Add test for ouput buffer size macros

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm 2021-01-21 12:26:17 +01:00
parent e86bdcaa11
commit ceface2247
No known key found for this signature in database
GPG key ID: 106F5A41ECC305BD
2 changed files with 203 additions and 22 deletions

View file

@ -467,7 +467,7 @@ psa_status_t mbedtls_test_psa_key_agreement_with_self(
private_key_type = psa_get_key_type( &attributes ); private_key_type = psa_get_key_type( &attributes );
key_bits = psa_get_key_bits( &attributes ); key_bits = psa_get_key_bits( &attributes );
public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type ); public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
public_key_length = PSA_EXPORT_KEY_OUTPUT_SIZE( public_key_type, key_bits ); public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_key_type, key_bits );
ASSERT_ALLOC( public_key, public_key_length ); ASSERT_ALLOC( public_key, public_key_length );
PSA_ASSERT( psa_export_public_key( key, public_key, public_key_length, PSA_ASSERT( psa_export_public_key( key, public_key, public_key_length,
&public_key_length ) ); &public_key_length ) );
@ -509,7 +509,7 @@ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self(
private_key_type = psa_get_key_type( &attributes ); private_key_type = psa_get_key_type( &attributes );
key_bits = psa_get_key_bits( &attributes ); key_bits = psa_get_key_bits( &attributes );
public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type ); public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
public_key_length = PSA_EXPORT_KEY_OUTPUT_SIZE( public_key_type, key_bits ); public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_key_type, key_bits );
ASSERT_ALLOC( public_key, public_key_length ); ASSERT_ALLOC( public_key, public_key_length );
PSA_ASSERT( psa_export_public_key( key, PSA_ASSERT( psa_export_public_key( key,
public_key, public_key_length, public_key, public_key_length,
@ -518,6 +518,15 @@ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self(
status = psa_raw_key_agreement( alg, key, status = psa_raw_key_agreement( alg, key,
public_key, public_key_length, public_key, public_key_length,
output, sizeof( output ), &output_length ); output, sizeof( output ), &output_length );
if ( status == PSA_SUCCESS )
{
TEST_ASSERT( output_length <=
PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( private_key_type,
key_bits ) );
TEST_ASSERT( output_length <=
PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE );
}
exit: exit:
/* /*
* Key attributes may have been returned by psa_get_key_attributes() * Key attributes may have been returned by psa_get_key_attributes()
@ -625,6 +634,8 @@ int mbedtls_test_psa_exported_key_sanity_check(
if( ! mbedtls_test_asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) if( ! mbedtls_test_asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
goto exit; goto exit;
TEST_EQUAL( p, end ); TEST_EQUAL( p, end );
TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE );
} }
else else
#endif /* MBEDTLS_RSA_C */ #endif /* MBEDTLS_RSA_C */
@ -634,6 +645,8 @@ int mbedtls_test_psa_exported_key_sanity_check(
{ {
/* Just the secret value */ /* Just the secret value */
TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) ); TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) );
TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE );
} }
else else
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
@ -658,6 +671,12 @@ int mbedtls_test_psa_exported_key_sanity_check(
if( ! mbedtls_test_asn1_skip_integer( &p, end, 2, bits, 1 ) ) if( ! mbedtls_test_asn1_skip_integer( &p, end, 2, bits, 1 ) )
goto exit; goto exit;
TEST_EQUAL( p, end ); TEST_EQUAL( p, end );
TEST_ASSERT( exported_length <=
PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( type, bits ) );
TEST_ASSERT( exported_length <=
PSA_EXPORT_PUBLIC_KEY_MAX_SIZE );
} }
else else
#endif /* MBEDTLS_RSA_C */ #endif /* MBEDTLS_RSA_C */
@ -665,6 +684,12 @@ int mbedtls_test_psa_exported_key_sanity_check(
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ) if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) )
{ {
TEST_ASSERT( exported_length <=
PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( type, bits ) );
TEST_ASSERT( exported_length <=
PSA_EXPORT_PUBLIC_KEY_MAX_SIZE );
if( PSA_KEY_TYPE_ECC_GET_FAMILY( type ) == PSA_ECC_FAMILY_MONTGOMERY ) if( PSA_KEY_TYPE_ECC_GET_FAMILY( type ) == PSA_ECC_FAMILY_MONTGOMERY )
{ {
/* The representation of an ECC Montgomery public key is /* The representation of an ECC Montgomery public key is
@ -785,8 +810,8 @@ static int exercise_export_public_key( mbedtls_svc_key_id_t key )
public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(
psa_get_key_type( &attributes ) ); psa_get_key_type( &attributes ) );
exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE( public_type, exported_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_type,
psa_get_key_bits( &attributes ) ); psa_get_key_bits( &attributes ) );
ASSERT_ALLOC( exported, exported_size ); ASSERT_ALLOC( exported, exported_size );
PSA_ASSERT( psa_export_public_key( key, PSA_ASSERT( psa_export_public_key( key,

View file

