Merge pull request #175 from ARMmbed/coverage_tests

add tests that increase key slot management code coverage slightly
2025-11-04 14:45:08 +00:00 · 2018-11-07 16:59:17 +00:00 · 2018-11-07 16:59:17 +00:00 · 30b90cb406
parent 0d1caacf55 ce50007f90
commit 30b90cb406
2 changed files with 241 additions and 0 deletions
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@ -31,6 +31,53 @@ PSA import/export AES-256
 depends_on:MBEDTLS_AES_C
 import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1

+PSA import to non empty key slot
+depends_on:MBEDTLS_AES_C
+import_key_nonempty_slot
+
+PSA export empty key slot
+export_invalid_slot:1:PSA_ERROR_EMPTY_SLOT
+
+PSA export out of range key slot - lower bound
+export_invalid_slot:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA export out of range key slot - upper bound
+export_invalid_slot:(psa_key_slot_t)(-1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA export a slot where there was some activity but no key material creation
+export_with_no_key_activity
+
+PSA setup cipher where there was some activity on key but no key material creation
+cipher_with_no_key_activity
+
+PSA export a slot after a failed import of a AES key
+depends_on:MBEDTLS_AES_C
+export_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
+
+PSA export a slot after a failed import of a RSA key
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_PARSE_C
+export_after_import_failure:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA export a slot after a failed import of an EC keypair: public key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+export_after_import_failure:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA setup cipher after a failed import of a AES key
+depends_on:MBEDTLS_AES_C
+cipher_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
+
+PSA export RSA public key from a slot where there was an import followed by destroy.
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+export_after_destroy_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY
+
+PSA export AES key from a slot where there was an import followed by destroy.
+depends_on:MBEDTLS_AES_C
+export_after_destroy_key:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES
+
+PSA export EC key from a slot where there was an import followed by destroy.
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+export_after_destroy_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1)
+
 PSA import AES: bad key size
 depends_on:MBEDTLS_AES_C
 import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@ -1003,6 +1003,200 @@ exit:
 }
 /* END_CASE */

+/* BEGIN_CASE */
+void import_key_nonempty_slot( )
+{
+    int slot = 1;
+    psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA;
+    psa_status_t status;
+    const uint8_t data[] = { 0x1, 0x2, 0x3, 0x4, 0x5 };
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* Import the key */
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data, sizeof( data ) ) == PSA_SUCCESS );
+
+    /* Import the key again */
+    status = psa_import_key( slot, type, data, sizeof( data ) );
+    TEST_ASSERT( status == PSA_ERROR_OCCUPIED_SLOT );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_invalid_slot( int slot, int expected_export_status_arg )
+{
+    psa_status_t status;
+    unsigned char *exported = NULL;
+    size_t export_size = 0;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
+    psa_status_t expected_export_status = expected_export_status_arg;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* Export the key */
+    status = psa_export_key( slot,
+                             exported, export_size,
+                             &exported_length );
+    TEST_ASSERT( status == expected_export_status );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_with_no_key_activity( )
+{
+    int slot = 1;
+    psa_algorithm_t alg = PSA_ALG_CTR;
+    psa_status_t status;
+    psa_key_policy_t policy;
+    unsigned char *exported = NULL;
+    size_t export_size = 0;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    /* Export the key */
+    status = psa_export_key( slot,
+                             exported, export_size,
+                             &exported_length );
+    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_with_no_key_activity( )
+{
+    int slot = 1;
+    psa_status_t status;
+    psa_key_policy_t policy;
+    psa_cipher_operation_t operation;
+    int exercise_alg = PSA_ALG_CTR;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    status = psa_cipher_encrypt_setup( &operation, slot, exercise_alg );
+    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    psa_cipher_abort( &operation );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_after_import_failure( data_t *data, int type_arg,
+                                  int expected_import_status_arg )
+{
+    int slot = 1;
+    psa_key_type_t type = type_arg;
+    psa_status_t status;
+    unsigned char *exported = NULL;
+    size_t export_size = 0;
+    psa_status_t expected_import_status = expected_import_status_arg;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* Import the key - expect failure */
+    status = psa_import_key( slot, type,
+                                 data->x, data->len );
+    TEST_ASSERT( status == expected_import_status );
+
+    /* Export the key */
+    status = psa_export_key( slot,
+                             exported, export_size,
+                             &exported_length );
+    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_after_import_failure( data_t *data, int type_arg,
+                                  int expected_import_status_arg )
+{
+    int slot = 1;
+    psa_cipher_operation_t operation;
+    psa_key_type_t type = type_arg;
+    psa_status_t status;
+    psa_status_t expected_import_status = expected_import_status_arg;
+    int exercise_alg = PSA_ALG_CTR;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* Import the key - expect failure */
+    status = psa_import_key( slot, type,
+                                 data->x, data->len );
+    TEST_ASSERT( status == expected_import_status );
+
+    status = psa_cipher_encrypt_setup( &operation, slot, exercise_alg );
+    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    psa_cipher_abort( &operation );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_after_destroy_key( data_t *data, int type_arg )
+{
+    int slot = 1;
+    psa_key_type_t type = type_arg;
+    psa_status_t status;
+    psa_key_policy_t policy;
+    psa_algorithm_t alg = PSA_ALG_CTR;
+    unsigned char *exported = NULL;
+    size_t export_size = 0;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    export_size = (ptrdiff_t) data->len;
+    ASSERT_ALLOC( exported, export_size );
+
+    /* Import the key */
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data->x, data->len ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_export_key( slot, exported, export_size,
+                                 &exported_length ) == PSA_SUCCESS );
+
+    /* Destroy the key */
+    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+
+    /* Export the key */
+    status = psa_export_key( slot, exported, export_size,
+                             &exported_length );
+    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    mbedtls_free( exported );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void import_export_public_key( data_t *data,
                               int type_arg,