yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-19 07:21:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #142 from ARMmbed/psa-metadata_validation

Browse source 
Algorithm and key type encoding validation
This commit is contained in:
Gilles Peskine 2018-09-24 10:38:39 +02:00 committed by GitHub
parent 3bfe5f0388 fa764b161b
commit 159ebf3b8e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 796 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
crypto/tests/Makefile
View file

@ -15,10 +15,12 @@ PYTHON ?= python
APPS := \
test_suite_psa_crypto \
test_suite_psa_crypto_metadata \
# Don't delete this line.
# Look up for associated function files
func.test_suite_psa_crypto := test_suite_psa_crypto
func.test_suite_psa_crypto_metadata := test_suite_psa_crypto_metadata
.SILENT:
@ -52,6 +54,7 @@ clean:
rm -rf data_files/ctr_drbg_seed data_files/hmac_drbg_seed data_files/mpi_write
test: $(APPS)
./test_suite_psa_crypto_metadata
./test_suite_psa_crypto
# Create separate targets for generating embedded tests.

50
include/psa/crypto.h
View file

@ -424,9 +424,6 @@ typedef uint32_t psa_key_type_t;
*/
#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \
((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
/** Whether a key type is an RSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_RSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
/** Raw data.
*
@ -483,11 +480,17 @@ typedef uint32_t psa_key_type_t;
#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000)
/** RSA key pair (private and public key). */
#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000)
/** Whether a key type is an RSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_RSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
/** DSA public key. */
#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000)
/** DSA key pair (private and public key). */
#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000)
/** Whether a key type is an DSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_DSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000)
#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000)
@ -522,7 +525,7 @@ typedef uint16_t psa_ecc_curve_t;
* TLS Supported Groups Registry (formerly known as the
* TLS EC Named Curve Registry)
* https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
* The values are defined by RFC 4492, RFC 7027 and RFC 7919. */
* The values are defined by RFC 8422 and RFC 7027. */
#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001)
#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002)
#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003)
@ -553,11 +556,6 @@ typedef uint16_t psa_ecc_curve_t;
#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c)
#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d)
#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e)
#define PSA_ECC_CURVE_FFDHE_2048 ((psa_ecc_curve_t) 0x0100)
#define PSA_ECC_CURVE_FFDHE_3072 ((psa_ecc_curve_t) 0x0101)
#define PSA_ECC_CURVE_FFDHE_4096 ((psa_ecc_curve_t) 0x0102)
#define PSA_ECC_CURVE_FFDHE_6144 ((psa_ecc_curve_t) 0x0103)
#define PSA_ECC_CURVE_FFDHE_8192 ((psa_ecc_curve_t) 0x0104)
/** The block size of a block cipher.
*
@ -741,7 +739,7 @@ typedef uint32_t psa_algorithm_t;
#define PSA_ALG_HMAC(hash_alg) \
(PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_HMAC_HASH(hmac_alg) \
#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
(PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
/** Whether the specified algorithm is an HMAC algorithm.
@ -771,7 +769,7 @@ typedef uint32_t psa_algorithm_t;
* This macro may return either 0 or 1 if \p alg is not a supported
* algorithm identifier.
*/
#define PSA_ALG_IS_CIPHER_MAC(alg) \
#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
(((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
PSA_ALG_CIPHER_MAC_BASE)
@ -1636,21 +1634,21 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
*/
#define PSA_HASH_SIZE(alg) \
( \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD2 ? 16 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD4 ? 16 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD5 ? 16 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \
0)
/** Start a multipart hash operation.