@ -613,7 +613,10 @@ void import_export( data_t *data,
reexported, reexported_length ); reexported, reexported_length );
PSA_ASSERT( psa_destroy_key( key2 ) ); PSA_ASSERT( psa_destroy_key( key2 ) );
} }
TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE( type, psa_get_key_bits( &got_attributes ) ) ); TEST_ASSERT( exported_length <=
PSA_EXPORT_KEY_OUTPUT_SIZE( type,
psa_get_key_bits( &got_attributes ) ) );
TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE );
destroy: destroy:
/* Destroy the key */ /* Destroy the key */
@ -674,6 +677,10 @@ void import_export_public_key( data_t *data,
bits = psa_get_key_bits( &attributes ); bits = psa_get_key_bits( &attributes );
TEST_ASSERT( expected_public_key->len <= TEST_ASSERT( expected_public_key->len <=
PSA_EXPORT_KEY_OUTPUT_SIZE( public_type, bits ) ); PSA_EXPORT_KEY_OUTPUT_SIZE( public_type, bits ) );
TEST_ASSERT( expected_public_key->len <=
PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_type, bits ) );
TEST_ASSERT( expected_public_key->len <=
PSA_EXPORT_PUBLIC_KEY_MAX_SIZE );
ASSERT_COMPARE( expected_public_key->x, expected_public_key->len, ASSERT_COMPARE( expected_public_key->x, expected_public_key->len,
exported, exported_length ); exported, exported_length );
} }
@ -2399,19 +2406,29 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
} }
output_buffer_size = ( (size_t) input->len + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); TEST_ASSERT( output_buffer_size <=
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
ASSERT_ALLOC( output, output_buffer_size ); ASSERT_ALLOC( output, output_buffer_size );
PSA_ASSERT( psa_cipher_update( &operation, PSA_ASSERT( psa_cipher_update( &operation,
input->x, input->len, input->x, input->len,
output, output_buffer_size, output, output_buffer_size,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
total_output_length += function_output_length; total_output_length += function_output_length;
status = psa_cipher_finish( &operation, status = psa_cipher_finish( &operation,
output + total_output_length, output + total_output_length,
output_buffer_size - total_output_length, output_buffer_size - total_output_length,
&function_output_length ); &function_output_length );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
total_output_length += function_output_length; total_output_length += function_output_length;
TEST_EQUAL( status, expected_status ); TEST_EQUAL( status, expected_status );
@ -2467,8 +2484,9 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
} }
output_buffer_size = ( (size_t) input->len + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); TEST_ASSERT( output_buffer_size <=
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
ASSERT_ALLOC( output, output_buffer_size ); ASSERT_ALLOC( output, output_buffer_size );
TEST_ASSERT( first_part_size <= input->len ); TEST_ASSERT( first_part_size <= input->len );
@ -2476,7 +2494,12 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
output, output_buffer_size, output, output_buffer_size,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length == output1_length ); TEST_ASSERT( function_output_length == output1_length );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size) );
total_output_length += function_output_length; total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_update( &operation, PSA_ASSERT( psa_cipher_update( &operation,
input->x + first_part_size, input->x + first_part_size,
input->len - first_part_size, input->len - first_part_size,
@ -2484,11 +2507,22 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
output_buffer_size - total_output_length, output_buffer_size - total_output_length,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length == output2_length ); TEST_ASSERT( function_output_length == output2_length );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
alg,
input->len - first_part_size ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
total_output_length += function_output_length; total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_finish( &operation, PSA_ASSERT( psa_cipher_finish( &operation,
output + total_output_length, output + total_output_length,
output_buffer_size - total_output_length, output_buffer_size - total_output_length,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
total_output_length += function_output_length; total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation ) ); PSA_ASSERT( psa_cipher_abort( &operation ) );
@ -2540,8 +2574,9 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
} }
output_buffer_size = ( (size_t) input->len + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input->len );
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); TEST_ASSERT( output_buffer_size <=
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input->len ) );
ASSERT_ALLOC( output, output_buffer_size ); ASSERT_ALLOC( output, output_buffer_size );
TEST_ASSERT( first_part_size <= input->len ); TEST_ASSERT( first_part_size <= input->len );
@ -2550,7 +2585,12 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
