From 539cda57df9a7f36b03b46075016a6ce91166760 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 10 Dec 2018 17:31:59 +0100
Subject: [PATCH] Add tests with invalid key identifiers

Test that 0 and PSA_CRYPTO_ITS_RANDOM_SEED_UID are not accepted as key
identifiers.
---
 .../test_suite_psa_crypto_slot_management.data   | 16 ++++++++++++++++
 ...est_suite_psa_crypto_slot_management.function |  8 ++++++--
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
index 39e05abf8..46dbea2c0 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -37,6 +37,14 @@ Attempt to overwrite: keep open, different type
 depends_on:MBEDTLS_AES_C
 create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:KEEP_OPEN
 
+Open failure: invalid identifier (0)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT
+
+Open failure: invalid identifier (random seed UID)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT
+
 Open failure: non-existent identifier
 depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT
@@ -57,6 +65,14 @@ Create failure: invalid lifetime
 depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
 
+Create failure: invalid key id (0)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid key id (random seed UID)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
+
 Open not supported
 depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
 open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 754aae08d..fdcb5a949 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -31,10 +31,14 @@ typedef enum
 
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
 /* There is no API to purge all keys. For this test suite, require that
- * all key IDs be less than a certain maximum. */
+ * all key IDs be less than a certain maximum, or a well-known value
+ * which corresponds to a file that does not contain a key. */
 #define MAX_KEY_ID_FOR_TEST 32
+#define KEY_ID_IS_WELL_KNOWN( key_id )                  \
+    ( ( key_id ) == PSA_CRYPTO_ITS_RANDOM_SEED_UID )
 #define TEST_MAX_KEY_ID( key_id )                       \
-    TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST )
+    TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST ||   \
+                 KEY_ID_IS_WELL_KNOWN( key_id ) )
 void psa_purge_key_storage( void )
 {
     psa_key_id_t i;