mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-03-22 12:15:15 +00:00
Merge branch 'development_2.x' into development_2.x-restricted
* development_2.x: Reword changelog - Test Resource Leak Fix fd range for select on Windows Refactor file descriptor checks into a common function Update changelog formatting - Missing Free Context Update changelog formatting Missing Free Context Update changelog formatting - Missing Free Context Changelog entry for Free Context in test_suite_aes fix Free context in at the end of aes_crypt_xts_size() Fix copypasta in test data Use UNUSED wherever applicable in derive_input tests Fix missing state check for tls12_prf output Key derivation: add test cases where the secret is missing Add bad-workflow key derivation tests More explicit names for some bad-workflow key derivation tests
This commit is contained in:
Manuel Pégourié-Gonnard
commit
82a5a9dcdd
3
ChangeLog.d/issue4176.txt
Normal file
3
ChangeLog.d/issue4176.txt
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
Bugfix
|
||||
* Fix a resource leak in a test suite with an alternative AES
|
||||
implementation. Fixes #4176.
|
||||
3
ChangeLog.d/psa_key_derivation-bad_workflow.txt
Normal file
3
ChangeLog.d/psa_key_derivation-bad_workflow.txt
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
Bugfix
|
||||
* Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive
|
||||
about missing inputs.
|
||||
4
ChangeLog.d/winsock.txt
Normal file
4
ChangeLog.d/winsock.txt
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
Bugfix
|
||||
* Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with
|
||||
MBEDTLS_ERR_NET_POLL_FAILED on Windows. Fixes #4465.
|
||||
|
||||
|
|
@ -135,6 +135,31 @@ static int net_prepare( void )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Return 0 if the file descriptor is valid, an error otherwise.
|
||||
* If for_select != 0, check whether the file descriptor is within the range
|
||||
* allowed for fd_set used for the FD_xxx macros and the select() function.
|
||||
*/
|
||||
static int check_fd( int fd, int for_select )
|
||||
{
|
||||
if( fd < 0 )
|
||||
return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
|
||||
|
||||
#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
|
||||
!defined(EFI32)
|
||||
(void) for_select;
|
||||
#else
|
||||
/* A limitation of select() is that it only works with file descriptors
|
||||
* that are strictly less than FD_SETSIZE. This is a limitation of the
|
||||
* fd_set type. Error out early, because attempting to call FD_SET on a
|
||||
* large file descriptor is a buffer overflow on typical platforms. */
|
||||
if( for_select && fd >= FD_SETSIZE )
|
||||
return( MBEDTLS_ERR_NET_POLL_FAILED );
|
||||
#endif
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialize a context
|
||||
*/
|
||||
|
|
@ -466,15 +491,9 @@ int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout )
|
|||
|
||||
int fd = ctx->fd;
|
||||
|
||||
if( fd < 0 )
|
||||
return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
|
||||
|
||||
/* A limitation of select() is that it only works with file descriptors
|
||||
* that are strictly less than FD_SETSIZE. This is a limitation of the
|
||||
* fd_set type. Error out early, because attempting to call FD_SET on a
|
||||
* large file descriptor is a buffer overflow on typical platforms. */
|
||||
if( fd >= FD_SETSIZE )
|
||||
return( MBEDTLS_ERR_NET_POLL_FAILED );
|
||||
ret = check_fd( fd, 1 );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
#if defined(__has_feature)
|
||||
#if __has_feature(memory_sanitizer)
|
||||
|
|
@ -553,8 +572,9 @@ int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len )
|
|||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
int fd = ((mbedtls_net_context *) ctx)->fd;
|
||||
|
||||
if( fd < 0 )
|
||||
return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
|
||||
ret = check_fd( fd, 0 );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
ret = (int) read( fd, buf, len );
|
||||
|
||||
|
|
@ -592,15 +612,9 @@ int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf,
|
|||
fd_set read_fds;
|
||||
int fd = ((mbedtls_net_context *) ctx)->fd;
|
||||
|
||||
if( fd < 0 )
|
||||
return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
|
||||
|
||||
/* A limitation of select() is that it only works with file descriptors
|
||||
* that are strictly less than FD_SETSIZE. This is a limitation of the
|
||||
* fd_set type. Error out early, because attempting to call FD_SET on a
|
||||
* large file descriptor is a buffer overflow on typical platforms. */
|
||||
if( fd >= FD_SETSIZE )
|
||||
return( MBEDTLS_ERR_NET_POLL_FAILED );
|
||||
ret = check_fd( fd, 1 );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
FD_ZERO( &read_fds );
|
||||
FD_SET( fd, &read_fds );
|
||||
|
|
@ -640,8 +654,9 @@ int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len )
|
|||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
int fd = ((mbedtls_net_context *) ctx)->fd;
|
||||
|
||||
if( fd < 0 )
|
||||
return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
|
||||
ret = check_fd( fd, 0 );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
ret = (int) write( fd, buf, len );
|
||||
|
||||
|
|
|
|||
|
|
@ -3785,6 +3785,17 @@ static psa_status_t psa_key_derivation_tls12_prf_read(
|
|||
psa_status_t status;
|
||||
uint8_t offset, length;
|
||||
|
||||
switch( tls12_prf->state )
|
||||
{
|
||||
case PSA_TLS12_PRF_STATE_LABEL_SET:
|
||||
tls12_prf->state = PSA_TLS12_PRF_STATE_OUTPUT;
|
||||
break;
|
||||
case PSA_TLS12_PRF_STATE_OUTPUT:
|
||||
break;
|
||||
default:
|
||||
return( PSA_ERROR_BAD_STATE );
|
||||
}
|
||||
|
||||
while( output_length != 0 )
|
||||
{
|
||||
/* Check if we have fully processed the current block. */
|
||||
|
|
|
|||
|
|
@ -210,6 +210,8 @@ void aes_crypt_xts_size( int size, int retval )
|
|||
/* Valid pointers are passed for builds with MBEDTLS_CHECK_PARAMS, as
|
||||
* otherwise we wouldn't get to the size check we're interested in. */
|
||||
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval );
|
||||
exit:
|
||||
mbedtls_aes_xts_free( &ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
|
|
|||
|
|
@ -2777,6 +2777,22 @@ PSA key derivation: HKDF-SHA-256, good case, direct output
|
|||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, good case, omitted salt
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, good case, info first
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, good case, info after salt
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, good case, omitted salt, info first