output, output_buffer_size, output, output_buffer_size,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length == output1_length ); TEST_ASSERT( function_output_length == output1_length );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
total_output_length += function_output_length; total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_update( &operation, PSA_ASSERT( psa_cipher_update( &operation,
input->x + first_part_size, input->x + first_part_size,
input->len - first_part_size, input->len - first_part_size,
@ -2558,11 +2598,22 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
output_buffer_size - total_output_length, output_buffer_size - total_output_length,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length == output2_length ); TEST_ASSERT( function_output_length == output2_length );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
alg,
input->len - first_part_size ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
total_output_length += function_output_length; total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_finish( &operation, PSA_ASSERT( psa_cipher_finish( &operation,
output + total_output_length, output + total_output_length,
output_buffer_size - total_output_length, output_buffer_size - total_output_length,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
total_output_length += function_output_length; total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation ) ); PSA_ASSERT( psa_cipher_abort( &operation ) );
@ -2611,19 +2662,29 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
} }
output_buffer_size = ( (size_t) input->len + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input->len );
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); TEST_ASSERT( output_buffer_size <=
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input->len ) );
ASSERT_ALLOC( output, output_buffer_size ); ASSERT_ALLOC( output, output_buffer_size );
PSA_ASSERT( psa_cipher_update( &operation, PSA_ASSERT( psa_cipher_update( &operation,
input->x, input->len, input->x, input->len,
output, output_buffer_size, output, output_buffer_size,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
total_output_length += function_output_length; total_output_length += function_output_length;
status = psa_cipher_finish( &operation, status = psa_cipher_finish( &operation,
output + total_output_length, output + total_output_length,
output_buffer_size - total_output_length, output_buffer_size - total_output_length,
&function_output_length ); &function_output_length );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
total_output_length += function_output_length; total_output_length += function_output_length;
TEST_EQUAL( status, expected_status ); TEST_EQUAL( status, expected_status );
@ -2682,23 +2743,37 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
iv, iv_size, iv, iv_size,
&iv_length ) ); &iv_length ) );
} }
output1_size = ( (size_t) input->len + output1_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); TEST_ASSERT( output1_size <=
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
ASSERT_ALLOC( output1, output1_size ); ASSERT_ALLOC( output1, output1_size );
PSA_ASSERT( psa_cipher_update( &operation1, input->x, input->len, PSA_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
output1, output1_size, output1, output1_size,
&output1_length ) ); &output1_length ) );
TEST_ASSERT( output1_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) );
TEST_ASSERT( output1_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
PSA_ASSERT( psa_cipher_finish( &operation1, PSA_ASSERT( psa_cipher_finish( &operation1,
output1 + output1_length, output1 + output1_length,
output1_size - output1_length, output1_size - output1_length,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
output1_length += function_output_length; output1_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation1 ) ); PSA_ASSERT( psa_cipher_abort( &operation1 ) );
output2_size = output1_length; output2_size = output1_length;
TEST_ASSERT( output2_size <=
PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) );
TEST_ASSERT( output2_size <=
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) );
ASSERT_ALLOC( output2, output2_size ); ASSERT_ALLOC( output2, output2_size );
if( iv_length > 0 ) if( iv_length > 0 )
@ -2710,11 +2785,20 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
PSA_ASSERT( psa_cipher_update( &operation2, output1, output1_length, PSA_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
output2, output2_size, output2, output2_size,
&output2_length ) ); &output2_length ) );
TEST_ASSERT( output2_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, output1_length ) );
TEST_ASSERT( output2_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( output1_length ) );
function_output_length = 0; function_output_length = 0;
PSA_ASSERT( psa_cipher_finish( &operation2, PSA_ASSERT( psa_cipher_finish( &operation2,
output2 + output2_length, output2 + output2_length,
output2_size - output2_length, output2_size - output2_length,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
output2_length += function_output_length; output2_length += function_output_length;
@ -2776,8 +2860,9 @@ void cipher_verify_output_multipart( int alg_arg,