7
include/psa/crypto_sizes.h
View file

@ -58,6 +58,9 @@
* should be the maximum size of a hash supported by the implementation,
* in bytes, and must be no smaller than this maximum.
*/
/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226,
* 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for
* HMAC-SHA3-512. */
#if defined(MBEDTLS_SHA512_C)
#define PSA_HASH_MAX_SIZE 64
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
@ -160,9 +163,9 @@
* with the algorithm.
*/
#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \
(PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \
(PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \
PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
0)
((void)(key_type), (void)(key_bits), 0))
/** The maximum size of the output of psa_aead_encrypt(), in bytes.
*

4
library/psa_crypto.c
View file

@ -1555,7 +1555,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
#if defined(MBEDTLS_MD_C)
if( PSA_ALG_IS_HMAC( alg ) )
{
psa_algorithm_t hash_alg = PSA_ALG_HMAC_HASH( alg );
psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
if( hash_alg == 0 )
{
status = PSA_ERROR_NOT_SUPPORTED;
@ -3265,7 +3265,7 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
psa_status_t status;
status = psa_hmac_setup_internal( &hkdf->hmac,
salt, salt_length,
PSA_ALG_HMAC_HASH( hash_alg ) );
PSA_ALG_HMAC_GET_HASH( hash_alg ) );
if( status != PSA_SUCCESS )
return( status );
status = psa_hash_update( &hkdf->hmac.hash_ctx,

2
scripts/mbed_crypto.make
View file

@ -150,6 +150,8 @@ TEST_FILES := \
tests/suites/target_test.function \
tests/suites/test_suite_psa_crypto.data \
tests/suites/test_suite_psa_crypto.function \
tests/suites/test_suite_psa_crypto_metadata.data \
tests/suites/test_suite_psa_crypto_metadata.function \
# Don't delete this line.
OTHER_FILES := \

