TF-M Reference Manual  1.2.0
TrustedFirmware-M
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
crypto_tests_common.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #if DOMAIN_NS == 1
9 #include <string.h>
10 #else
11 #include "tfm_memory_utils.h"
12 #endif
13 #include "crypto_tests_common.h"
14 
16  struct test_result_t *ret)
17 {
18  psa_status_t status = PSA_SUCCESS;
19  uint32_t i = 0;
20  psa_key_handle_t key_handle = 0x0u;
21  const uint8_t data[] = "THIS IS MY KEY1";
22  uint8_t exported_data[sizeof(data)] = {0};
23  size_t exported_data_size = 0;
24  psa_key_attributes_t key_attributes = psa_key_attributes_init();
25  psa_key_attributes_t retrieved_attributes = psa_key_attributes_init();
26 
27  /* Setup the key policy */
28  psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_EXPORT);
29  psa_set_key_type(&key_attributes, key_type);
30 
31  status = psa_import_key(&key_attributes, data, sizeof(data),
32  &key_handle);
33  if (status != PSA_SUCCESS) {
34  TEST_FAIL("Error importing a key");
35  return;
36  }
37 
38  status = psa_get_key_attributes(key_handle, &retrieved_attributes);
39  if (status != PSA_SUCCESS) {
40  TEST_FAIL("Error getting key metadata");
41  return;
42  }
43 
44  if (psa_get_key_bits(&retrieved_attributes) != BIT_SIZE_TEST_KEY) {
45  TEST_FAIL("The number of key bits is different from expected");
46  return;
47  }
48 
49  if (psa_get_key_type(&retrieved_attributes) != key_type) {
50  TEST_FAIL("The type of the key is different from expected");
51  return;
52  }
53 
54  psa_reset_key_attributes(&retrieved_attributes);
55 
56  status = psa_export_key(key_handle,
57  exported_data,
58  sizeof(data),
59  &exported_data_size);
60 
61  if (status != PSA_SUCCESS) {
62  TEST_FAIL("Error exporting a key");
63  return;
64  }
65 
66  if (exported_data_size != BYTE_SIZE_TEST_KEY) {
67  TEST_FAIL("Number of bytes of exported key different from expected");
68  return;
69  }
70 
71  /* Check that the exported key is the same as the imported one */
72  for (i=0; i<exported_data_size; i++) {
73  if (exported_data[i] != data[i]) {
74  TEST_FAIL("Exported key doesn't match the imported key");
75  return;
76  }
77  }
78 
79  status = psa_destroy_key(key_handle);
80  if (status != PSA_SUCCESS) {
81  TEST_FAIL("Error destroying the key");
82  return;
83  }
84 
85  status = psa_get_key_attributes(key_handle, &retrieved_attributes);
86  if (status != PSA_ERROR_INVALID_HANDLE) {
87  TEST_FAIL("Key handle should be invalid now");
88  return;
89  }
90 
91  psa_reset_key_attributes(&retrieved_attributes);
92 
93  ret->val = TEST_PASSED;
94 }
95 
96 void psa_cipher_test(const psa_key_type_t key_type,
97  const psa_algorithm_t alg,
98  struct test_result_t *ret)
99 {
102  psa_status_t status = PSA_SUCCESS;
103  psa_key_handle_t key_handle;
104  const uint8_t data[] = "THIS IS MY KEY1";
105  const size_t iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type);
106  const uint8_t iv[] = "012345678901234";
107  const uint8_t plain_text[BYTE_SIZE_CHUNK] = "Sixteen bytes!!";
108  uint8_t decrypted_data[ENC_DEC_BUFFER_SIZE] = {0};
109  size_t output_length = 0, total_output_length = 0;
110  uint8_t encrypted_data[ENC_DEC_BUFFER_SIZE] = {0};
111  uint32_t comp_result;
112  psa_key_attributes_t key_attributes = psa_key_attributes_init();
114  uint32_t i;
115 
116  ret->val = TEST_PASSED;
117 
118  /* FIXME: Special override for the CC312 accelerator. Implemented because
119  * there is not yet a generic way to override tests.
120  */
121 #ifdef CRYPTO_HW_ACCELERATOR_CC312
122  if (alg == PSA_ALG_CFB) {
123  TEST_LOG("%s %s", "The CC312 does not support CFB mode.",
124  "The test execution was SKIPPED.\r\n");
125  return;
126  }
127 #endif /* CRYPTO_HW_ACCELERATOR_CC312 */
128 
129  /* Setup the key policy */
130  psa_set_key_usage_flags(&key_attributes, usage);
131  psa_set_key_algorithm(&key_attributes, alg);
132  psa_set_key_type(&key_attributes, key_type);
133 
134  /* Import a key */
135  status = psa_import_key(&key_attributes, data, sizeof(data), &key_handle);
136  if (status != PSA_SUCCESS) {
137  TEST_FAIL("Error importing a key");
138  goto destroy_key;
139  }
140 
141  status = psa_get_key_attributes(key_handle, &key_attributes);
142  if (status != PSA_SUCCESS) {
143  TEST_FAIL("Error getting key metadata");
144  goto destroy_key;
145  }
146 
147  if (psa_get_key_bits(&key_attributes) != BIT_SIZE_TEST_KEY) {
148  TEST_FAIL("The number of key bits is different from expected");
149  goto destroy_key;
150  }
151 
152  if (psa_get_key_type(&key_attributes) != key_type) {
153  TEST_FAIL("The type of the key is different from expected");
154  goto destroy_key;
155  }
156 
157  psa_reset_key_attributes(&key_attributes);
158 
159  /* Setup the encryption object */
160  status = psa_cipher_encrypt_setup(&handle, key_handle, alg);