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_SUCCESS
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, good case, key output
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
|
||||
|
|
@ -2811,6 +2827,10 @@ PSA key derivation: HKDF-SHA-256, direct empty secret, key output
|
|||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, missing secret, key output
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
|
||||
|
|
@ -2833,14 +2853,94 @@ PSA key derivation: HKDF-SHA-256, DERIVE key as info
|
|||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, salt after secret
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, missing secret
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, missing info
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, duplicate salt step
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, duplicate secret step (direct, direct)
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, duplicate secret step (direct, key)
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, duplicate secret step (key, direct)
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0a0a0a0a":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, duplicate secret step (key, key)
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0a0a0a0a":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, duplicate info step (non-consecutive)
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, duplicate info step (consecutive)
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, reject label step
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: HKDF-SHA-256, reject seed step
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: TLS 1.2 PRF SHA-256, good case
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
|
||||
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
|
||||
|
||||
PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, good case
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
|
||||
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
|
||||
|
||||
PSA key derivation: TLS 1.2 PRF SHA-256, missing label
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
|
||||
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
|
||||
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: TLS 1.2 PRF SHA-256, missing label and secret
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
|
||||
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label and secret
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
|
||||
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: TLS 1.2 PRF SHA-256, no inputs
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
|
||||
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, no inputs
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
|
||||
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: TLS 1.2 PRF SHA-256, key first
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
|
||||
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, key first
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
|
||||
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: TLS 1.2 PRF SHA-256, label first
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
|
||||
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
|
@ -2893,20 +2993,36 @@ PSA key derivation: ECDH on P256 with HKDF-SHA256, raw output
|
|||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
|
||||
|
||||
PSA key derivation: ECDH on P256 with HKDF-SHA256, omitted salt
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
|
||||
|
||||
PSA key derivation: ECDH on P256 with HKDF-SHA256, info first
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
|
||||
|
||||
PSA key derivation: ECDH on P256 with HKDF-SHA256, key output
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_SUCCESS
|
||||
|
||||
PSA key derivation: HKDF invalid state (double generate + read past capacity)
|
||||
PSA key derivation: ECDH on P256 with HKDF-SHA256, salt after secret
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation: ECDH on P256 with HKDF-SHA256, missing info
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
|
||||
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
|
||||
|
||||
PSA key derivation over capacity: HKDF
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
test_derive_invalid_key_derivation_state:PSA_ALG_HKDF(PSA_ALG_SHA_256)
|
||||
derive_over_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256)
|
||||
|
||||
PSA key derivation: TLS 1.2 PRF invalid state (double generate + read past capacity)
|
||||
PSA key derivation over capacity: TLS 1.2 PRF
|
||||
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
|
||||
test_derive_invalid_key_derivation_state:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
|
||||
derive_over_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
|
||||
|
||||
PSA key derivation: invalid state (call read/get_capacity after init and abort)
|
||||
test_derive_invalid_key_derivation_tests:
|
||||
PSA key derivation: actions without setup
|
||||
derive_actions_without_setup:
|
||||
|
||||
PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
|
||||
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
|
||||
|
|
|
|||
|
|
@ -16,6 +16,9 @@
|
|||
#include "test/psa_crypto_helpers.h"
|
||||
#include "test/psa_exercise_key.h"
|
||||
|
||||
/* If this comes up, it's a bug in the test code or in the test data. */
|
||||
#define UNUSED 0xdeadbeef
|
||||
|
||||
/** An invalid export length that will never be set by psa_export_key(). */
|
||||
static const size_t INVALID_EXPORT_LENGTH = ~0U;
|
||||
|
||||
|
|
@ -4128,7 +4131,12 @@ void derive_input( int alg_arg,
|
|||
|
||||
for( i = 0; i < ARRAY_LENGTH( steps ); i++ )
|
||||
{
|
||||
if( key_types[i] != PSA_KEY_TYPE_NONE )
|
||||
mbedtls_test_set_step( i );
|
||||
if( steps[i] == 0 )
|
||||
{
|
||||
/* Skip this step */
|
||||
}
|
||||
else if( key_types[i] != PSA_KEY_TYPE_NONE )
|
||||
{
|
||||
psa_set_key_type( &attributes, key_types[i] );
|
||||
PSA_ASSERT( psa_import_key( &attributes,
|
||||
|
|
@ -4187,7 +4195,7 @@ exit:
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void test_derive_invalid_key_derivation_state( int alg_arg )
|
||||
void derive_over_capacity( int alg_arg )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
|
|
@ -4238,7 +4246,7 @@ exit:
|
|||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void test_derive_invalid_key_derivation_tests( )
|
||||
void derive_actions_without_setup( )
|
||||
{
|
||||
uint8_t output_buffer[16];
|
||||
size_t buffer_size = 16;
|
||||
|
|
|
|||
Loading…
Reference in a new issue