Add Tests for psa crypto entropy incjection

This commit is contained in:
Netanel Gonen 2018-11-19 11:53:55 +02:00 committed by avolinski
parent 2bcd312cda
commit 9468bb241c
3 changed files with 103 additions and 0 deletions

View file

@ -111,6 +111,7 @@ add_test_suite(pkparse)
add_test_suite(pkwrite)
add_test_suite(poly1305)
add_test_suite(psa_crypto)
add_test_suite(psa_crypto_entropy)
add_test_suite(psa_crypto_hash)
add_test_suite(psa_crypto_metadata)
add_test_suite(psa_crypto_persistent_key)

View file

@ -0,0 +1,14 @@
PSA validate entropy injection: good, minimum size
validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_ERROR_NOT_PERMITTED
PSA validate entropy injection: good, max size
validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED
PSA validate entropy injection: bad, too big
validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
PSA validate entropy injection: bad, too small
validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
PSA validate entropy injection: before and after crypto_init
run_entropy_inject_with_crypto_init:

View file

@ -0,0 +1,88 @@
/* BEGIN_HEADER */
#include <stdint.h>
#include "psa/crypto.h"
#include "psa_prot_internal_storage.h"
#include "mbedtls/entropy.h"
#include "mbedtls/entropy_poll.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_HAS_ITS_IO:MBEDTLS_PSA_CRYPTO_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void validate_entropy_seed_injection( int seed_length_a,
int expected_status_a,
int seed_length_b,
int expected_status_b )
{
psa_its_status_t its_status;
psa_status_t status;
uint8_t output[32] = { 0 };
uint8_t zeros[32] = { 0 };
uint8_t *seed = NULL;
int i;
int seed_size;
if( seed_length_a > seed_length_b)
{
seed_size = seed_length_a;
}
else
{
seed_size = seed_length_b;
}
ASSERT_ALLOC( seed, seed_size );
/* fill seed in some data */
for( i = 0; i < seed_size; ++i)
{
seed[i] = i;
}
its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
status = mbedtls_psa_inject_entropy( seed, seed_length_a );
TEST_ASSERT( status == expected_status_a );
status = mbedtls_psa_inject_entropy( seed, seed_length_b );
TEST_ASSERT( status == expected_status_b );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
TEST_ASSERT( psa_generate_random( output, sizeof( output ) ) == PSA_SUCCESS );
TEST_ASSERT( memcmp( output , zeros, sizeof( output ) ) != 0 );
exit:
mbedtls_free( seed );
psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
mbedtls_psa_crypto_free( );
}
/* END_CASE */
/* BEGIN_CASE */
void run_entropy_inject_with_crypto_init( )
{
psa_its_status_t its_status;
psa_status_t status;
int i;
uint8_t seed[MBEDTLS_ENTROPY_MIN_PLATFORM] = {0};
/* fill seed in some data */
for( i = 0; i < MBEDTLS_ENTROPY_MIN_PLATFORM; ++i)
{
seed[i] = i;
}
its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
TEST_ASSERT( status == PSA_SUCCESS );
its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
mbedtls_psa_crypto_free( );
/* The seed is written by nv_seed callback functions therefore the injection will fail */
status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
exit:
psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
mbedtls_psa_crypto_free( );
}
/* END_CASE */