161  if (status != PSA_SUCCESS) {
162  if (status == PSA_ERROR_NOT_SUPPORTED) {
163  TEST_FAIL("Algorithm NOT SUPPORTED by the implementation");
164  } else {
165  TEST_FAIL("Error setting up cipher operation object");
166  }
167  goto destroy_key;
168  }
169 
170  /* Set the IV */
171  status = psa_cipher_set_iv(&handle, iv, iv_length);
172  if (status != PSA_SUCCESS) {
173  TEST_FAIL("Error setting the IV on the cypher operation object");
174  status = psa_cipher_abort(&handle);
175  if (status != PSA_SUCCESS) {
176  TEST_FAIL("Error aborting the operation");
177  }
178  goto destroy_key;
179  }
180 
181  /* Encrypt one chunk of information */
182  status = psa_cipher_update(&handle, plain_text, BYTE_SIZE_CHUNK,
183  encrypted_data, ENC_DEC_BUFFER_SIZE,
184  &output_length);
185 
186  if (status != PSA_SUCCESS) {
187  TEST_FAIL("Error encrypting one chunk of information");
188  status = psa_cipher_abort(&handle);
189  if (status != PSA_SUCCESS) {
190  TEST_FAIL("Error aborting the operation");
191  }
192  goto destroy_key;
193  }
194 
195  if (output_length != BYTE_SIZE_CHUNK) {
196  TEST_FAIL("Expected encrypted data length is different from expected");
197  status = psa_cipher_abort(&handle);
198  if (status != PSA_SUCCESS) {
199  TEST_FAIL("Error aborting the operation");
200  }
201  goto destroy_key;
202  }
203 
204  /* Finalise the cipher operation */
205  status = psa_cipher_finish(&handle, &encrypted_data[output_length],
206  ENC_DEC_BUFFER_SIZE - output_length,
207  &output_length);
208 
209  if (status != PSA_SUCCESS) {
210  TEST_FAIL("Error finalising the cipher operation");
211  status = psa_cipher_abort(&handle);
212  if (status != PSA_SUCCESS) {
213  TEST_FAIL("Error aborting the operation");
214  }
215  goto destroy_key;
216  }
217 
218  if (output_length != 0) {
219  TEST_FAIL("Unexpected output length after finalisation");
220  goto destroy_key;
221  }
222 
223  /* Setup the decryption object */
224  if (alg == PSA_ALG_CFB) {
225  /* In CFB mode the object is always in encryption mode */
226  status = psa_cipher_encrypt_setup(&handle_dec, key_handle, alg);
227  } else {
228  status = psa_cipher_decrypt_setup(&handle_dec, key_handle, alg);
229  }
230 
231  if (status != PSA_SUCCESS) {
232  TEST_FAIL("Error setting up cipher operation object");
233  goto destroy_key;
234  }
235 
236  /* Set the IV for decryption */
237  status = psa_cipher_set_iv(&handle_dec, iv, iv_length);
238  if (status != PSA_SUCCESS) {
239  TEST_FAIL("Error setting the IV for decryption");
240  status = psa_cipher_abort(&handle_dec);
241  if (status != PSA_SUCCESS) {
242  TEST_FAIL("Error aborting the operation");
243  }
244  goto destroy_key;
245  }
246 
247  /* Decrypt */
248  for (i = 0; i < ENC_DEC_BUFFER_SIZE; i += BYTE_SIZE_CHUNK) {
249  status = psa_cipher_update(&handle_dec,
250  (encrypted_data + i), BYTE_SIZE_CHUNK,
251  (decrypted_data + total_output_length),
252  (ENC_DEC_BUFFER_SIZE - total_output_length),
253  &output_length);
254 
255  if (status != PSA_SUCCESS) {
256  TEST_FAIL("Error during decryption");
257  status = psa_cipher_abort(&handle_dec);
258  if (status != PSA_SUCCESS) {
259  TEST_FAIL("Error aborting the operation");
260  }
261  goto destroy_key;
262  }
263 
264  total_output_length += output_length;
265  }
266 
267 #if DOMAIN_NS == 1U
268  /* Check that the plain text matches the decrypted data */
269  comp_result = memcmp(plain_text, decrypted_data, sizeof(plain_text));
270 #else
271  comp_result = tfm_memcmp(plain_text, decrypted_data, sizeof(plain_text));
272 #endif
273  if (comp_result != 0) {
274  TEST_FAIL("Decrypted data doesn't match with plain text");
275  status = psa_cipher_abort(&handle_dec);
276  if (status != PSA_SUCCESS) {
277  TEST_FAIL("Error aborting the operation");
278  }
279  goto destroy_key;
280  }
281 
282  /* Finalise the cipher operation for decryption (destroys decrypted data) */
283  status = psa_cipher_finish(&handle_dec, decrypted_data, BYTE_SIZE_CHUNK,
284  &output_length);
285 
286  if (status != PSA_SUCCESS) {
287  TEST_FAIL("Error finalising the cipher operation");
288  status = psa_cipher_abort(&handle_dec);
289  if (status != PSA_SUCCESS) {
290  TEST_FAIL("Error aborting the operation");
291  }
292  goto destroy_key;
293  }
294 
295  total_output_length += output_length;
296 
297  /* Check that the decrypted length is equal to the original length */
298  if (total_output_length != ENC_DEC_BUFFER_SIZE) {
299  TEST_FAIL("After finalising, unexpected decrypted length");
300  goto destroy_key;
301  }
302 
303 destroy_key:
304  /* Destroy the key */
305  status = psa_destroy_key(key_handle);
306  if (status != PSA_SUCCESS) {
307  TEST_FAIL("Error destroying a key");
308  }
309 
310 }
311 
313  const psa_algorithm_t alg,
314  const size_t key_size,
315  struct test_result_t *ret)
316 {
317  psa_status_t status;
