test_suite_psa_crypto_op_fail.function (15004B)
1 /* BEGIN_HEADER */ 2 3 #include "psa/crypto.h" 4 #include "test/psa_crypto_helpers.h" 5 6 static int test_equal_status(const char *test, 7 int line_no, const char *filename, 8 psa_status_t value1, 9 psa_status_t value2) 10 { 11 if ((value1 == PSA_ERROR_INVALID_ARGUMENT && 12 value2 == PSA_ERROR_NOT_SUPPORTED) || 13 (value1 == PSA_ERROR_NOT_SUPPORTED && 14 value2 == PSA_ERROR_INVALID_ARGUMENT)) { 15 return 1; 16 } 17 return mbedtls_test_equal(test, line_no, filename, value1, value2); 18 } 19 20 /** Like #TEST_EQUAL, but expects #psa_status_t values and treats 21 * #PSA_ERROR_INVALID_ARGUMENT and #PSA_ERROR_NOT_SUPPORTED as 22 * interchangeable. 23 * 24 * This test suite currently allows NOT_SUPPORTED and INVALID_ARGUMENT 25 * to be interchangeable in places where the library's behavior does not 26 * match the strict expectations of the test case generator. In the long 27 * run, it would be better to clarify the expectations and reconcile the 28 * library and the test case generator. 29 */ 30 #define TEST_STATUS(expr1, expr2) \ 31 do { \ 32 if (!test_equal_status( #expr1 " == " #expr2, __LINE__, __FILE__, \ 33 expr1, expr2)) \ 34 goto exit; \ 35 } while (0) 36 37 /* END_HEADER */ 38 39 /* BEGIN_DEPENDENCIES 40 * depends_on:MBEDTLS_PSA_CRYPTO_C 41 * END_DEPENDENCIES 42 */ 43 44 /* BEGIN_CASE */ 45 void hash_fail(int alg_arg, int expected_status_arg) 46 { 47 psa_status_t expected_status = expected_status_arg; 48 psa_algorithm_t alg = alg_arg; 49 psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; 50 uint8_t input[1] = { 'A' }; 51 uint8_t output[PSA_HASH_MAX_SIZE] = { 0 }; 52 size_t length = SIZE_MAX; 53 54 PSA_INIT(); 55 56 TEST_EQUAL(expected_status, 57 psa_hash_setup(&operation, alg)); 58 TEST_EQUAL(expected_status, 59 psa_hash_compute(alg, input, sizeof(input), 60 output, sizeof(output), &length)); 61 TEST_EQUAL(expected_status, 62 psa_hash_compare(alg, input, sizeof(input), 63 output, sizeof(output))); 64 65 exit: 66 psa_hash_abort(&operation); 67 PSA_DONE(); 68 } 69 /* END_CASE */ 70 71 /* BEGIN_CASE */ 72 void mac_fail(int key_type_arg, data_t *key_data, 73 int alg_arg, int expected_status_arg) 74 { 75 psa_status_t expected_status = expected_status_arg; 76 psa_key_type_t key_type = key_type_arg; 77 psa_algorithm_t alg = alg_arg; 78 psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; 79 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 80 mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; 81 uint8_t input[1] = { 'A' }; 82 uint8_t output[PSA_MAC_MAX_SIZE] = { 0 }; 83 size_t length = SIZE_MAX; 84 85 PSA_INIT(); 86 87 psa_set_key_type(&attributes, key_type); 88 psa_set_key_usage_flags(&attributes, 89 PSA_KEY_USAGE_SIGN_HASH | 90 PSA_KEY_USAGE_VERIFY_HASH); 91 psa_set_key_algorithm(&attributes, alg); 92 PSA_ASSERT(psa_import_key(&attributes, 93 key_data->x, key_data->len, 94 &key_id)); 95 96 TEST_STATUS(expected_status, 97 psa_mac_sign_setup(&operation, key_id, alg)); 98 TEST_STATUS(expected_status, 99 psa_mac_verify_setup(&operation, key_id, alg)); 100 TEST_STATUS(expected_status, 101 psa_mac_compute(key_id, alg, 102 input, sizeof(input), 103 output, sizeof(output), &length)); 104 TEST_STATUS(expected_status, 105 psa_mac_verify(key_id, alg, 106 input, sizeof(input), 107 output, sizeof(output))); 108 109 exit: 110 psa_mac_abort(&operation); 111 psa_destroy_key(key_id); 112 psa_reset_key_attributes(&attributes); 113 PSA_DONE(); 114 } 115 /* END_CASE */ 116 117 /* BEGIN_CASE */ 118 void cipher_fail(int key_type_arg, data_t *key_data, 119 int alg_arg, int expected_status_arg) 120 { 121 psa_status_t expected_status = expected_status_arg; 122 psa_key_type_t key_type = key_type_arg; 123 psa_algorithm_t alg = alg_arg; 124 psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; 125 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 126 mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; 127 uint8_t input[1] = { 'A' }; 128 uint8_t output[64] = { 0 }; 129 size_t length = SIZE_MAX; 130 131 PSA_INIT(); 132 133 psa_set_key_type(&attributes, key_type); 134 psa_set_key_usage_flags(&attributes, 135 PSA_KEY_USAGE_ENCRYPT | 136 PSA_KEY_USAGE_DECRYPT); 137 psa_set_key_algorithm(&attributes, alg); 138 PSA_ASSERT(psa_import_key(&attributes, 