mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-26 03:21:04 +00:00
Merge pull request #142 from ARMmbed/psa-metadata_validation
Algorithm and key type encoding validation
This commit is contained in:
commit
159ebf3b8e
|
@ -15,10 +15,12 @@ PYTHON ?= python
|
|||
|
||||
APPS := \
|
||||
test_suite_psa_crypto \
|
||||
test_suite_psa_crypto_metadata \
|
||||
# Don't delete this line.
|
||||
|
||||
# Look up for associated function files
|
||||
func.test_suite_psa_crypto := test_suite_psa_crypto
|
||||
func.test_suite_psa_crypto_metadata := test_suite_psa_crypto_metadata
|
||||
|
||||
.SILENT:
|
||||
|
||||
|
@ -52,6 +54,7 @@ clean:
|
|||
rm -rf data_files/ctr_drbg_seed data_files/hmac_drbg_seed data_files/mpi_write
|
||||
|
||||
test: $(APPS)
|
||||
./test_suite_psa_crypto_metadata
|
||||
./test_suite_psa_crypto
|
||||
|
||||
# Create separate targets for generating embedded tests.
|
||||
|
|
|
@ -424,9 +424,6 @@ typedef uint32_t psa_key_type_t;
|
|||
*/
|
||||
#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \
|
||||
((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
|
||||
/** Whether a key type is an RSA key (pair or public-only). */
|
||||
#define PSA_KEY_TYPE_IS_RSA(type) \
|
||||
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
|
||||
/** Raw data.
|
||||
*
|
||||
|
@ -483,11 +480,17 @@ typedef uint32_t psa_key_type_t;
|
|||
#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000)
|
||||
/** RSA key pair (private and public key). */
|
||||
#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000)
|
||||
/** Whether a key type is an RSA key (pair or public-only). */
|
||||
#define PSA_KEY_TYPE_IS_RSA(type) \
|
||||
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
|
||||
/** DSA public key. */
|
||||
#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000)
|
||||
/** DSA key pair (private and public key). */
|
||||
#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000)
|
||||
/** Whether a key type is an DSA key (pair or public-only). */
|
||||
#define PSA_KEY_TYPE_IS_DSA(type) \
|
||||
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
|
||||
|
||||
#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000)
|
||||
#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000)
|
||||
|
@ -522,7 +525,7 @@ typedef uint16_t psa_ecc_curve_t;
|
|||
* TLS Supported Groups Registry (formerly known as the
|
||||
* TLS EC Named Curve Registry)
|
||||
* https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
|
||||
* The values are defined by RFC 4492, RFC 7027 and RFC 7919. */
|
||||
* The values are defined by RFC 8422 and RFC 7027. */
|
||||
#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001)
|
||||
#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002)
|
||||
#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003)
|
||||
|
@ -553,11 +556,6 @@ typedef uint16_t psa_ecc_curve_t;
|
|||
#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c)
|
||||
#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d)
|
||||
#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e)
|
||||
#define PSA_ECC_CURVE_FFDHE_2048 ((psa_ecc_curve_t) 0x0100)
|
||||
#define PSA_ECC_CURVE_FFDHE_3072 ((psa_ecc_curve_t) 0x0101)
|
||||
#define PSA_ECC_CURVE_FFDHE_4096 ((psa_ecc_curve_t) 0x0102)
|
||||
#define PSA_ECC_CURVE_FFDHE_6144 ((psa_ecc_curve_t) 0x0103)
|
||||
#define PSA_ECC_CURVE_FFDHE_8192 ((psa_ecc_curve_t) 0x0104)
|
||||
|
||||
/** The block size of a block cipher.
|
||||
*
|
||||
|
@ -741,7 +739,7 @@ typedef uint32_t psa_algorithm_t;
|
|||
#define PSA_ALG_HMAC(hash_alg) \
|
||||
(PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
|
||||
|
||||
#define PSA_ALG_HMAC_HASH(hmac_alg) \
|
||||
#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
|
||||
(PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
|
||||
|
||||
/** Whether the specified algorithm is an HMAC algorithm.
|
||||
|
@ -771,7 +769,7 @@ typedef uint32_t psa_algorithm_t;
|
|||
* This macro may return either 0 or 1 if \p alg is not a supported
|
||||
* algorithm identifier.