319  psa_key_handle_t key_handle;
320  uint8_t data[TEST_MAX_KEY_LENGTH];
321  psa_key_attributes_t key_attributes = psa_key_attributes_init();
323 
324  /* Setup the key policy */
325  psa_set_key_usage_flags(&key_attributes, usage);
326  psa_set_key_algorithm(&key_attributes, alg);
327  psa_set_key_type(&key_attributes, key_type);
328 
329 #if DOMAIN_NS == 1U
330  /* Fill the key data */
331  (void)memset(data, 'A', key_size);
332 #else
333  (void)tfm_memset(data, 'A', key_size);
334 #endif
335 
336  /* Import a key */
337  status = psa_import_key(&key_attributes, data, key_size, &key_handle);
338  if (status != PSA_SUCCESS) {
339  TEST_FAIL("Error importing a key");
340  return;
341  }
342 
343  /* Setup the encryption object */
344  status = psa_cipher_encrypt_setup(&handle, key_handle, alg);
345  if (status == PSA_SUCCESS) {
346  TEST_FAIL("Should not successfully setup an invalid cipher");
347  (void)psa_destroy_key(key_handle);
348  return;
349  }
350 
351  /* Destroy the key */
352  status = psa_destroy_key(key_handle);
353  if (status != PSA_SUCCESS) {
354  TEST_FAIL("Error destroying a key");
355  return;
356  }
357 
358  ret->val = TEST_PASSED;
359 }
360 
362  struct test_result_t *ret)
363 {
364  psa_status_t status;
366 
367  /* Setup the hash object for the unsupported hash algorithm */
368  status = psa_hash_setup(&handle, alg);
369  if (status != PSA_ERROR_NOT_SUPPORTED) {
370  TEST_FAIL("Should not successfully setup an unsupported hash alg");
371  return;
372  }
373 
374  ret->val = TEST_PASSED;
375 }
376 
377 /*
378  * \brief This is the list of algorithms supported by the current
379  * configuration of the crypto engine used by the crypto
380  * service. In case the crypto engine default capabilities
381  * is changed, this list needs to be updated accordingly
382  */
383 static const psa_algorithm_t hash_alg[] = {
388 };
389 
390 static const uint8_t hash_val[][PSA_HASH_SIZE(PSA_ALG_SHA_512)] = {
391  {0x00, 0xD2, 0x90, 0xE2, 0x0E, 0x4E, 0xC1, 0x7E,
392  0x7A, 0x95, 0xF5, 0x10, 0x5C, 0x76, 0x74, 0x04,
393  0x6E, 0xB5, 0x56, 0x5E, 0xE5, 0xE7, 0xBA, 0x15,
394  0x6C, 0x23, 0x47, 0xF3},
395  {0x6B, 0x22, 0x09, 0x2A, 0x37, 0x1E, 0xF5, 0x14,
396  0xF7, 0x39, 0x4D, 0xCF, 0xAD, 0x4D, 0x17, 0x46,
397  0x66, 0xCB, 0x33, 0xA0, 0x39, 0xD8, 0x41, 0x4E,
398  0xF1, 0x2A, 0xD3, 0x4D, 0x69, 0xC3, 0xB5, 0x3E},
399  {0x64, 0x79, 0x11, 0xBB, 0x47, 0x4E, 0x47, 0x59,
400  0x3E, 0x4D, 0xBC, 0x60, 0xA5, 0xF9, 0xBF, 0x9C,
401  0xC0, 0xBA, 0x55, 0x0F, 0x93, 0xCA, 0x72, 0xDF,
402  0x57, 0x1E, 0x50, 0x56, 0xF9, 0x4A, 0x01, 0xD6,
403  0xA5, 0x6F, 0xF7, 0x62, 0x34, 0x4F, 0x48, 0xFD,
404  0x9D, 0x15, 0x07, 0x42, 0xB7, 0x72, 0x94, 0xB8},
405  {0xB4, 0x1C, 0xA3, 0x6C, 0xA9, 0x67, 0x1D, 0xAD,
406  0x34, 0x1F, 0xBE, 0x1B, 0x83, 0xC4, 0x40, 0x2A,
407  0x47, 0x42, 0x79, 0xBB, 0x21, 0xCA, 0xF0, 0x60,
408  0xE4, 0xD2, 0x6E, 0x9B, 0x70, 0x12, 0x34, 0x3F,
409  0x55, 0x2C, 0x09, 0x31, 0x0A, 0x5B, 0x40, 0x21,
410  0x01, 0xA8, 0x3B, 0x58, 0xE7, 0x48, 0x13, 0x1A,
411  0x7E, 0xCD, 0xE1, 0xD2, 0x46, 0x10, 0x58, 0x34,
412  0x49, 0x14, 0x4B, 0xAA, 0x89, 0xA9, 0xF5, 0xB1},
413 };
414 
416  struct test_result_t *ret)
417 {
418  const char *msg[] = {"This is my test message, ",
419  "please generate a hash for this."};
420 
421  const size_t msg_size[] = {25, 32}; /* Length in bytes of msg[0], msg[1] */
422  const uint32_t msg_num = sizeof(msg)/sizeof(msg[0]);
423  uint32_t idx;
424 
425  psa_status_t status;
427 
428  /* Setup the hash object for the desired hash*/
429  status = psa_hash_setup(&handle, alg);
430 
431  if (status != PSA_SUCCESS) {
432  if (status == PSA_ERROR_NOT_SUPPORTED) {
433  TEST_FAIL("Algorithm NOT SUPPORTED by the implementation");
434  return;
435  }
436 
437  TEST_FAIL("Error setting up hash operation object");
438  return;
439  }
440 
441  /* Update object with all the chunks of message */
442  for (idx=0; idx<msg_num; idx++) {
443  status = psa_hash_update(&handle,
444  (const uint8_t *)msg[idx],msg_size[idx]);
445  if (status != PSA_SUCCESS) {
446  TEST_FAIL("Error updating the hash operation object");
447  return;
448  }
449  }
450 
451  /* Cycle until idx points to the correct index in the algorithm table */
452  for (idx=0; hash_alg[idx] != alg; idx++);
453 
454  /* Finalise and verify that the hash is as expected */
455  status = psa_hash_verify(&handle, &(hash_val[idx][0]), PSA_HASH_SIZE(alg));
456  if (status != PSA_SUCCESS) {
457  TEST_FAIL("Error verifying the hash operation object");
458  return;
459  }
460 
461  ret->val = TEST_PASSED;
462 }
463 
465  const psa_algorithm_t alg,
466  struct test_result_t *ret)
467 {
468  psa_status_t status;
469  psa_key_handle_t key_handle;
472  const uint8_t data[] = "THIS IS MY KEY1";
473 
474  ret->val = TEST_PASSED;
475 
476  /* Setup the key policy */