139 key_data->x, key_data->len, 140 &key_id)); 141 142 TEST_STATUS(expected_status, 143 psa_cipher_encrypt_setup(&operation, key_id, alg)); 144 TEST_STATUS(expected_status, 145 psa_cipher_decrypt_setup(&operation, key_id, alg)); 146 TEST_STATUS(expected_status, 147 psa_cipher_encrypt(key_id, alg, 148 input, sizeof(input), 149 output, sizeof(output), &length)); 150 TEST_STATUS(expected_status, 151 psa_cipher_decrypt(key_id, alg, 152 input, sizeof(input), 153 output, sizeof(output), &length)); 154 155 exit: 156 psa_cipher_abort(&operation); 157 psa_destroy_key(key_id); 158 psa_reset_key_attributes(&attributes); 159 PSA_DONE(); 160 } 161 /* END_CASE */ 162 163 /* BEGIN_CASE */ 164 void aead_fail(int key_type_arg, data_t *key_data, 165 int alg_arg, int expected_status_arg) 166 { 167 psa_status_t expected_status = expected_status_arg; 168 psa_key_type_t key_type = key_type_arg; 169 psa_algorithm_t alg = alg_arg; 170 psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT; 171 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 172 mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; 173 uint8_t input[16] = "ABCDEFGHIJKLMNO"; 174 uint8_t output[64] = { 0 }; 175 size_t length = SIZE_MAX; 176 177 PSA_INIT(); 178 179 psa_set_key_type(&attributes, key_type); 180 psa_set_key_usage_flags(&attributes, 181 PSA_KEY_USAGE_ENCRYPT | 182 PSA_KEY_USAGE_DECRYPT); 183 psa_set_key_algorithm(&attributes, alg); 184 PSA_ASSERT(psa_import_key(&attributes, 185 key_data->x, key_data->len, 186 &key_id)); 187 188 TEST_STATUS(expected_status, 189 psa_aead_encrypt_setup(&operation, key_id, alg)); 190 TEST_STATUS(expected_status, 191 psa_aead_decrypt_setup(&operation, key_id, alg)); 192 TEST_STATUS(expected_status, 193 psa_aead_encrypt(key_id, alg, 194 input, sizeof(input), 195 NULL, 0, input, sizeof(input), 196 output, sizeof(output), &length)); 197 TEST_STATUS(expected_status, 198 psa_aead_decrypt(key_id, alg, 199 input, sizeof(input), 200 NULL, 0, input, sizeof(input), 201 output, sizeof(output), &length)); 202 203 exit: 204 psa_aead_abort(&operation); 205 psa_destroy_key(key_id); 206 psa_reset_key_attributes(&attributes); 207 PSA_DONE(); 208 } 209 /* END_CASE */ 210 211 /* BEGIN_CASE */ 212 void sign_fail(int key_type_arg, data_t *key_data, 213 int alg_arg, int private_only, 214 int expected_status_arg) 215 { 216 psa_status_t expected_status = expected_status_arg; 217 psa_key_type_t key_type = key_type_arg; 218 psa_algorithm_t alg = alg_arg; 219 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 220 mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; 221 uint8_t input[1] = { 'A' }; 222 uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 }; 223 size_t length = SIZE_MAX; 224 psa_sign_hash_interruptible_operation_t sign_operation = 225 psa_sign_hash_interruptible_operation_init(); 226 psa_verify_hash_interruptible_operation_t verify_operation = 227 psa_verify_hash_interruptible_operation_init(); 228 229 PSA_INIT(); 230 231 psa_set_key_type(&attributes, key_type); 232 psa_set_key_usage_flags(&attributes, 233 PSA_KEY_USAGE_SIGN_HASH | 234 PSA_KEY_USAGE_VERIFY_HASH); 235 psa_set_key_algorithm(&attributes, alg); 236 PSA_ASSERT(psa_import_key(&attributes, 237 key_data->x, key_data->len, 238 &key_id)); 239 240 TEST_STATUS(expected_status, 241 psa_sign_hash(key_id, alg, 242 input, sizeof(input), 243 output, sizeof(output), &length)); 244 245 TEST_STATUS(expected_status, 246 psa_sign_hash_start(&sign_operation, key_id, alg, 247 input, sizeof(input))); 248 249 PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); 250 251 if (!private_only) { 252 /* Construct a signature candidate of a plausible size to avoid an 253 * INVALID_SIGNATURE error based on an early size verification. */ 254 PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); 255 size_t key_bits = psa_get_key_bits(&attributes); 256 size_t output_length = sizeof(output); 257 if (PSA_KEY_TYPE_IS_RSA(key_type)) { 258 output_length = PSA_BITS_TO_BYTES(key_bits); 259 } else if (PSA_KEY_TYPE_IS_ECC(key_type)) { 260 output_length = 2 * PSA_BITS_TO_BYTES(key_bits); 261 } 262 TEST_ASSERT(output_length <= sizeof(output)); 263 TEST_STATUS(expected_status, 264 psa_verify_hash(key_id, alg, 265 input, sizeof(input), 266 