Simplify and expand invalid-handle tests

Simplify invalid-handle tests and make them test more things. Call
these tests in several test functions after destroying a key.
This commit is contained in:
Gilles Peskine 2019-04-18 22:28:52 +02:00
parent c4344042f4
commit 4cf3a43dbd
2 changed files with 50 additions and 21 deletions

View file

@ -28,14 +28,14 @@ PSA import/export AES-256
depends_on:MBEDTLS_AES_C depends_on:MBEDTLS_AES_C
import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
PSA export invalid handle (0) PSA invalid handle (0)
export_invalid_handle:0:PSA_ERROR_INVALID_HANDLE invalid_handle:0
PSA export invalid handle (smallest plausible handle) PSA invalid handle (smallest plausible handle)
export_invalid_handle:1:PSA_ERROR_INVALID_HANDLE invalid_handle:1
PSA export invalid handle (largest plausible handle) PSA invalid handle (largest plausible handle)
export_invalid_handle:-1:PSA_ERROR_INVALID_HANDLE invalid_handle:-1
PSA import AES: bad key size PSA import AES: bad key size
depends_on:MBEDTLS_AES_C depends_on:MBEDTLS_AES_C

View file

@ -1084,6 +1084,43 @@ static psa_key_usage_t usage_to_exercise( psa_key_type_t type,
} }
static int test_operations_on_invalid_handle( psa_key_handle_t handle )
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t buffer[1];
size_t length;
int ok = 0;
psa_make_key_persistent( &attributes, 0x6964, PSA_KEY_LIFETIME_PERSISTENT );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
psa_set_key_algorithm( &attributes, PSA_ALG_CTR );
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
TEST_EQUAL( psa_get_key_attributes( handle, &attributes ),
PSA_ERROR_INVALID_HANDLE );
TEST_EQUAL( psa_get_key_id( &attributes ), 0 );
TEST_EQUAL( psa_get_key_attributes_lifetime( &attributes ), 0 );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
TEST_EQUAL( psa_export_key( handle,
buffer, sizeof( buffer ), &length ),
PSA_ERROR_INVALID_HANDLE );
TEST_EQUAL( psa_export_public_key( handle,
buffer, sizeof( buffer ), &length ),
PSA_ERROR_INVALID_HANDLE );
TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE );
TEST_EQUAL( psa_destroy_key( handle ), PSA_ERROR_INVALID_HANDLE );
ok = 1;
exit:
psa_reset_key_attributes( &attributes );
return( ok );
}
/* An overapproximation of the amount of storage needed for a key of the /* An overapproximation of the amount of storage needed for a key of the
* given type and with the given content. The API doesn't make it easy * given type and with the given content. The API doesn't make it easy
* to find a good value for the size. The current implementation doesn't * to find a good value for the size. The current implementation doesn't
@ -1178,6 +1215,7 @@ void import( data_t *data, int type_arg, int expected_status_arg )
TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
PSA_ASSERT( psa_destroy_key( handle ) ); PSA_ASSERT( psa_destroy_key( handle ) );
test_operations_on_invalid_handle( handle );
exit: exit:
psa_destroy_key( handle ); psa_destroy_key( handle );
@ -1305,8 +1343,7 @@ void import_export( data_t *data,
destroy: destroy:
/* Destroy the key */ /* Destroy the key */
PSA_ASSERT( psa_destroy_key( handle ) ); PSA_ASSERT( psa_destroy_key( handle ) );
TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ), test_operations_on_invalid_handle( handle );
PSA_ERROR_INVALID_HANDLE );
exit: exit:
mbedtls_free( exported ); mbedtls_free( exported );
@ -1316,21 +1353,10 @@ exit:
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE */ /* BEGIN_CASE */
void export_invalid_handle( int handle, int expected_export_status_arg ) void invalid_handle( int handle )
{ {
psa_status_t status;
unsigned char *exported = NULL;
size_t export_size = 0;
size_t exported_length = INVALID_EXPORT_LENGTH;
psa_status_t expected_export_status = expected_export_status_arg;
PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_crypto_init( ) );
test_operations_on_invalid_handle( handle );
/* Export the key */
status = psa_export_key( (psa_key_handle_t) handle,
exported, export_size,
&exported_length );
TEST_EQUAL( status, expected_export_status );
exit: exit:
mbedtls_psa_crypto_free( ); mbedtls_psa_crypto_free( );
@ -1421,6 +1447,9 @@ void import_and_exercise_key( data_t *data,
if( ! exercise_key( handle, usage, alg ) ) if( ! exercise_key( handle, usage, alg ) )
goto exit; goto exit;
PSA_ASSERT( psa_destroy_key( handle ) );
test_operations_on_invalid_handle( handle );
exit: exit:
psa_destroy_key( handle ); psa_destroy_key( handle );
mbedtls_psa_crypto_free( ); mbedtls_psa_crypto_free( );