|
||||
*/
|
||||
#define PSA_ALG_IS_CIPHER_MAC(alg) \
|
||||
#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
|
||||
(((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
|
||||
PSA_ALG_CIPHER_MAC_BASE)
|
||||
|
||||
|
@ -1636,21 +1634,21 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
|
|||
*/
|
||||
#define PSA_HASH_SIZE(alg) \
|
||||
( \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD2 ? 16 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD4 ? 16 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD5 ? 16 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \
|
||||
PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \
|
||||
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \
|
||||
0)
|
||||
|
||||
/** Start a multipart hash operation.
|
||||
|
|
|
@ -58,6 +58,9 @@
|
|||
* should be the maximum size of a hash supported by the implementation,
|
||||
* in bytes, and must be no smaller than this maximum.
|
||||
*/
|
||||
/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226,
|
||||
* 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for
|
||||
* HMAC-SHA3-512. */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#define PSA_HASH_MAX_SIZE 64
|
||||
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
|
||||
|
@ -160,9 +163,9 @@
|
|||
* with the algorithm.
|
||||
*/
|
||||
#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \
|
||||
(PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \
|
||||
(PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \
|
||||
PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
|
||||
0)
|
||||
((void)(key_type), (void)(key_bits), 0))
|
||||
|
||||
/** The maximum size of the output of psa_aead_encrypt(), in bytes.
|
||||
*
|
||||
|
|
|
@ -1555,7 +1555,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
|
|||
#if defined(MBEDTLS_MD_C)
|
||||
if( PSA_ALG_IS_HMAC( alg ) )
|
||||
{
|
||||
psa_algorithm_t hash_alg = PSA_ALG_HMAC_HASH( alg );
|
||||
psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
|
||||
if( hash_alg == 0 )
|
||||
{
|
||||
status = PSA_ERROR_NOT_SUPPORTED;
|
||||
|
@ -3265,7 +3265,7 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
|
|||
psa_status_t status;
|
||||
status = psa_hmac_setup_internal( &hkdf->hmac,
|
||||
salt, salt_length,
|
||||
PSA_ALG_HMAC_HASH( hash_alg ) );
|
||||
PSA_ALG_HMAC_GET_HASH( hash_alg ) );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
status = psa_hash_update( &hkdf->hmac.hash_ctx,
|
||||
|
|
|
@ -150,6 +150,8 @@ TEST_FILES := \
|
|||
tests/suites/target_test.function \
|
||||
tests/suites/test_suite_psa_crypto.data \
|
||||
tests/suites/test_suite_psa_crypto.function \
|
||||
tests/suites/test_suite_psa_crypto_metadata.data \
|
||||
tests/suites/test_suite_psa_crypto_metadata.function \
|
||||
# Don't delete this line.
|
||||
|
||||
OTHER_FILES := \
|
||||
|
|
404
tests/suites/test_suite_psa_crypto_metadata.data
Normal file
404
tests/suites/test_suite_psa_crypto_metadata.data
Normal file
|
@ -0,0 +1,404 @@
|
|||
Hash: MD2
|
||||
depends_on:MBEDTLS_MD2_C
|
||||
hash_algorithm:PSA_ALG_MD2:16
|
||||
|
||||
Hash: MD4
|
||||
depends_on:MBEDTLS_MD4_C
|
||||
hash_algorithm:PSA_ALG_MD4:16
|
||||
|
||||
Hash: MD5
|
||||
depends_on:MBEDTLS_MD5_C
|
||||
hash_algorithm:PSA_ALG_MD5:16
|
||||
|
||||
Hash: RIPEMD160
|
||||
depends_on:MBEDTLS_RIPEMD160_C
|
||||
hash_algorithm:PSA_ALG_RIPEMD160:20
|
||||
|
||||
Hash: SHA-1
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
hash_algorithm:PSA_ALG_SHA_1:20
|
||||
|
||||
Hash: SHA-2 SHA-224
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
hash_algorithm:PSA_ALG_SHA_224:28
|
||||
|
||||
Hash: SHA-2 SHA-256
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
hash_algorithm:PSA_ALG_SHA_256:32
|
||||
|
||||
Hash: SHA-2 SHA-384
|
||||
depends_on:MBEDTLS_SHA512_C
|
||||
hash_algorithm:PSA_ALG_SHA_384:48
|
||||
|
||||
Hash: SHA-2 SHA-512
|
||||
depends_on:MBEDTLS_SHA512_C
|
||||
hash_algorithm:PSA_ALG_SHA_512:64
|
||||
|
||||
Hash: SHA-2 SHA-512/224
|
||||
depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
|
||||
hash_algorithm:PSA_ALG_SHA_512_224:28
|
||||
|
||||
Hash: SHA-2 SHA-512/256
|
||||
depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
|
||||
hash_algorithm:PSA_ALG_SHA_512_256:32
|
||||
|
||||
Hash: SHA-3 SHA3-224
|
||||
depends_on:MBEDTLS_SHA3_C
|
||||
hash_algorithm:PSA_ALG_SHA3_224:28
|
||||
|
||||
Hash: SHA-3 SHA3-256
|
||||
depends_on:MBEDTLS_SHA3_C
|
||||
hash_algorithm:PSA_ALG_SHA3_256:32
|
||||
|
||||
Hash: SHA-3 SHA3-384
|
||||
depends_on:MBEDTLS_SHA3_C
|
||||
hash_algorithm:PSA_ALG_SHA3_384:48
|
||||
|
||||
Hash: SHA-3 SHA3-512
|
||||
depends_on:MBEDTLS_SHA3_C
|
||||
hash_algorithm:PSA_ALG_SHA3_512:64
|
||||
|
||||
MAC: HMAC-MD2
|
||||
depends_on:MBEDTLS_MD2_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64
|
||||
|
||||
MAC: HMAC-MD4
|
||||
depends_on:MBEDTLS_MD4_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64
|
||||
|
||||
MAC: HMAC-MD5
|
||||
depends_on:MBEDTLS_MD5_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64
|
||||
|
||||
MAC: HMAC-RIPEMD160
|
||||
depends_on:MBEDTLS_RIPEMD160_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):20:64
|
||||
|
||||
MAC: HMAC-SHA-1
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):20:64
|
||||
|
||||
MAC: HMAC-SHA-224
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):28:64
|
||||
|
||||
MAC: HMAC-SHA-256
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):32:64
|
||||
|
||||
MAC: HMAC-SHA-384
|
||||
depends_on:MBEDTLS_SHA512_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):48:128
|
||||
|
||||
MAC: HMAC-SHA-512
|
||||
depends_on:MBEDTLS_SHA512_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):64:128
|
||||
|
||||
MAC: HMAC-SHA-512/224
|
||||
depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):28:128
|
||||
|
||||
MAC: HMAC-SHA-512/256
|
||||
depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):32:128
|
||||
|
||||
MAC: HMAC-SHA3-224
|
||||
depends_on:MBEDTLS_SHA3_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):28:144
|
||||
|
||||
MAC: HMAC-SHA3-256
|
||||
depends_on:MBEDTLS_SHA3_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):32:136
|
||||
|
||||
MAC: HMAC-SHA3-384
|
||||
depends_on:MBEDTLS_SHA3_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):48:104
|
||||
|
||||
MAC: HMAC-SHA3-512
|
||||
depends_on:MBEDTLS_SHA3_C
|
||||
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):64:72
|
||||
|
||||
MAC: CBC_MAC-AES-128
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
|
||||
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
|
||||
|
||||
MAC: CBC_MAC-AES-192
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
|
||||
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
|
||||
|
||||
MAC: CBC_MAC-AES-256
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
|
||||
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
|
||||
|
||||
MAC: CBC_MAC-3DES
|
||||
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_C
|
||||
mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
|
||||
|
||||
MAC: CMAC-AES-128
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
|
||||
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
|
||||
|
||||
MAC: CMAC-AES-192
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
|
||||
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
|
||||
|
||||
MAC: CMAC-AES-256
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
|
||||
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
|
||||
|
||||
MAC: CMAC-3DES
|
||||
depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C
|
||||
mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
|
||||
|
||||
MAC: GMAC-AES-128
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
|
||||
mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
|
||||
|
||||
MAC: GMAC-AES-192
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
|
||||
mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
|
||||
|
||||
MAC: GMAC-AES-256
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
|
||||
mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
|
||||
|
||||
Cipher: ARC4
|
||||
depends_on:MBEDTLS_ARC4_C
|
||||
cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER
|
||||
|
||||
Cipher: CTR
|
||||
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER
|
||||
|
||||
Cipher: CFB
|
||||
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CFB
|
||||
cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER
|
||||
|
||||
Cipher: OFB
|
||||
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_OFB
|
||||
cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER
|
||||
|
||||
Cipher: CBC-nopad
|
||||
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0
|
||||
|
||||
Cipher: CBC-PKCS#7
|
||||
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
|
||||
cipher_algorithm:PSA_ALG_CBC_PKCS7:0
|
||||
|
||||
Cipher: XTS
|
||||
depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_XTS
|
||||
cipher_algorithm:PSA_ALG_XTS:0
|
||||
|
||||
AEAD: CCM
|
||||
depends_on:MBEDTLS_CCM_C
|
||||
aead_algorithm:PSA_ALG_CCM:0:16
|
||||
|
||||
AEAD: GCM
|
||||
depends_on:MBEDTLS_GCM_C
|
||||
aead_algorithm:PSA_ALG_GCM:0:16
|
||||
|
||||
Asymmetric signature: RSA PKCS#1 v1.5 raw
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN
|
||||
|
||||
Asymmetric signature: RSA PKCS#1 v1.5 SHA-256
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
|
||||
asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN
|
||||
|
||||
Asymmetric signature: RSA PSS SHA-256
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
|
||||
asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS
|
||||
|
||||
Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256
|
||||
depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C
|
||||
asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA
|
||||
|
||||
Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
|
||||
depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C:MBEDTLS_DSA_DETERMINISTIC
|
||||
asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC
|
||||
|
||||
Asymmetric signature: randomized ECDSA (no hashing)
|
||||
depends_on:MBEDTLS_ECDSA_C
|
||||
asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
|
||||
|
||||
Asymmetric signature: SHA-256 + randomized ECDSA
|
||||
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
|
||||
asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
|
||||
|
||||
Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
|
||||
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
|
||||
asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC
|
||||
|
||||
Asymmetric encryption: RSA PKCS#1 v1.5
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0
|
||||
|
||||
Asymmetric encryption: RSA OAEP using SHA-256
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
|
||||
asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_OAEP
|
||||
|
||||
Key derivation: HKDF using SHA-256
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
|
||||
|
||||
Key type: raw data
|
||||
key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED
|
||||
|
||||
Key type: HMAC
|
||||
key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED
|
||||
|
||||
Key type: secret for key derivation
|
||||
key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED
|
||||
|
||||
Key type: AES
|
||||
depends_on:MBEDTLS_AES_C
|
||||
key_type:PSA_KEY_TYPE_AES:KEY_TYPE_IS_UNSTRUCTURED
|
||||
|
||||
Key type: DES
|
||||
depends_on:MBEDTLS_DES_C
|
||||
key_type:PSA_KEY_TYPE_DES:KEY_TYPE_IS_UNSTRUCTURED
|
||||
|
||||
Key type: Camellia
|
||||
depends_on:MBEDTLS_CAMELLIA_C
|
||||
key_type:PSA_KEY_TYPE_CAMELLIA:KEY_TYPE_IS_UNSTRUCTURED
|
||||
|
||||
Key type: ARC4
|
||||
depends_on:MBEDTLS_ARC4_C
|
||||
key_type:PSA_KEY_TYPE_ARC4:KEY_TYPE_IS_UNSTRUCTURED
|
||||
|
||||
Key type: RSA public key
|
||||
depends_on:MBEDTLS_RSA_C
|
||||
key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA
|
||||
|
||||
Key type: RSA key pair
|
||||
depends_on:MBEDTLS_RSA_C
|
||||
key_type:PSA_KEY_TYPE_RSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_RSA
|
||||
|
||||
Key type: DSA public key
|
||||
depends_on:MBEDTLS_DSA_C
|
||||
key_type:PSA_KEY_TYPE_DSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_DSA
|
||||
|
||||
Key type: DSA key pair
|
||||
depends_on:MBEDTLS_DSA_C
|
||||
key_type:PSA_KEY_TYPE_DSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_DSA
|
||||
|
||||
ECC key types: sect163k1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT163K1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT163K1:163
|
||||
|
||||
ECC key types: sect163r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT163R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT163R1:163
|
||||
|
||||
ECC key types: sect163r2
|
||||
depends_on:MBEDTLS_ECP_DP_SECT163R2_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT163R2:163
|
||||
|
||||
ECC key types: sect193r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT193R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT193R1:193
|
||||
|
||||
ECC key types: sect193r2
|
||||
depends_on:MBEDTLS_ECP_DP_SECT193R2_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT193R2:193
|
||||
|
||||
ECC key types: sect233k1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT233K1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT233K1:233
|
||||
|
||||
ECC key types: sect233r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT233R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT233R1:233
|
||||
|
||||
ECC key types: sect239k1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT239K1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT239K1:239
|
||||
|
||||
ECC key types: sect283k1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT283K1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT283K1:283
|
||||
|
||||
ECC key types: sect283r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT283R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT283R1:283
|
||||
|
||||
ECC key types: sect409k1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT409K1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT409K1:409
|
||||
|
||||
ECC key types: sect409r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT409R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT409R1:409
|
||||
|
||||
ECC key types: sect571k1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT571K1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT571K1:571
|
||||
|
||||
ECC key types: sect571r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECT571R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECT571R1:571
|
||||
|
||||
ECC key types: secp160k1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP160K1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECP160K1:160
|
||||
|
||||
ECC key types: secp160r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP160R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECP160R1:160
|
||||
|
||||
ECC key types: secp160r2
|
||||
depends_on:MBEDTLS_ECP_DP_SECP160R2_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECP160R2:160
|
||||
|
||||
ECC key types: secp192k1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECP192K1:192
|
||||
|
||||
ECC key types: secp192r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECP192R1:192
|
||||
|
||||
ECC key types: secp224k1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECP224K1:224
|
||||
|
||||
ECC key types: secp224r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECP224R1:224
|
||||
|
||||
ECC key types: secp256k1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECP256K1:256
|
||||
|
||||
ECC key types: secp256r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECP256R1:256
|
||||
|
||||
ECC key types: secp384r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECP384R1:384
|
||||
|
||||
ECC key types: secp521r1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_SECP521R1:521
|
||||
|
||||
ECC key types: Brainpool P256R1
|
||||
depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1:256
|
||||
|
||||
ECC key types: Brainpool P384R1
|
||||
depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1:384
|
||||
|
||||
ECC key types: Brainpool P512R1
|
||||
depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1:512
|
||||
|
||||
ECC key types: Curve25519
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_CURVE25519:255
|
||||
|
||||
ECC key types: Curve448
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
|
||||
ecc_key_types:PSA_ECC_CURVE_CURVE448:448
|
356
tests/suites/test_suite_psa_crypto_metadata.function
Normal file
356
tests/suites/test_suite_psa_crypto_metadata.function
Normal file
|
@ -0,0 +1,356 @@
|
|||
/* BEGIN_HEADER */
|
||||
/* Test macros that provide metadata about algorithms and key types.
|
||||
* This test suite only contains tests that don't require executing
|
||||
* code. Other test suites validate macros that require creating a key
|
||||
* and using it. */
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_SPM)
|
||||
#include "spm/psa_defs.h"
|
||||
#endif
|
||||
|
||||
#include "psa/crypto.h"
|
||||
|
||||
/* Flags for algorithm classification macros. There is a flag for every
|
||||
* algorithm classification macro PSA_ALG_IS_xxx except for the
|
||||
* category test macros, which are hard-coded in each
|
||||
* category-specific function. The name of the flag is the name of the
|
||||
* classification macro without the PSA_ prefix. */
|
||||
#define ALG_IS_VENDOR_DEFINED ( 1u << 0 )
|
||||
#define ALG_IS_HMAC ( 1u << 1 )
|
||||
#define ALG_IS_BLOCK_CIPHER_MAC ( 1u << 2 )
|
||||
#define ALG_IS_STREAM_CIPHER ( 1u << 3 )
|
||||
#define ALG_IS_RSA_PKCS1V15_SIGN ( 1u << 4 )
|
||||
#define ALG_IS_RSA_PSS ( 1u << 5 )
|
||||
#define ALG_IS_DSA ( 1u << 6 )
|
||||
#define ALG_DSA_IS_DETERMINISTIC ( 1u << 7 )
|
||||
#define ALG_IS_DETERMINISTIC_DSA ( 1u << 8 )
|
||||
#define ALG_IS_RANDOMIZED_DSA ( 1u << 9 )
|
||||
#define ALG_IS_ECDSA ( 1u << 10 )
|
||||
#define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 11 )
|
||||
#define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 12 )
|
||||
#define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 )
|
||||
#define ALG_IS_RSA_OAEP ( 1u << 14 )
|
||||
#define ALG_IS_HKDF ( 1u << 15 )
|
||||
|
||||
/* Flags for key type classification macros. There is a flag for every
|
||||
* key type classification macro PSA_KEY_TYPE_IS_xxx except for some that
|
||||
* are tested as derived from other macros. The name of the flag is
|
||||
* the name of the classification macro without the PSA_ prefix. */
|
||||
#define KEY_TYPE_IS_VENDOR_DEFINED ( 1u << 0 )
|
||||
#define KEY_TYPE_IS_UNSTRUCTURED ( 1u << 1 )
|
||||
#define KEY_TYPE_IS_PUBLIC_KEY ( 1u << 2 )
|
||||
#define KEY_TYPE_IS_KEYPAIR ( 1u << 3 )
|
||||
#define KEY_TYPE_IS_RSA ( 1u << 4 )
|
||||
#define KEY_TYPE_IS_DSA ( 1u << 5 )
|
||||
#define KEY_TYPE_IS_ECC ( 1u << 6 )
|
||||
|
||||
#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \
|
||||
TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) )
|
||||
|
||||
void algorithm_classification( psa_algorithm_t alg, unsigned flags )