404
tests/suites/test_suite_psa_crypto_metadata.data Normal file
View file

@ -0,0 +1,404 @@
Hash: MD2
depends_on:MBEDTLS_MD2_C
hash_algorithm:PSA_ALG_MD2:16
Hash: MD4
depends_on:MBEDTLS_MD4_C
hash_algorithm:PSA_ALG_MD4:16
Hash: MD5
depends_on:MBEDTLS_MD5_C
hash_algorithm:PSA_ALG_MD5:16
Hash: RIPEMD160
depends_on:MBEDTLS_RIPEMD160_C
hash_algorithm:PSA_ALG_RIPEMD160:20
Hash: SHA-1
depends_on:MBEDTLS_SHA1_C
hash_algorithm:PSA_ALG_SHA_1:20
Hash: SHA-2 SHA-224
depends_on:MBEDTLS_SHA256_C
hash_algorithm:PSA_ALG_SHA_224:28
Hash: SHA-2 SHA-256
depends_on:MBEDTLS_SHA256_C
hash_algorithm:PSA_ALG_SHA_256:32
Hash: SHA-2 SHA-384
depends_on:MBEDTLS_SHA512_C
hash_algorithm:PSA_ALG_SHA_384:48
Hash: SHA-2 SHA-512
depends_on:MBEDTLS_SHA512_C
hash_algorithm:PSA_ALG_SHA_512:64
Hash: SHA-2 SHA-512/224
depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
hash_algorithm:PSA_ALG_SHA_512_224:28
Hash: SHA-2 SHA-512/256
depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
hash_algorithm:PSA_ALG_SHA_512_256:32
Hash: SHA-3 SHA3-224
depends_on:MBEDTLS_SHA3_C
hash_algorithm:PSA_ALG_SHA3_224:28
Hash: SHA-3 SHA3-256
depends_on:MBEDTLS_SHA3_C
hash_algorithm:PSA_ALG_SHA3_256:32
Hash: SHA-3 SHA3-384
depends_on:MBEDTLS_SHA3_C
hash_algorithm:PSA_ALG_SHA3_384:48
Hash: SHA-3 SHA3-512
depends_on:MBEDTLS_SHA3_C
hash_algorithm:PSA_ALG_SHA3_512:64
MAC: HMAC-MD2
depends_on:MBEDTLS_MD2_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64
MAC: HMAC-MD4
depends_on:MBEDTLS_MD4_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64
MAC: HMAC-MD5
depends_on:MBEDTLS_MD5_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64
MAC: HMAC-RIPEMD160
depends_on:MBEDTLS_RIPEMD160_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):20:64
MAC: HMAC-SHA-1
depends_on:MBEDTLS_SHA1_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):20:64
MAC: HMAC-SHA-224
depends_on:MBEDTLS_SHA256_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):28:64
MAC: HMAC-SHA-256
depends_on:MBEDTLS_SHA256_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):32:64
MAC: HMAC-SHA-384
depends_on:MBEDTLS_SHA512_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):48:128
MAC: HMAC-SHA-512
depends_on:MBEDTLS_SHA512_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):64:128
MAC: HMAC-SHA-512/224
depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):28:128
MAC: HMAC-SHA-512/256
depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):32:128
MAC: HMAC-SHA3-224
depends_on:MBEDTLS_SHA3_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):28:144
MAC: HMAC-SHA3-256
depends_on:MBEDTLS_SHA3_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):32:136
MAC: HMAC-SHA3-384
depends_on:MBEDTLS_SHA3_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):48:104
MAC: HMAC-SHA3-512
depends_on:MBEDTLS_SHA3_C
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):64:72
MAC: CBC_MAC-AES-128
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
MAC: CBC_MAC-AES-192
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
MAC: CBC_MAC-AES-256
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
MAC: CBC_MAC-3DES
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_C
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
MAC: CMAC-AES-128
depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
MAC: CMAC-AES-192
depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
MAC: CMAC-AES-256
depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
MAC: CMAC-3DES
depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
MAC: GMAC-AES-128
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
MAC: GMAC-AES-192
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
MAC: GMAC-AES-256
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
Cipher: ARC4
depends_on:MBEDTLS_ARC4_C
cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER
Cipher: CTR
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CTR
cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER
Cipher: CFB
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CFB
cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER
Cipher: OFB
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_OFB
cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER
Cipher: CBC-nopad
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0
Cipher: CBC-PKCS#7
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
cipher_algorithm:PSA_ALG_CBC_PKCS7:0
Cipher: XTS
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_XTS
cipher_algorithm:PSA_ALG_XTS:0
AEAD: CCM
depends_on:MBEDTLS_CCM_C
aead_algorithm:PSA_ALG_CCM:0:16
AEAD: GCM
depends_on:MBEDTLS_GCM_C
aead_algorithm:PSA_ALG_GCM:0:16
Asymmetric signature: RSA PKCS#1 v1.5 raw
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN
Asymmetric signature: RSA PKCS#1 v1.5 SHA-256
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN
Asymmetric signature: RSA PSS SHA-256
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS
Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256
depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA
Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C:MBEDTLS_DSA_DETERMINISTIC
asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC
Asymmetric signature: randomized ECDSA (no hashing)
depends_on:MBEDTLS_ECDSA_C
asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
Asymmetric signature: SHA-256 + randomized ECDSA
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC
Asymmetric encryption: RSA PKCS#1 v1.5
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0
Asymmetric encryption: RSA OAEP using SHA-256
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_OAEP
Key derivation: HKDF using SHA-256
depends_on:MBEDTLS_SHA256_C
key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
Key type: raw data
key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED
Key type: HMAC
key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED
Key type: secret for key derivation
key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED
Key type: AES
depends_on:MBEDTLS_AES_C
key_type:PSA_KEY_TYPE_AES:KEY_TYPE_IS_UNSTRUCTURED
Key type: DES
depends_on:MBEDTLS_DES_C
key_type:PSA_KEY_TYPE_DES:KEY_TYPE_IS_UNSTRUCTURED
Key type: Camellia
depends_on:MBEDTLS_CAMELLIA_C
key_type:PSA_KEY_TYPE_CAMELLIA:KEY_TYPE_IS_UNSTRUCTURED
Key type: ARC4
depends_on:MBEDTLS_ARC4_C
key_type:PSA_KEY_TYPE_ARC4:KEY_TYPE_IS_UNSTRUCTURED
Key type: RSA public key
depends_on:MBEDTLS_RSA_C
key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA
Key type: RSA key pair
depends_on:MBEDTLS_RSA_C
key_type:PSA_KEY_TYPE_RSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_RSA
Key type: DSA public key
depends_on:MBEDTLS_DSA_C
key_type:PSA_KEY_TYPE_DSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_DSA
Key type: DSA key pair
depends_on:MBEDTLS_DSA_C
key_type:PSA_KEY_TYPE_DSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_DSA
ECC key types: sect163k1
depends_on:MBEDTLS_ECP_DP_SECT163K1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT163K1:163
ECC key types: sect163r1
depends_on:MBEDTLS_ECP_DP_SECT163R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT163R1:163
ECC key types: sect163r2
depends_on:MBEDTLS_ECP_DP_SECT163R2_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT163R2:163
ECC key types: sect193r1
depends_on:MBEDTLS_ECP_DP_SECT193R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT193R1:193
ECC key types: sect193r2
depends_on:MBEDTLS_ECP_DP_SECT193R2_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT193R2:193
ECC key types: sect233k1
depends_on:MBEDTLS_ECP_DP_SECT233K1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT233K1:233
ECC key types: sect233r1
depends_on:MBEDTLS_ECP_DP_SECT233R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT233R1:233
ECC key types: sect239k1
depends_on:MBEDTLS_ECP_DP_SECT239K1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT239K1:239
ECC key types: sect283k1
depends_on:MBEDTLS_ECP_DP_SECT283K1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT283K1:283
ECC key types: sect283r1
depends_on:MBEDTLS_ECP_DP_SECT283R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT283R1:283
ECC key types: sect409k1
depends_on:MBEDTLS_ECP_DP_SECT409K1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT409K1:409
ECC key types: sect409r1
depends_on:MBEDTLS_ECP_DP_SECT409R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT409R1:409
ECC key types: sect571k1
depends_on:MBEDTLS_ECP_DP_SECT571K1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT571K1:571
ECC key types: sect571r1
depends_on:MBEDTLS_ECP_DP_SECT571R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECT571R1:571
ECC key types: secp160k1
depends_on:MBEDTLS_ECP_DP_SECP160K1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECP160K1:160
ECC key types: secp160r1
depends_on:MBEDTLS_ECP_DP_SECP160R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECP160R1:160
ECC key types: secp160r2
depends_on:MBEDTLS_ECP_DP_SECP160R2_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECP160R2:160
ECC key types: secp192k1
depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECP192K1:192
ECC key types: secp192r1
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECP192R1:192
ECC key types: secp224k1
depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECP224K1:224
ECC key types: secp224r1
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECP224R1:224
ECC key types: secp256k1
depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECP256K1:256
ECC key types: secp256r1
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECP256R1:256
ECC key types: secp384r1
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECP384R1:384
ECC key types: secp521r1
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_SECP521R1:521
ECC key types: Brainpool P256R1
depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1:256
ECC key types: Brainpool P384R1
depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1:384
ECC key types: Brainpool P512R1
depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1:512
ECC key types: Curve25519
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
ecc_key_types:PSA_ECC_CURVE_CURVE25519:255
ECC key types: Curve448
depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
ecc_key_types:PSA_ECC_CURVE_CURVE448:448

356
tests/suites/test_suite_psa_crypto_metadata.function Normal file
View file

@ -0,0 +1,356 @@
/* BEGIN_HEADER */
/* Test macros that provide metadata about algorithms and key types.
* This test suite only contains tests that don't require executing
* code. Other test suites validate macros that require creating a key
* and using it. */
#if defined(MBEDTLS_PSA_CRYPTO_SPM)
#include "spm/psa_defs.h"
#endif
#include "psa/crypto.h"
/* Flags for algorithm classification macros. There is a flag for every
* algorithm classification macro PSA_ALG_IS_xxx except for the
* category test macros, which are hard-coded in each
* category-specific function. The name of the flag is the name of the
* classification macro without the PSA_ prefix. */
#define ALG_IS_VENDOR_DEFINED ( 1u << 0 )
#define ALG_IS_HMAC ( 1u << 1 )
#define ALG_IS_BLOCK_CIPHER_MAC ( 1u << 2 )
#define ALG_IS_STREAM_CIPHER ( 1u << 3 )
#define ALG_IS_RSA_PKCS1V15_SIGN ( 1u << 4 )
#define ALG_IS_RSA_PSS ( 1u << 5 )
#define ALG_IS_DSA ( 1u << 6 )
#define ALG_DSA_IS_DETERMINISTIC ( 1u << 7 )
#define ALG_IS_DETERMINISTIC_DSA ( 1u << 8 )
#define ALG_IS_RANDOMIZED_DSA ( 1u << 9 )
#define ALG_IS_ECDSA ( 1u << 10 )
#define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 11 )
#define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 12 )
#define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 )
#define ALG_IS_RSA_OAEP ( 1u << 14 )
#define ALG_IS_HKDF ( 1u << 15 )
/* Flags for key type classification macros. There is a flag for every
* key type classification macro PSA_KEY_TYPE_IS_xxx except for some that
* are tested as derived from other macros. The name of the flag is
* the name of the classification macro without the PSA_ prefix. */
#define KEY_TYPE_IS_VENDOR_DEFINED ( 1u << 0 )
#define KEY_TYPE_IS_UNSTRUCTURED ( 1u << 1 )
#define KEY_TYPE_IS_PUBLIC_KEY ( 1u << 2 )
#define KEY_TYPE_IS_KEYPAIR ( 1u << 3 )
#define KEY_TYPE_IS_RSA ( 1u << 4 )
#define KEY_TYPE_IS_DSA ( 1u << 5 )
#define KEY_TYPE_IS_ECC ( 1u << 6 )
#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \
TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) )
void algorithm_classification( psa_algorithm_t alg, unsigned flags )
{
TEST_CLASSIFICATION_MACRO( ALG_IS_VENDOR_DEFINED, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_HMAC, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_BLOCK_CIPHER_MAC, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_STREAM_CIPHER, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PKCS1V15_SIGN, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PSS, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_DSA, alg, flags );
if ( PSA_ALG_IS_DSA( alg ) )
TEST_CLASSIFICATION_MACRO( ALG_DSA_IS_DETERMINISTIC, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_DSA, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_DSA, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_ECDSA, alg, flags );
if ( PSA_ALG_IS_ECDSA( alg ) )
TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags );
TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags );
exit: ;
}
void key_type_classification( psa_key_type_t type, unsigned flags )
{
/* Macros tested based on the test case parameter */
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_VENDOR_DEFINED, type, flags );
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_UNSTRUCTURED, type, flags );
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_PUBLIC_KEY, type, flags );
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_KEYPAIR, type, flags );
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_RSA, type, flags );
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_ECC, type, flags );
/* Macros with derived semantics */
TEST_ASSERT( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ==
( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ||
PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ==
( PSA_KEY_TYPE_IS_ECC( type ) &&
PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ==
( PSA_KEY_TYPE_IS_ECC( type ) &&
PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) );
exit: ;
}
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_PSA_CRYPTO_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void hash_algorithm( int alg_arg, int length_arg )
{
psa_algorithm_t alg = alg_arg;
size_t length = length_arg;
psa_algorithm_t hmac_alg = PSA_ALG_HMAC( alg );
psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN( alg );
psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS( alg );
psa_algorithm_t dsa_alg = PSA_ALG_DSA( alg );
psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA( alg );
psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA( alg );
psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA( alg );
psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP( alg );
psa_algorithm_t hkdf_alg = PSA_ALG_HKDF( alg );
/* Algorithm classification */
TEST_ASSERT( PSA_ALG_IS_HASH( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
algorithm_classification( alg, 0 );
/* Dependent algorithms */
TEST_ASSERT( PSA_ALG_HMAC_GET_HASH( hmac_alg ) == alg );
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ) == alg );
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ) == alg );
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( dsa_alg ) == alg );
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ) == alg );
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ) == alg );
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ) == alg );
TEST_ASSERT( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ) == alg );
TEST_ASSERT( PSA_ALG_HKDF_GET_HASH( hkdf_alg ) == alg );
/* Hash length */
TEST_ASSERT( length == PSA_HASH_SIZE( alg ) );
TEST_ASSERT( length <= PSA_HASH_MAX_SIZE );
}
/* END_CASE */
/* BEGIN_CASE */
void mac_algorithm( int alg_arg, int classification_flags,
int length_arg,
int key_type_arg, int key_bits_arg )
{
psa_algorithm_t alg = alg_arg;
size_t length = length_arg;
size_t key_type = key_type_arg;
size_t key_bits = key_bits_arg;
/* Algorithm classification */
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
TEST_ASSERT( PSA_ALG_IS_MAC( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
algorithm_classification( alg, classification_flags );
/* Length */
TEST_ASSERT( length == PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
TEST_ASSERT( length <= PSA_MAC_MAX_SIZE );
}
/* END_CASE */
/* BEGIN_CASE */
void hmac_algorithm( int alg_arg,
int length_arg,
int block_size_arg )
{
psa_algorithm_t alg = alg_arg;
psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
size_t block_size = block_size_arg;
TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) );
TEST_ASSERT( PSA_ALG_HMAC( hash_alg ) == alg );
TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE );
test_mac_algorithm( alg_arg, ALG_IS_HMAC, length_arg,
PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length_arg ) );
}
/* END_CASE */
/* BEGIN_CASE */
void cipher_algorithm( int alg_arg, int classification_flags )
{
psa_algorithm_t alg = alg_arg;
/* Algorithm classification */
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
TEST_ASSERT( PSA_ALG_IS_CIPHER( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
algorithm_classification( alg, classification_flags );
}
/* END_CASE */
/* BEGIN_CASE */
void aead_algorithm( int alg_arg, int classification_flags,
int tag_length_arg )
{
psa_algorithm_t alg = alg_arg;
size_t tag_length = tag_length_arg;
/* Algorithm classification */
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
algorithm_classification( alg, classification_flags );
/* Tag length */
TEST_ASSERT( tag_length == PSA_AEAD_TAG_SIZE( alg ) );
}
/* END_CASE */
/* BEGIN_CASE */
void asymmetric_signature_algorithm( int alg_arg, int classification_flags )
{
psa_algorithm_t alg = alg_arg;
/* Algorithm classification */
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
TEST_ASSERT( PSA_ALG_IS_SIGN( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
algorithm_classification( alg, classification_flags );
}
/* END_CASE */
/* BEGIN_CASE */
void asymmetric_encryption_algorithm( int alg_arg, int classification_flags )
{
psa_algorithm_t alg = alg_arg;
/* Algorithm classification */
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
algorithm_classification( alg, classification_flags );
}
/* END_CASE */
/* BEGIN_CASE */
void key_agreement_algorithm( int alg_arg, int classification_flags )
{
psa_algorithm_t alg = alg_arg;
/* Algorithm classification */
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
algorithm_classification( alg, classification_flags );
}
/* END_CASE */
/* BEGIN_CASE */
void key_derivation_algorithm( int alg_arg, int classification_flags )
{
psa_algorithm_t alg = alg_arg;
/* Algorithm classification */
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) );
algorithm_classification( alg, classification_flags );
}
/* END_CASE */
/* BEGIN_CASE */
void key_type( int type_arg, int classification_flags )
{
psa_key_type_t type = type_arg;
key_type_classification( type, classification_flags );
/* For asymmetric types, check the corresponding pair/public type */
if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY )
{
psa_key_type_t pair_type = PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type );
TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( pair_type ) == type );
key_type_classification( pair_type,
( classification_flags
& ~KEY_TYPE_IS_PUBLIC_KEY )
| KEY_TYPE_IS_KEYPAIR );
TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ) == type );
}
if( classification_flags & KEY_TYPE_IS_KEYPAIR )
{
psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( public_type ) == type );
key_type_classification( public_type,
( classification_flags
& ~KEY_TYPE_IS_KEYPAIR )
| KEY_TYPE_IS_PUBLIC_KEY );
TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ) == type );
}
}
/* END_CASE */
/* BEGIN_CASE */
void ecc_key_types( int curve_arg, int curve_bits_arg )
{
psa_ecc_curve_t curve = curve_arg;
size_t curve_bits = curve_bits_arg;
psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEYPAIR( curve );
test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY );
test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEYPAIR );
TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( public_type ) == curve );
TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( pair_type ) == curve );
/* Validate that the bit size is less than the maximum ECC bit size
* in this implementation. There's no parameter that should be equal
* to curve_bits and can be validated without creating a key. */
TEST_ASSERT( curve_bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS );
}
/* END_CASE */