477  psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_VERIFY);
478  psa_set_key_algorithm(&key_attributes, alg);
479  psa_set_key_type(&key_attributes, key_type);
480 
481  /* Import key */
482  status = psa_import_key(&key_attributes, data, sizeof(data), &key_handle);
483  if (status != PSA_SUCCESS) {
484  TEST_FAIL("Error importing a key");
485  return;
486  }
487 
488  /* Setup the mac object for the unsupported mac algorithm */
489  status = psa_mac_verify_setup(&handle, key_handle, alg);
490  if (status != PSA_ERROR_NOT_SUPPORTED) {
491  TEST_FAIL("Should not successfully setup an unsupported MAC alg");
492  /* Do not return, to ensure key is destroyed */
493  }
494 
495  /* Destroy the key */
496  status = psa_destroy_key(key_handle);
497  if (status != PSA_SUCCESS) {
498  TEST_FAIL("Error destroying the key");
499  }
500 }
501 
502 static const uint8_t hmac_val[][PSA_HASH_SIZE(PSA_ALG_SHA_512)] = {
503  {0xc1, 0x9f, 0x19, 0xac, 0x05, 0x65, 0x5f, 0x02,
504  0x1b, 0x64, 0x32, 0xd9, 0xb1, 0x49, 0xba, 0x75,
505  0x05, 0x60, 0x52, 0x4e, 0x78, 0xfa, 0x61, 0xc9,
506  0x37, 0x5d, 0x7f, 0x58},
507  {0x94, 0x37, 0xbe, 0xb5, 0x7f, 0x7c, 0x5c, 0xb0,
508  0x0a, 0x92, 0x4d, 0xd3, 0xba, 0x7e, 0xb1, 0x1a,
509  0xdb, 0xa2, 0x25, 0xb2, 0x82, 0x8e, 0xdf, 0xbb,
510  0x61, 0xbf, 0x91, 0x1d, 0x28, 0x23, 0x4a, 0x04},
511  {0x94, 0x21, 0x9b, 0xc3, 0xd5, 0xed, 0xe6, 0xee,
512  0x42, 0x10, 0x5a, 0x58, 0xa4, 0x4d, 0x67, 0x87,
513  0x16, 0xa2, 0xa7, 0x6c, 0x2e, 0xc5, 0x85, 0xb7,
514  0x6a, 0x4c, 0x90, 0xb2, 0x73, 0xee, 0x58, 0x3c,
515  0x59, 0x16, 0x67, 0xf3, 0x6f, 0x30, 0x99, 0x1c,
516  0x2a, 0xf7, 0xb1, 0x5f, 0x45, 0x83, 0xf5, 0x9f},
517  {0x8f, 0x76, 0xef, 0x12, 0x0b, 0x92, 0xc2, 0x06,
518  0xce, 0x01, 0x18, 0x75, 0x84, 0x96, 0xd9, 0x6f,
519  0x23, 0x88, 0xd4, 0xf8, 0xcf, 0x79, 0xf8, 0xcf,
520  0x27, 0x12, 0x9f, 0xa6, 0x7e, 0x87, 0x9a, 0x68,
521  0xee, 0xe2, 0xe7, 0x1d, 0x4b, 0xf2, 0x87, 0xc0,
522  0x05, 0x6a, 0xbd, 0x7f, 0x9d, 0xff, 0xaa, 0xf3,
523  0x9a, 0x1c, 0xb7, 0xb7, 0xbd, 0x03, 0x61, 0xa3,
524  0xa9, 0x6a, 0x5d, 0xb2, 0x81, 0xe1, 0x6f, 0x1f},
525 };
526 
527 static const uint8_t long_key_hmac_val[PSA_HASH_SIZE(PSA_ALG_SHA_224)] = {
528  0x47, 0xa3, 0x42, 0xb1, 0x2f, 0x52, 0xd3, 0x8f,
529  0x1e, 0x02, 0x4a, 0x46, 0x73, 0x0b, 0x77, 0xc1,
530  0x5e, 0x93, 0x31, 0xa9, 0x3e, 0xc2, 0x81, 0xb5,
531  0x3d, 0x07, 0x6f, 0x31
532 };
533 
535  uint8_t use_long_key,
536  struct test_result_t *ret)
537 {
538  const char *msg[] = {"This is my test message, ",
539  "please generate a hmac for this."};
540  const size_t msg_size[] = {25, 32}; /* Length in bytes of msg[0], msg[1] */
541  const uint32_t msg_num = sizeof(msg)/sizeof(msg[0]);
542  uint32_t idx;
543 
544  psa_key_handle_t key_handle;
545  const uint8_t data[] = "THIS IS MY KEY1";
546  const uint8_t long_data[] = "THIS IS MY UNCOMMONLY LONG KEY1";
548  size_t bit_size_test_key = 0;
549  psa_status_t status;
551  psa_key_attributes_t key_attributes = psa_key_attributes_init();
552  psa_key_attributes_t retrieved_attributes = psa_key_attributes_init();
554 
555  ret->val = TEST_PASSED;
556 
557  /* Setup the key policy */
558  psa_set_key_usage_flags(&key_attributes, usage);
559  psa_set_key_algorithm(&key_attributes, alg);
560  psa_set_key_type(&key_attributes, key_type);
561 
562  /* Import key */
563  if (use_long_key == 1) {
564  status = psa_import_key(&key_attributes,
565  long_data,
566  sizeof(long_data),
567  &key_handle);
568  } else {
569  status = psa_import_key(&key_attributes,
570  data,
571  sizeof(data),
572  &key_handle);
573  }
574 
575  if (status != PSA_SUCCESS) {
576  TEST_FAIL("Error importing a key");
577  return;
578  }
579 
580  if (use_long_key == 1) {
581  bit_size_test_key = BIT_SIZE_TEST_LONG_KEY;
582  } else {
583  bit_size_test_key = BIT_SIZE_TEST_KEY;
584  }
585 
586  status = psa_get_key_attributes(key_handle, &retrieved_attributes);
587  if (status != PSA_SUCCESS) {
588  TEST_FAIL("Error getting key metadata");
589  goto destroy_key_mac;
590  }
591 
592  if (psa_get_key_bits(&retrieved_attributes) != bit_size_test_key) {
593  TEST_FAIL("The number of key bits is different from expected");
594  goto destroy_key_mac;
595  }
596 
597  if (psa_get_key_type(&retrieved_attributes) != key_type) {
598  TEST_FAIL("The type of the key is different from expected");
599  goto destroy_key_mac;
600  }
601 
602  psa_reset_key_attributes(&retrieved_attributes);
603 
604  /* Setup the mac object for hmac */
605  status = psa_mac_verify_setup(&handle, key_handle, alg);
606  if (status != PSA_SUCCESS) {
607  TEST_FAIL("Error setting up mac operation object");
608  goto destroy_key_mac;
609  }
610 
611  /* Update object with all the chunks of message */
612  for (idx=0; idx<msg_num; idx++) {
613  status = psa_mac_update(&handle,
614  (const uint8_t *)msg[idx],
615  msg_size[idx]);
616  if (status != PSA_SUCCESS) {
617  TEST_FAIL("Error during mac operation");
618  goto destroy_key_mac;
619  }
620  }
621 
622  /* Cycle until idx points to the correct index in the algorithm table */
623  for (idx=0; hash_alg[idx] != PSA_ALG_HMAC_GET_HASH(alg); idx++);
624 
625  /* Finalise and verify the mac value */
626  if (use_long_key == 1) {
627  status = psa_mac_verify_finish(
628  &handle,
629  &(long_key_hmac_val[0]),
631  } else {
632  status = psa_mac_verify_finish(
633  &handle,
634  &(hmac_val[idx][0]),
636  }
637  if (status != PSA_SUCCESS) {
638  TEST_FAIL("Error during finalising the mac operation");
639  goto destroy_key_mac;
640  }
641 
642 destroy_key_mac:
643  /* Destroy the key */
644  status = psa_destroy_key(key_handle);
645  if (status != PSA_SUCCESS) {
646  TEST_FAIL("Error destroying the key");
647  }
648 }
649 
650 void psa_aead_test(const psa_key_type_t key_type,
651  const psa_algorithm_t alg,
652  struct test_result_t *ret)
653 {
654  psa_key_handle_t key_handle;
655  const size_t nonce_length = 12;
656  const uint8_t nonce[] = "01234567890";
657  const uint8_t plain_text[BYTE_SIZE_CHUNK] = "Sixteen bytes!!";
658  const uint8_t associated_data[ASSOCIATED_DATA_SIZE] =
659  "This is associated data";
660  uint8_t encrypted_data[ENC_DEC_BUFFER_SIZE] = {0};
661  size_t encrypted_data_length = 0, decrypted_data_length = 0;
662  uint8_t decrypted_data[ENC_DEC_BUFFER_SIZE] = {0};
663  psa_status_t status;
664  const uint8_t data[] = "THIS IS MY KEY1";
665  uint32_t comp_result;
666  psa_key_attributes_t key_attributes = psa_key_attributes_init();
667  psa_key_attributes_t retrieved_attributes = psa_key_attributes_init();
669 
670  ret->val = TEST_PASSED;
671 
672  /* Setup the key policy */
673  psa_set_key_usage_flags(&key_attributes, usage);
674  psa_set_key_algorithm(&key_attributes, alg);
675  psa_set_key_type(&key_attributes, key_type);
676 
677  /* Import a key */
678  status = psa_import_key(&key_attributes, data, sizeof(data), &key_handle);
679  if (status != PSA_SUCCESS) {
680  TEST_FAIL("Error importing a key");
681  return;
682  }
683 
684  status = psa_get_key_attributes(key_handle, &retrieved_attributes);
685  if (status != PSA_SUCCESS) {
686  TEST_FAIL("Error getting key metadata");
687  goto destroy_key_aead;
688  }
689 
690  if (psa_get_key_bits(&retrieved_attributes) != BIT_SIZE_TEST_KEY) {
691  TEST_FAIL("The number of key bits is different from expected");
692  goto destroy_key_aead;
693  }
694 
695  if (psa_get_key_type(&retrieved_attributes) != key_type) {
696  TEST_FAIL("The type of the key is different from expected");
697  goto destroy_key_aead;
698  }
699 
700  psa_reset_key_attributes(&retrieved_attributes);
701 
702  /* Perform AEAD encryption */
703  status = psa_aead_encrypt(key_handle, alg, nonce, nonce_length,
704  associated_data,
705  sizeof(associated_data),
706  plain_text,
707  sizeof(plain_text),
708  encrypted_data,
709  sizeof(encrypted_data),
710  &encrypted_data_length);
711 
712  if (status != PSA_SUCCESS) {
713  if (status == PSA_ERROR_NOT_SUPPORTED) {
714  TEST_FAIL("Algorithm NOT SUPPORTED by the implementation");
715  goto destroy_key_aead;
716  }
717 
718  TEST_FAIL("Error performing AEAD encryption");
719  goto destroy_key_aead;
720  }
721 
722  if (encrypted_data_length
723  != PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, sizeof(plain_text))) {
724  TEST_FAIL("Encrypted data length is different than expected");
725  goto destroy_key_aead;
726  }
727 
728  /* Perform AEAD decryption */
729  status = psa_aead_decrypt(key_handle, alg, nonce, nonce_length,
730  associated_data,
731  sizeof(associated_data),
732  encrypted_data,
733  encrypted_data_length,
734  decrypted_data,
735  sizeof(decrypted_data),
736  &decrypted_data_length);
737 
738  if (status != PSA_SUCCESS) {
739  if (status == PSA_ERROR_NOT_SUPPORTED) {
740  TEST_FAIL("Algorithm NOT SUPPORTED by the implementation");
741  } else {
742  TEST_FAIL("Error performing AEAD decryption");
743  }
744 
745  goto destroy_key_aead;
746  }
747 
748  if (sizeof(plain_text) != decrypted_data_length) {
749  TEST_FAIL("Decrypted data length is different from plain text");
750  goto destroy_key_aead;
751  }
752 
753 #if DOMAIN_NS == 1U
754  /* Check that the decrypted data is the same as the original data */
755  comp_result = memcmp(plain_text, decrypted_data, sizeof(plain_text));
756 #else
757  comp_result = tfm_memcmp(plain_text, decrypted_data, sizeof(plain_text));
758 #endif
759  if (comp_result != 0) {
760  TEST_FAIL("Decrypted data doesn't match with plain text");
761  goto destroy_key_aead;
762  }
763 
764 destroy_key_aead:
765  /* Destroy the key */
766  status = psa_destroy_key(key_handle);
767  if (status != PSA_SUCCESS) {
768  TEST_FAIL("Error destroying a key");
769  }
770 }
771 
772 /*
773  * The list of available AES cipher/AEAD mode for test.