|
||||
{
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_VENDOR_DEFINED, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_HMAC, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_BLOCK_CIPHER_MAC, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_STREAM_CIPHER, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PKCS1V15_SIGN, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PSS, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_DSA, alg, flags );
|
||||
if ( PSA_ALG_IS_DSA( alg ) )
|
||||
TEST_CLASSIFICATION_MACRO( ALG_DSA_IS_DETERMINISTIC, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_DSA, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_DSA, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_ECDSA, alg, flags );
|
||||
if ( PSA_ALG_IS_ECDSA( alg ) )
|
||||
TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags );
|
||||
TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags );
|
||||
exit: ;
|
||||
}
|
||||
|
||||
void key_type_classification( psa_key_type_t type, unsigned flags )
|
||||
{
|
||||
/* Macros tested based on the test case parameter */
|
||||
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_VENDOR_DEFINED, type, flags );
|
||||
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_UNSTRUCTURED, type, flags );
|
||||
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_PUBLIC_KEY, type, flags );
|
||||
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_KEYPAIR, type, flags );
|
||||
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_RSA, type, flags );
|
||||
TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_ECC, type, flags );
|
||||
|
||||
/* Macros with derived semantics */
|
||||
TEST_ASSERT( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ==
|
||||
( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ||
|
||||
PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
|
||||
TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ==
|
||||
( PSA_KEY_TYPE_IS_ECC( type ) &&
|
||||
PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
|
||||
TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ==
|
||||
( PSA_KEY_TYPE_IS_ECC( type ) &&
|
||||
PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) );
|
||||
|
||||
exit: ;
|
||||
}
|
||||
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
* depends_on:MBEDTLS_PSA_CRYPTO_C
|
||||
* END_DEPENDENCIES
|
||||
*/
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void hash_algorithm( int alg_arg, int length_arg )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
size_t length = length_arg;
|
||||
psa_algorithm_t hmac_alg = PSA_ALG_HMAC( alg );
|
||||
psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN( alg );
|
||||
psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS( alg );
|
||||
psa_algorithm_t dsa_alg = PSA_ALG_DSA( alg );
|
||||
psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA( alg );
|
||||
psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA( alg );
|
||||
psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA( alg );
|
||||
psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP( alg );
|
||||
psa_algorithm_t hkdf_alg = PSA_ALG_HKDF( alg );
|
||||
|
||||
/* Algorithm classification */
|
||||
TEST_ASSERT( PSA_ALG_IS_HASH( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
algorithm_classification( alg, 0 );
|
||||
|
||||
/* Dependent algorithms */
|
||||
TEST_ASSERT( PSA_ALG_HMAC_GET_HASH( hmac_alg ) == alg );
|
||||
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ) == alg );
|
||||
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ) == alg );
|
||||
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( dsa_alg ) == alg );
|
||||
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ) == alg );
|
||||
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ) == alg );
|
||||
TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ) == alg );
|
||||
TEST_ASSERT( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ) == alg );
|
||||
TEST_ASSERT( PSA_ALG_HKDF_GET_HASH( hkdf_alg ) == alg );
|
||||
|
||||
/* Hash length */
|
||||
TEST_ASSERT( length == PSA_HASH_SIZE( alg ) );
|
||||
TEST_ASSERT( length <= PSA_HASH_MAX_SIZE );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mac_algorithm( int alg_arg, int classification_flags,
|
||||
int length_arg,
|
||||
int key_type_arg, int key_bits_arg )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
size_t length = length_arg;
|
||||
size_t key_type = key_type_arg;
|
||||
size_t key_bits = key_bits_arg;
|
||||
|
||||
/* Algorithm classification */
|
||||
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
|
||||
TEST_ASSERT( PSA_ALG_IS_MAC( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
|
||||
/* Length */
|
||||
TEST_ASSERT( length == PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