&iv_length ) ); &iv_length ) );
} }
output1_buffer_size = ( (size_t) input->len + output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); TEST_ASSERT( output1_buffer_size <=
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
ASSERT_ALLOC( output1, output1_buffer_size ); ASSERT_ALLOC( output1, output1_buffer_size );
TEST_ASSERT( first_part_size <= input->len ); TEST_ASSERT( first_part_size <= input->len );
@ -2785,6 +2870,10 @@ void cipher_verify_output_multipart( int alg_arg,
PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size, PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
output1, output1_buffer_size, output1, output1_buffer_size,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
output1_length += function_output_length; output1_length += function_output_length;
PSA_ASSERT( psa_cipher_update( &operation1, PSA_ASSERT( psa_cipher_update( &operation1,
@ -2792,17 +2881,31 @@ void cipher_verify_output_multipart( int alg_arg,
input->len - first_part_size, input->len - first_part_size,
output1, output1_buffer_size, output1, output1_buffer_size,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
alg,
input->len - first_part_size ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len - first_part_size ) );
output1_length += function_output_length; output1_length += function_output_length;
PSA_ASSERT( psa_cipher_finish( &operation1, PSA_ASSERT( psa_cipher_finish( &operation1,
output1 + output1_length, output1 + output1_length,
output1_buffer_size - output1_length, output1_buffer_size - output1_length,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
output1_length += function_output_length; output1_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation1 ) ); PSA_ASSERT( psa_cipher_abort( &operation1 ) );
output2_buffer_size = output1_length; output2_buffer_size = output1_length;
TEST_ASSERT( output2_buffer_size <=
PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) );
TEST_ASSERT( output2_buffer_size <=
PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) );
ASSERT_ALLOC( output2, output2_buffer_size ); ASSERT_ALLOC( output2, output2_buffer_size );
if( iv_length > 0 ) if( iv_length > 0 )
@ -2814,6 +2917,10 @@ void cipher_verify_output_multipart( int alg_arg,
PSA_ASSERT( psa_cipher_update( &operation2, output1, first_part_size, PSA_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
output2, output2_buffer_size, output2, output2_buffer_size,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
output2_length += function_output_length; output2_length += function_output_length;
PSA_ASSERT( psa_cipher_update( &operation2, PSA_ASSERT( psa_cipher_update( &operation2,
@ -2821,12 +2928,22 @@ void cipher_verify_output_multipart( int alg_arg,
output1_length - first_part_size, output1_length - first_part_size,
output2, output2_buffer_size, output2, output2_buffer_size,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
alg,
output1_length - first_part_size ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( output1_length - first_part_size ) );
output2_length += function_output_length; output2_length += function_output_length;
PSA_ASSERT( psa_cipher_finish( &operation2, PSA_ASSERT( psa_cipher_finish( &operation2,
output2 + output2_length, output2 + output2_length,
output2_buffer_size - output2_length, output2_buffer_size - output2_length,
&function_output_length ) ); &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
output2_length += function_output_length; output2_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation2 ) ); PSA_ASSERT( psa_cipher_abort( &operation2 ) );
@ -2898,6 +3015,9 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
TEST_EQUAL( input_data->len, TEST_EQUAL( input_data->len,
PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, output_length ) ); PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, output_length ) );
TEST_ASSERT( input_data->len <=
PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( output_length ) );
TEST_EQUAL( psa_aead_decrypt( key, alg, TEST_EQUAL( psa_aead_decrypt( key, alg,
nonce->x, nonce->len, nonce->x, nonce->len,
additional_data->x, additional_data->x,
@ -2942,6 +3062,8 @@ void aead_encrypt( int key_type_arg, data_t *key_data,
* should be exact. */ * should be exact. */
TEST_EQUAL( output_size, TEST_EQUAL( output_size,
PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) ); PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) );
TEST_ASSERT( output_size <=
PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
ASSERT_ALLOC( output_data, output_size ); ASSERT_ALLOC( output_data, output_size );
PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_crypto_init( ) );
@ -3001,11 +3123,15 @@ void aead_decrypt( int key_type_arg, data_t *key_data,
psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_status_t status = PSA_ERROR_GENERIC_ERROR;
output_size = input_data->len - tag_length; output_size = input_data->len - tag_length;
/* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
* should be exact. */
if( expected_result != PSA_ERROR_INVALID_ARGUMENT ) if( expected_result != PSA_ERROR_INVALID_ARGUMENT )
{
/* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE
* should be exact. */
TEST_EQUAL( output_size, TEST_EQUAL( output_size,
PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, input_data->len ) ); PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, input_data->len ) );
TEST_ASSERT( output_size <=
PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
}
ASSERT_ALLOC( output_data, output_size ); ASSERT_ALLOC( output_data, output_size );
PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_crypto_init( ) );
@ -3374,7 +3500,9 @@ void asymmetric_encrypt( int key_type_arg,
/* Determine the maximum output length */ /* Determine the maximum output length */
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes ); key_bits = psa_get_key_bits( &attributes );
output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
TEST_ASSERT( output_size <= PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE );
ASSERT_ALLOC( output, output_size ); ASSERT_ALLOC( output, output_size );
/* Encrypt the input */ /* Encrypt the input */
@ -3446,9 +3574,15 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
/* Determine the maximum ciphertext length */ /* Determine the maximum ciphertext length */
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes ); key_bits = psa_get_key_bits( &attributes );
output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
TEST_ASSERT( output_size <= PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE );
ASSERT_ALLOC( output, output_size ); ASSERT_ALLOC( output, output_size );
output2_size = input_data->len; output2_size = input_data->len;
TEST_ASSERT( output2_size <=
PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg ) );
TEST_ASSERT( output2_size <= PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE );
ASSERT_ALLOC( output2, output2_size ); ASSERT_ALLOC( output2, output2_size );
/* We test encryption by checking that encrypt-then-decrypt gives back /* We test encryption by checking that encrypt-then-decrypt gives back
@ -3496,14 +3630,12 @@ void asymmetric_decrypt( int key_type_arg,
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg; psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg; psa_algorithm_t alg = alg_arg;
size_t key_bits;
unsigned char *output = NULL; unsigned char *output = NULL;
size_t output_size = 0; size_t output_size = 0;
size_t output_length = ~0; size_t output_length = ~0;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
output_size = expected_data->len;
ASSERT_ALLOC( output, output_size );
PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
@ -3513,6 +3645,14 @@ void asymmetric_decrypt( int key_type_arg,
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) ); &key ) );
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
/* Determine the maximum ciphertext length */
output_size = PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
TEST_ASSERT( output_size <= PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE );
ASSERT_ALLOC( output, output_size );
PSA_ASSERT( psa_asymmetric_decrypt( key, alg, PSA_ASSERT( psa_asymmetric_decrypt( key, alg,
input_data->x, input_data->len, input_data->x, input_data->len,
label->x, label->len, label->x, label->len,
@ -3910,6 +4050,14 @@ void derive_output( int alg_arg,
PSA_ASSERT( psa_import_key( &attributes, PSA_ASSERT( psa_import_key( &attributes,
inputs[i]->x, inputs[i]->len, inputs[i]->x, inputs[i]->len,
&keys[i] ) ); &keys[i] ) );
if ( PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
{
PSA_ASSERT( psa_get_key_attributes( keys[i], &attributes ) );
TEST_ASSERT( PSA_BITS_TO_BYTES( psa_get_key_bits( &attributes ) ) <=
PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE );
}
PSA_ASSERT( psa_key_derivation_input_key( PSA_ASSERT( psa_key_derivation_input_key(
&operation, steps[i], keys[i] ) ); &operation, steps[i], keys[i] ) );
break; break;
@ -4295,6 +4443,7 @@ void raw_key_agreement( int alg_arg,
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
unsigned char *output = NULL; unsigned char *output = NULL;
size_t output_length = ~0; size_t output_length = ~0;
size_t key_bits;
ASSERT_ALLOC( output, expected_output->len ); ASSERT_ALLOC( output, expected_output->len );
PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_crypto_init( ) );
@ -4306,12 +4455,19 @@ void raw_key_agreement( int alg_arg,
our_key_data->x, our_key_data->len, our_key_data->x, our_key_data->len,
&our_key ) ); &our_key ) );
PSA_ASSERT( psa_get_key_attributes( our_key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
PSA_ASSERT( psa_raw_key_agreement( alg, our_key, PSA_ASSERT( psa_raw_key_agreement( alg, our_key,
peer_key_data->x, peer_key_data->len, peer_key_data->x, peer_key_data->len,
output, expected_output->len, output, expected_output->len,
&output_length ) ); &output_length ) );
ASSERT_COMPARE( output, output_length, ASSERT_COMPARE( output, output_length,
expected_output->x, expected_output->len ); expected_output->x, expected_output->len );
TEST_ASSERT( output_length <=
PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( our_key_type, key_bits ) );
TEST_ASSERT( output_length <=
PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE );
exit: exit:
mbedtls_free( output ); mbedtls_free( output );