774  * Not all the modes can be available in some use cases and configurations.
775  */
776 static const psa_algorithm_t test_aes_mode_array[] = {
777 #ifdef TFM_CRYPTO_TEST_ALG_CBC
779 #endif
780 #ifdef TFM_CRYPTO_TEST_ALG_CCM
781  PSA_ALG_CCM,
782 #endif
783 #ifdef TFM_CRYPTO_TEST_ALG_CFB
784  PSA_ALG_CFB,
785 #endif
786 #ifdef TFM_CRYPTO_TEST_ALG_CTR
787  PSA_ALG_CTR,
788 #endif
789 #ifdef TFM_CRYPTO_TEST_ALG_GCM
790  PSA_ALG_GCM,
791 #endif
792  /* In case no AES algorithm is available */
794 };
795 
796 /* Number of available AES cipher modes */
797 #define NR_TEST_AES_MODE (sizeof(test_aes_mode_array) / \
798  sizeof(test_aes_mode_array[0]) - 1)
799 
801 {
802  psa_status_t status;
803  psa_key_attributes_t key_attributes = psa_key_attributes_init();
804  psa_key_handle_t key_handle;
805  const uint8_t data[19] = {0};
806 
807  if (NR_TEST_AES_MODE < 1) {
808  TEST_FAIL("A cipher mode in AES is required in current test case");
809  return;
810  }
811 
812  /* Setup the key policy */
813  psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_ENCRYPT);
814  psa_set_key_algorithm(&key_attributes, test_aes_mode_array[0]);
815  psa_set_key_type(&key_attributes, PSA_KEY_TYPE_AES);
816 
817  /* AES does not support 152-bit keys */
818  status = psa_import_key(&key_attributes, data, sizeof(data), &key_handle);
819  if (status != PSA_ERROR_INVALID_ARGUMENT) {
820  TEST_FAIL("Should not successfully import with an invalid key length");
821  return;
822  }
823 
824  ret->val = TEST_PASSED;
825 }
826 
828 {
829  psa_algorithm_t alg = test_aes_mode_array[0];
830  psa_algorithm_t alg_out;
832  psa_key_lifetime_t lifetime_out;
833  psa_key_attributes_t key_attributes = psa_key_attributes_init();
835  psa_key_usage_t usage_out;
836 
837  if (NR_TEST_AES_MODE < 1) {
838  TEST_FAIL("A cipher mode in AES is required in current test case");
839  return;
840  }
841 
842  /* Verify that initialised policy forbids all usage */
843  usage_out = psa_get_key_usage_flags(&key_attributes);
844  if (usage_out != 0) {
845  TEST_FAIL("Unexpected usage value");
846  return;
847  }
848 
849  alg_out = psa_get_key_algorithm(&key_attributes);
850  if (alg_out != 0) {
851  TEST_FAIL("Unexpected algorithm value");
852  return;
853  }
854 
855  /* Set the key policy values */
856  psa_set_key_usage_flags(&key_attributes, usage);
857  psa_set_key_algorithm(&key_attributes, alg);
858 
859  /* Check that the key policy has the correct usage */
860  usage_out = psa_get_key_usage_flags(&key_attributes);
861  if (usage_out != usage) {
862  TEST_FAIL("Unexpected usage value");
863  return;
864  }
865 
866  /* Check that the key policy has the correct algorithm */
867  alg_out = psa_get_key_algorithm(&key_attributes);
868  if (alg_out != alg) {
869  TEST_FAIL("Unexpected algorithm value");
870  return;
871  }
872 
873  /* Check the key handle has the correct key lifetime */
874  lifetime_out = psa_get_key_lifetime(&key_attributes);
875 
876  if (lifetime_out != lifetime) {
877  TEST_FAIL("Unexpected key lifetime value");
878  return;
879  }
880 
881  ret->val = TEST_PASSED;
882 }
883 
885 {
886  psa_status_t status;
887  psa_algorithm_t alg, not_permit_alg;
889  psa_key_attributes_t key_attributes = psa_key_attributes_init();
890  psa_key_handle_t key_handle;
892  size_t data_len;
893  const uint8_t data[] = "THIS IS MY KEY1";
894  uint8_t data_out[sizeof(data)];
895  uint8_t i, j;
896 
897  ret->val = TEST_PASSED;
898 
899  if (NR_TEST_AES_MODE < 2) {
900  TEST_LOG("Two cipher modes are required. Skip this test case\r\n");
901  return;
902  }
903 
904  /*
905  * Search for two modes for test. Both modes should be Cipher algorithms.
906  * Otherwise, cipher setup may fail before policy permission check.
