using ASN.1 parsing, so as to
check more things with simpler code.
2018-09-14 10:02:29 +01:00
Jaeden Amero
df3b74f168 Merge pull request #125 from ARMmbed/key_slot_index-fix
Fix off-by-one errors in key slot index limits
2018-09-14 10:02:29 +01:00
Gilles Peskine
d14664a79b Move export key sanity check from generate to exercise
Move the code to perform sanity checks on the exported key from
generate_key to exercise_key. This way the sanity checks can be
performed after importing or deriving a key as well.

In addition to checking the exported key if its usage allows it, check
the exported public key if the key is asymmetric.
2018-09-14 10:02:29 +01:00
Gilles Peskine
9a05634558 psa_crypto_free: destroy the last slot
The last slot in the array was not freed due to an off-by-one error.

Amend the fill_slots test to serve as a non-regression test for this
issue: without this bug fix, it would cause a memory leak.
2018-09-14 10:02:29 +01:00
Gilles Peskine
996deb18cc Fix buffer overflow in the slot array
Slots are numbered from 1, but the slot array is a C array so it's
numbered from 0.

Add a non-regression test.
2018-09-14 10:02:29 +01:00
Gilles Peskine
c32f0304db Fix bad key type constant that worked by accident 2018-09-14 10:02:29 +01:00
Darryl Green
9c862253cc Add handling for zero-length buffers in tests
The buffer can be NULL if the length is zero, so we only check it's not NULL if the length is nonzero
2018-09-14 10:02:28 +01:00