Add negative tests for psa_abort in cipher and mac functions

Various functions for PSA cipher and mac operations call abort on failure; test that this is done. The PSA spec does not require this behaviour, but it makes our implementation more robust in case the user does not abort the operation as required by the PSA spec. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2025-03-22 12:15:15 +00:00 · 2021-06-23 12:49:59 +01:00 · 2021-06-23 12:49:59 +01:00 · 34b147d1e6
parent 33b58eeb36
commit 34b147d1e6
1 changed files with 23 additions and 0 deletions
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@ -19,6 +19,11 @@
 /* If this comes up, it's a bug in the test code or in the test data. */
 #define UNUSED 0xdeadbeef

+/* Assert that an operation is (not) active.
+ * This serves as a proxy for checking if the operation is aborted. */
+#define ASSERT_OPERATION_IS_ACTIVE(   operation ) TEST_ASSERT( operation.id != 0 )
+#define ASSERT_OPERATION_IS_INACTIVE( operation ) TEST_ASSERT( operation.id == 0 )
+
 /** An invalid export length that will never be set by psa_export_key(). */
 static const size_t INVALID_EXPORT_LENGTH = ~0U;

@ -1980,19 +1985,25 @@ void mac_bad_order( )
    /* Setup sign but try verify. */
    PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
    PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+    ASSERT_OPERATION_IS_ACTIVE( operation );
    TEST_EQUAL( psa_mac_verify_finish( &operation,
                                       verify_mac, sizeof( verify_mac ) ),
                PSA_ERROR_BAD_STATE );
+    ASSERT_OPERATION_IS_INACTIVE( operation );
    PSA_ASSERT( psa_mac_abort( &operation ) );
+    ASSERT_OPERATION_IS_INACTIVE( operation );

    /* Setup verify but try sign. */
    PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
    PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+    ASSERT_OPERATION_IS_ACTIVE( operation );
    TEST_EQUAL( psa_mac_sign_finish( &operation,
                                     sign_mac, sizeof( sign_mac ),
                                     &sign_mac_length ),
                PSA_ERROR_BAD_STATE );
+    ASSERT_OPERATION_IS_INACTIVE( operation );
    PSA_ASSERT( psa_mac_abort( &operation ) );
+    ASSERT_OPERATION_IS_INACTIVE( operation );

    PSA_ASSERT( psa_destroy_key( key ) );

@ -2316,11 +2327,14 @@ void cipher_bad_order( )
    PSA_ASSERT( psa_cipher_generate_iv( &operation,
                                        buffer, sizeof( buffer ),
                                        &length ) );
+    ASSERT_OPERATION_IS_ACTIVE( operation );
    TEST_EQUAL( psa_cipher_generate_iv( &operation,
                                        buffer, sizeof( buffer ),
                                        &length ),
                PSA_ERROR_BAD_STATE );
+    ASSERT_OPERATION_IS_INACTIVE( operation );
    PSA_ASSERT( psa_cipher_abort( &operation ) );
+    ASSERT_OPERATION_IS_INACTIVE( operation );

    /* Generate an IV after it's already set. */
    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
@ -2342,10 +2356,13 @@ void cipher_bad_order( )
    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
    PSA_ASSERT( psa_cipher_set_iv( &operation,
                                   iv, sizeof( iv ) ) );
+    ASSERT_OPERATION_IS_ACTIVE( operation );
    TEST_EQUAL( psa_cipher_set_iv( &operation,
                                   iv, sizeof( iv ) ),
                PSA_ERROR_BAD_STATE );
+    ASSERT_OPERATION_IS_INACTIVE( operation );
    PSA_ASSERT( psa_cipher_abort( &operation ) );
+    ASSERT_OPERATION_IS_INACTIVE( operation );

    /* Set an IV after it's already generated. */
    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
@ -2367,12 +2384,15 @@ void cipher_bad_order( )

    /* Call update without an IV where an IV is required. */
    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
+    ASSERT_OPERATION_IS_ACTIVE( operation );
    TEST_EQUAL( psa_cipher_update( &operation,
                                   text, sizeof( text ),
                                   buffer, sizeof( buffer ),
                                   &length ),
                PSA_ERROR_BAD_STATE );
+    ASSERT_OPERATION_IS_INACTIVE( operation );
    PSA_ASSERT( psa_cipher_abort( &operation ) );
+    ASSERT_OPERATION_IS_INACTIVE( operation );

    /* Call update after finish. */
    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
@ -2397,10 +2417,13 @@ void cipher_bad_order( )
    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
    /* Not calling update means we are encrypting an empty buffer, which is OK
     * for cipher modes with padding. */
+    ASSERT_OPERATION_IS_ACTIVE( operation );
    TEST_EQUAL( psa_cipher_finish( &operation,
                                   buffer, sizeof( buffer ), &length ),
                PSA_ERROR_BAD_STATE );
+    ASSERT_OPERATION_IS_INACTIVE( operation );
    PSA_ASSERT( psa_cipher_abort( &operation ) );
+    ASSERT_OPERATION_IS_INACTIVE( operation );

    /* Call finish twice in a row. */
    PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );