Add tests for mac_sign

This commit is contained in:
Gilles Peskine 2018-08-14 15:17:54 +02:00
parent f18c146d6b
commit a7aa442c7c
2 changed files with 80 additions and 5 deletions

View file

@ -354,18 +354,34 @@ depends_on:MBEDTLS_CMAC_C
# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-224
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-256
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7" mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-384
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6" mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-512
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"

View file

@ -22,20 +22,23 @@
/** An invalid export length that will never be set by psa_export_key(). */ /** An invalid export length that will never be set by psa_export_key(). */
static const size_t INVALID_EXPORT_LENGTH = ~0U; static const size_t INVALID_EXPORT_LENGTH = ~0U;
/** Test if a buffer is all-bits zero. /** Test if a buffer contains a constant byte value.
*
* `mem_is_char(buffer, c, size)` is true after `memset(buffer, c, size)`.
* *
* \param buffer Pointer to the beginning of the buffer. * \param buffer Pointer to the beginning of the buffer.
* \param c Expected value of every byte.
* \param size Size of the buffer in bytes. * \param size Size of the buffer in bytes.
* *
* \return 1 if the buffer is all-bits-zero. * \return 1 if the buffer is all-bits-zero.
* \return 0 if there is at least one nonzero byte. * \return 0 if there is at least one nonzero byte.
*/ */
static int mem_is_zero( void *buffer, size_t size ) static int mem_is_char( void *buffer, unsigned char c, size_t size )
{ {
size_t i; size_t i;
for( i = 0; i < size; i++ ) for( i = 0; i < size; i++ )
{ {
if( ( (unsigned char *) buffer )[i] != 0 ) if( ( (unsigned char *) buffer )[i] != c )
return( 0 ); return( 0 );
} }
return( 1 ); return( 1 );
@ -978,7 +981,7 @@ void import_export( data_t *data,
TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 ); TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 );
TEST_ASSERT( exported_length <= export_size ); TEST_ASSERT( exported_length <= export_size );
TEST_ASSERT( mem_is_zero( exported + exported_length, TEST_ASSERT( mem_is_char( exported + exported_length, 0,
export_size - exported_length ) ); export_size - exported_length ) );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
{ {
@ -1067,7 +1070,7 @@ void import_export_public_key( data_t *data,
&exported_length ); &exported_length );
TEST_ASSERT( status == expected_export_status ); TEST_ASSERT( status == expected_export_status );
TEST_ASSERT( exported_length == (size_t) public_key_expected_length ); TEST_ASSERT( exported_length == (size_t) public_key_expected_length );
TEST_ASSERT( mem_is_zero( exported + exported_length, TEST_ASSERT( mem_is_char( exported + exported_length, 0,
export_size - exported_length ) ); export_size - exported_length ) );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto destroy; goto destroy;
@ -1647,6 +1650,62 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE */
void mac_sign( int key_type_arg,
data_t *key,
int alg_arg,
data_t *input,
data_t *expected_mac )
{
int key_slot = 1;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
psa_mac_operation_t operation;
psa_key_policy_t policy;
/* Leave a little extra room in the output buffer. At the end of the
* test, we'll check that the implementation didn't overwrite onto
* this extra room. */
uint8_t actual_mac[PSA_MAC_MAX_SIZE + 10];
size_t mac_buffer_size =
PSA_MAC_FINAL_SIZE( key_type, PSA_BYTES_TO_BITS( key->len ), alg );
size_t mac_length = 0;
memset( actual_mac, '+', sizeof( actual_mac ) );
TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE );
TEST_ASSERT( expected_mac->len <= mac_buffer_size );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
psa_key_policy_init( &policy );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
TEST_ASSERT( psa_import_key( key_slot, key_type,
key->x, key->len ) == PSA_SUCCESS );
/* Calculate the MAC. */
TEST_ASSERT( psa_mac_sign_setup( &operation,
key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_mac_update( &operation,
input->x, input->len ) == PSA_SUCCESS );
TEST_ASSERT( psa_mac_sign_finish( &operation,
actual_mac, mac_buffer_size,
&mac_length ) == PSA_SUCCESS );
/* Compare with the expected value. */
TEST_ASSERT( mac_length == expected_mac->len );
TEST_ASSERT( memcmp( actual_mac, expected_mac->x, mac_length ) == 0 );
/* Verify that the end of the buffer is untouched. */
TEST_ASSERT( mem_is_char( actual_mac + mac_length, '+',
sizeof( actual_mac ) - mac_length ) );
exit:
psa_destroy_key( key_slot );
mbedtls_psa_crypto_free( );
}
/* END_CASE */
/* BEGIN_CASE */ /* BEGIN_CASE */
void mac_verify( int key_type_arg, void mac_verify( int key_type_arg,
data_t *key, data_t *key,