907  */
908  for (i = 0; i < NR_TEST_AES_MODE - 1; i++) {
909  if (PSA_ALG_IS_CIPHER(test_aes_mode_array[i])) {
910  alg = test_aes_mode_array[i];
911  break;
912  }
913  }
914 
915  for (j = i + 1; j < NR_TEST_AES_MODE; j++) {
916  if (PSA_ALG_IS_CIPHER(test_aes_mode_array[j])) {
917  not_permit_alg = test_aes_mode_array[j];
918  break;
919  }
920  }
921 
922  if (j == NR_TEST_AES_MODE) {
923  TEST_LOG("Unable to find two Cipher algs. Skip this test case.\r\n");
924  return;
925  }
926 
927  /* Setup the key policy */
928  psa_set_key_usage_flags(&key_attributes, usage);
929  psa_set_key_algorithm(&key_attributes, alg);
930  psa_set_key_type(&key_attributes, PSA_KEY_TYPE_AES);
931 
932  /* Import a key to the key handle for which policy has been set */
933  status = psa_import_key(&key_attributes, data, sizeof(data), &key_handle);
934  if (status != PSA_SUCCESS) {
935  TEST_FAIL("Failed to import a key");
936  return;
937  }
938 
939  /* Setup a cipher permitted by the key policy */
940  status = psa_cipher_encrypt_setup(&handle, key_handle, alg);
941  if (status != PSA_SUCCESS) {
942  TEST_FAIL("Failed to setup cipher operation");
943  goto destroy_key;
944  }
945 
946  status = psa_cipher_abort(&handle);
947  if (status != PSA_SUCCESS) {
948  TEST_FAIL("Failed to abort cipher operation");
949  goto destroy_key;
950  }
951 
952  /* Attempt to setup a cipher with an alg not permitted by the policy */
953  status = psa_cipher_encrypt_setup(&handle, key_handle, not_permit_alg);
954  if (status != PSA_ERROR_NOT_PERMITTED) {
955  TEST_FAIL("Was able to setup cipher operation with wrong alg");
956  goto destroy_key;
957  }
958 
959  /* Attempt to export the key, which is forbidden by the key policy */
960  status = psa_export_key(key_handle, data_out, sizeof(data_out), &data_len);
961  if (status != PSA_ERROR_NOT_PERMITTED) {
962  TEST_FAIL("Should not be able to export key without correct usage");
963  goto destroy_key;
964  }
965 
966 destroy_key:
967  status = psa_destroy_key(key_handle);
968  if (status != PSA_SUCCESS) {
969  TEST_FAIL("Failed to destroy key");
970  }
971 }
972 
974 {
975  psa_status_t status;
976  int comp_result;
977  psa_key_handle_t key_handle;
978  psa_algorithm_t alg = test_aes_mode_array[0];
981  size_t data_len;
982  const uint8_t data[] = "THIS IS MY KEY1";
983  uint8_t data_out[sizeof(data)] = {0};
984 
985  if (NR_TEST_AES_MODE < 1) {
986  TEST_FAIL("A cipher mode in AES is required in current test case");
987  return;
988  }
989 
990  /* Setup the key attributes with a key ID to create a persistent key */
991  psa_set_key_id(&key_attributes, key_id);
992  psa_set_key_usage_flags(&key_attributes, usage);
993  psa_set_key_algorithm(&key_attributes, alg);
994  psa_set_key_type(&key_attributes, PSA_KEY_TYPE_AES);
995 
996  /* Import key data to create the persistent key */
997  status = psa_import_key(&key_attributes, data, sizeof(data), &key_handle);
998  if (status != PSA_SUCCESS) {
999  TEST_FAIL("Failed to import a key");
1000  return;
1001  }
1002 
1003  /* Close the persistent key handle */
1004  status = psa_close_key(key_handle);
1005  if (status != PSA_SUCCESS) {
1006  TEST_FAIL("Failed to close a persistent key handle");
1007  return;
1008  }
1009 
1010  /* Open the previsously-created persistent key */
1011  status = psa_open_key(key_id, &key_handle);
1012  if (status != PSA_SUCCESS) {
1013  TEST_FAIL("Failed to open a persistent key");
1014  return;
1015  }
1016 
1017  /* Export the persistent key */
1018  status = psa_export_key(key_handle, data_out, sizeof(data_out), &data_len);
1019  if (status != PSA_SUCCESS) {
1020  TEST_FAIL("Failed to export a persistent key");
1021  return;
1022  }
1023 
1024  if (data_len != sizeof(data)) {
1025  TEST_FAIL("Number of bytes of exported key different from expected");
1026  return;
1027  }
1028 
1029  /* Check that the exported key is the same as the imported one */
1030 #if DOMAIN_NS == 1U
1031  comp_result = memcmp(data_out, data, sizeof(data));
1032 #else
1033  comp_result = tfm_memcmp(data_out, data, sizeof(data));
1034 #endif
1035  if (comp_result != 0) {
1036  TEST_FAIL("Exported key does not match the imported key");
1037  return;
1038  }
1039 
1040  /* Destroy the persistent key */
1041  status = psa_destroy_key(key_handle);
1042  if (status != PSA_SUCCESS) {
1043  TEST_FAIL("Failed to destroy a persistent key");
1044  return;
1045  }
1046 
1047  ret->val = TEST_PASSED;
1048 }
1049 
1050 #define KEY_DERIVE_OUTPUT_LEN 32
1051 #define KEY_DERIV_SECRET_LEN 16
1052 #define KEY_DERIV_LABEL_INFO_LEN 8
1053 #define KEY_DERIV_SEED_SALT_LEN 8