|
||||
TEST_ASSERT( length <= PSA_MAC_MAX_SIZE );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void hmac_algorithm( int alg_arg,
|
||||
int length_arg,
|
||||
int block_size_arg )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
|
||||
size_t block_size = block_size_arg;
|
||||
|
||||
TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) );
|
||||
TEST_ASSERT( PSA_ALG_HMAC( hash_alg ) == alg );
|
||||
|
||||
TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE );
|
||||
|
||||
test_mac_algorithm( alg_arg, ALG_IS_HMAC, length_arg,
|
||||
PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length_arg ) );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void cipher_algorithm( int alg_arg, int classification_flags )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
|
||||
/* Algorithm classification */
|
||||
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
|
||||
TEST_ASSERT( PSA_ALG_IS_CIPHER( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void aead_algorithm( int alg_arg, int classification_flags,
|
||||
int tag_length_arg )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
size_t tag_length = tag_length_arg;
|
||||
|
||||
/* Algorithm classification */
|
||||
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
|
||||
TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
|
||||
/* Tag length */
|
||||
TEST_ASSERT( tag_length == PSA_AEAD_TAG_SIZE( alg ) );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void asymmetric_signature_algorithm( int alg_arg, int classification_flags )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
|
||||
/* Algorithm classification */
|
||||
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
|
||||
TEST_ASSERT( PSA_ALG_IS_SIGN( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void asymmetric_encryption_algorithm( int alg_arg, int classification_flags )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
|
||||
/* Algorithm classification */
|
||||
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
|
||||
TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void key_agreement_algorithm( int alg_arg, int classification_flags )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
|
||||
/* Algorithm classification */
|
||||
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void key_derivation_algorithm( int alg_arg, int classification_flags )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
|
||||
/* Algorithm classification */
|
||||
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void key_type( int type_arg, int classification_flags )
|
||||
{
|
||||
psa_key_type_t type = type_arg;
|
||||
|
||||
key_type_classification( type, classification_flags );
|
||||
|
||||
/* For asymmetric types, check the corresponding pair/public type */
|
||||
if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY )
|
||||
{
|
||||
psa_key_type_t pair_type = PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type );
|
||||
TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( pair_type ) == type );
|
||||
key_type_classification( pair_type,
|
||||
( classification_flags
|
||||
& ~KEY_TYPE_IS_PUBLIC_KEY )
|
||||
| KEY_TYPE_IS_KEYPAIR );
|
||||
TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ) == type );
|
||||
}
|
||||
if( classification_flags & KEY_TYPE_IS_KEYPAIR )
|
||||
{
|
||||
psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
|
||||
TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( public_type ) == type );
|
||||
key_type_classification( public_type,
|
||||
( classification_flags
|
||||
& ~KEY_TYPE_IS_KEYPAIR )
|
||||
| KEY_TYPE_IS_PUBLIC_KEY );
|
||||
TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ) == type );
|
||||
}
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void ecc_key_types( int curve_arg, int curve_bits_arg )
|
||||
{
|
||||
psa_ecc_curve_t curve = curve_arg;
|
||||
size_t curve_bits = curve_bits_arg;
|
||||
psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
|
||||
psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEYPAIR( curve );
|
||||
|
||||
test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY );
|
||||
test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEYPAIR );
|
||||
|
||||
TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( public_type ) == curve );
|
||||
TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( pair_type ) == curve );
|
||||
|
||||
/* Validate that the bit size is less than the maximum ECC bit size
|
||||
* in this implementation. There's no parameter that should be equal
|
||||
* to curve_bits and can be validated without creating a key. */
|
||||
TEST_ASSERT( curve_bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS );
|
||||
}
|
||||
/* END_CASE */
|
Loading…
Reference in a new issue