Ensure the module is initialized in psa_generate_random

This commit is contained in:
itayzafrir 2018-09-06 16:24:41 +03:00
parent e852df8466
commit 0adf0fc31c
4 changed files with 22 additions and 2 deletions

View file

@ -2902,6 +2902,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_BAD_STATE
*/
psa_status_t psa_generate_random(uint8_t *output,
size_t output_size);

View file

@ -148,6 +148,10 @@ typedef struct
static psa_global_data_t global_data;
#define GUARD_MODULE_INITIALIZED \
if( global_data.initialized == 0 ) \
return( PSA_ERROR_BAD_STATE );
static psa_status_t mbedtls_to_psa_error( int ret )
{
/* If there's both a high-level code and low-level code, dispatch on
@ -3360,8 +3364,10 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
psa_status_t psa_generate_random( uint8_t *output,
size_t output_size )
{
int ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg,
output, output_size );
int ret;
GUARD_MODULE_INITIALIZED;
ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, output, output_size );
return( mbedtls_to_psa_error( ret ) );
}

View file

@ -1178,3 +1178,6 @@ generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE
PSA generate key: ECC, SECP256R1, incorrect bit size
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
PSA validate module initialization: random
validate_module_init_generate_random:

View file

@ -3451,3 +3451,13 @@ exit:
mbedtls_psa_crypto_free( );
}
/* END_CASE */
/* BEGIN_CASE */
void validate_module_init_generate_random( )
{
psa_status_t status;
uint8_t random[10] = { 0 };
status = psa_generate_random( random, sizeof( random ) );
TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
}
/* END_CASE */