output, output_length)); 267 268 TEST_STATUS(expected_status, 269 psa_verify_hash_start(&verify_operation, key_id, alg, 270 input, sizeof(input), 271 output, output_length)); 272 273 PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); 274 } 275 276 exit: 277 psa_sign_hash_abort(&sign_operation); 278 psa_verify_hash_abort(&verify_operation); 279 psa_destroy_key(key_id); 280 psa_reset_key_attributes(&attributes); 281 PSA_DONE(); 282 } 283 /* END_CASE */ 284 285 /* BEGIN_CASE */ 286 void asymmetric_encryption_fail(int key_type_arg, data_t *key_data, 287 int alg_arg, int private_only, 288 int expected_status_arg) 289 { 290 psa_status_t expected_status = expected_status_arg; 291 psa_key_type_t key_type = key_type_arg; 292 psa_algorithm_t alg = alg_arg; 293 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 294 mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; 295 uint8_t plaintext[PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE] = { 0 }; 296 uint8_t ciphertext[PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE] = { 0 }; 297 size_t length = SIZE_MAX; 298 299 PSA_INIT(); 300 301 psa_set_key_type(&attributes, key_type); 302 psa_set_key_usage_flags(&attributes, 303 PSA_KEY_USAGE_ENCRYPT | 304 PSA_KEY_USAGE_DECRYPT); 305 psa_set_key_algorithm(&attributes, alg); 306 PSA_ASSERT(psa_import_key(&attributes, 307 key_data->x, key_data->len, 308 &key_id)); 309 310 if (!private_only) { 311 TEST_STATUS(expected_status, 312 psa_asymmetric_encrypt(key_id, alg, 313 plaintext, 1, 314 NULL, 0, 315 ciphertext, sizeof(ciphertext), 316 &length)); 317 } 318 TEST_STATUS(expected_status, 319 psa_asymmetric_decrypt(key_id, alg, 320 ciphertext, sizeof(ciphertext), 321 NULL, 0, 322 plaintext, sizeof(plaintext), 323 &length)); 324 325 exit: 326 psa_destroy_key(key_id); 327 psa_reset_key_attributes(&attributes); 328 PSA_DONE(); 329 } 330 /* END_CASE */ 331 332 /* BEGIN_CASE */ 333 void key_derivation_fail(int alg_arg, int expected_status_arg) 334 { 335 psa_status_t expected_status = expected_status_arg; 336 psa_algorithm_t alg = alg_arg; 337 psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; 338 339 PSA_INIT(); 340 341 TEST_EQUAL(expected_status, 342 psa_key_derivation_setup(&operation, alg)); 343 344 exit: 345 psa_key_derivation_abort(&operation); 346 PSA_DONE(); 347 } 348 /* END_CASE */ 349 350 /* BEGIN_CASE */ 351 void key_agreement_fail(int key_type_arg, data_t *key_data, 352 int alg_arg, int private_only, 353 int expected_status_arg) 354 { 355 psa_status_t expected_status = expected_status_arg; 356 psa_key_type_t key_type = key_type_arg; 357 psa_algorithm_t alg = alg_arg; 358 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; 359 mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; 360 uint8_t public_key[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE] = { 0 }; 361 size_t public_key_length = 0; 362 uint8_t output[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE] = { 0 }; 363 size_t length = 0; 364 psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; 365 366 PSA_INIT(); 367 368 psa_set_key_type(&attributes, key_type); 369 psa_set_key_usage_flags(&attributes, 370 PSA_KEY_USAGE_DERIVE); 371 psa_set_key_algorithm(&attributes, alg); 372 PSA_ASSERT(psa_import_key(&attributes, 373 key_data->x, key_data->len, 374 &key_id)); 375 if (PSA_KEY_TYPE_IS_KEY_PAIR(key_type) || 376 PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) { 377 PSA_ASSERT(psa_export_public_key(key_id, 378 public_key, sizeof(public_key), 379 &public_key_length)); 380 } 381 382 TEST_STATUS(expected_status, 383 psa_raw_key_agreement(alg, key_id, 384 public_key, public_key_length, 385 output, sizeof(output), &length)); 386 387 #if defined(PSA_WANT_ALG_HKDF) && defined(PSA_WANT_ALG_SHA_256) 388 PSA_ASSERT(psa_key_derivation_setup(&operation, 389 PSA_ALG_HKDF(PSA_ALG_SHA_256))); 390 TEST_STATUS(expected_status, 391 psa_key_derivation_key_agreement( 392 &operation, 393 PSA_KEY_DERIVATION_INPUT_SECRET, 394 key_id, 395 public_key, public_key_length)); 396 #endif 397 398 /* There are no public-key operations. */ 399 (void) private_only; 400 401 exit: 402 psa_key_derivation_abort(&operation); 403 psa_destroy_key(key_id); 404 psa_reset_key_attributes(&attributes); 405 PSA_DONE(); 406 } 407 /* END_CASE */