1054 
1055 static uint8_t key_deriv_secret[KEY_DERIV_SECRET_LEN];
1056 static uint8_t key_deriv_label_info[KEY_DERIV_LABEL_INFO_LEN];
1057 static uint8_t key_deriv_seed_salt[KEY_DERIV_SEED_SALT_LEN];
1058 
1060  struct test_result_t *ret)
1061 {
1062  psa_key_handle_t input_handle = 0, output_handle = 0;
1066  psa_status_t status;
1067  uint8_t counter = 0xA5;
1068 
1069  /* Prepare the parameters */
1070 #if DOMAIN_NS == 1U
1071  memset(key_deriv_secret, counter, KEY_DERIV_SECRET_LEN);
1072  memset(key_deriv_label_info, counter++, KEY_DERIV_LABEL_INFO_LEN);
1073  memset(key_deriv_seed_salt, counter++, KEY_DERIV_SEED_SALT_LEN);
1074 #else
1075  tfm_memset(key_deriv_secret, counter, KEY_DERIV_SECRET_LEN);
1076  tfm_memset(key_deriv_label_info, counter++, KEY_DERIV_LABEL_INFO_LEN);
1077  tfm_memset(key_deriv_seed_salt, counter++, KEY_DERIV_SEED_SALT_LEN);
1078 #endif
1079 
1080  deriv_ops = psa_key_derivation_operation_init();
1081 
1082  psa_set_key_usage_flags(&input_key_attr, PSA_KEY_USAGE_DERIVE);
1083  psa_set_key_algorithm(&input_key_attr, deriv_alg);
1084  psa_set_key_type(&input_key_attr, PSA_KEY_TYPE_DERIVE);
1085 
1086  /* Force to use HMAC-SHA256 as HMAC operation so far */
1087  status = psa_import_key(&input_key_attr, key_deriv_secret,
1088  KEY_DERIV_SECRET_LEN, &input_handle);
1089  if (status != PSA_SUCCESS) {
1090  TEST_FAIL("Failed to import secret");
1091  return;
1092  }
1093 
1094  status = psa_key_derivation_setup(&deriv_ops, deriv_alg);
1095  if (status != PSA_SUCCESS) {
1096  TEST_FAIL("Failed to setup derivation operation");
1097  goto destroy_key;
1098  }
1099 
1100  if (PSA_ALG_IS_TLS12_PRF(deriv_alg) ||
1101  PSA_ALG_IS_TLS12_PSK_TO_MS(deriv_alg)) {
1102  status = psa_key_derivation_input_bytes(&deriv_ops,
1104  key_deriv_seed_salt,
1106  if (status != PSA_SUCCESS) {
1107  TEST_FAIL("Failed to input seed");
1108  goto deriv_abort;
1109  }
1110 
1111  status = psa_key_derivation_input_key(&deriv_ops,
1113  input_handle);
1114  if (status != PSA_SUCCESS) {
1115  TEST_FAIL("Failed to input key");
1116  goto deriv_abort;
1117  }
1118 
1119  status = psa_key_derivation_input_bytes(&deriv_ops,
1121  key_deriv_label_info,
1123  if (status != PSA_SUCCESS) {
1124  TEST_FAIL("Failed to input label");
1125  goto deriv_abort;
1126  }
1127  } else if (PSA_ALG_IS_HKDF(deriv_alg)) {
1128  status = psa_key_derivation_input_bytes(&deriv_ops,
1130  key_deriv_seed_salt,
1132  if (status != PSA_SUCCESS) {
1133  TEST_FAIL("Failed to input salt");
1134  goto deriv_abort;
1135  }
1136 
1137  status = psa_key_derivation_input_key(&deriv_ops,
1139  input_handle);
1140  if (status != PSA_SUCCESS) {
1141  TEST_FAIL("Failed to input key");
1142  goto deriv_abort;
1143  }
1144 
1145  status = psa_key_derivation_input_bytes(&deriv_ops,
1147  key_deriv_label_info,
1149  if (status != PSA_SUCCESS) {
1150  TEST_FAIL("Failed to input info");
1151  goto deriv_abort;
1152  }
1153  } else {
1154  TEST_FAIL("Unsupported derivation algorithm");
1155  goto deriv_abort;
1156  }
1157 
1158  if (NR_TEST_AES_MODE < 1) {
1159  TEST_LOG("No AES algorithm to verify. Output raw data instead");
1160  psa_set_key_type(&output_key_attr, PSA_KEY_TYPE_RAW_DATA);
1161  } else {
1162  psa_set_key_usage_flags(&output_key_attr, PSA_KEY_USAGE_ENCRYPT);
1163  psa_set_key_algorithm(&output_key_attr, test_aes_mode_array[0]);
1164  psa_set_key_type(&output_key_attr, PSA_KEY_TYPE_AES);
1165  }
1166  psa_set_key_bits(&output_key_attr,
1168 
1169  status = psa_key_derivation_output_key(&output_key_attr, &deriv_ops,
1170  &output_handle);
1171  if (status != PSA_SUCCESS) {
1172  TEST_FAIL("Failed to output key");
1173  goto deriv_abort;
1174  }
1175 
1176  ret->val = TEST_PASSED;
1177 
1178 deriv_abort:
1179  psa_key_derivation_abort(&deriv_ops);
1180 destroy_key:
1181  psa_destroy_key(input_handle);
1182  if (output_handle) {
1183  psa_destroy_key(output_handle);
1184  }
1185 
1186  return;
1187 }
#define PSA_KEY_USAGE_EXPORT
void psa_unsupported_hash_test(const psa_algorithm_t alg, struct test_result_t *ret)
Tests setup of an unsupported hash algorithm.
#define BIT_SIZE_TEST_KEY
Size of the key to use in tests in bits.
#define PSA_HASH_SIZE(alg)
Definition: crypto_sizes.h:53
#define psa_mac_update
Definition: crypto_spe.h:111
#define PSA_KEY_DERIVATION_INPUT_SEED
void psa_key_interface_test(const psa_key_type_t key_type, struct test_result_t *ret)
Tests the key interfaces with different key types.
#define PSA_MAC_OPERATION_INIT
Definition: crypto.h:1333
#define psa_cipher_finish
Definition: crypto_spe.h:83
#define PSA_KEY_TYPE_DERIVE
#define psa_hash_setup
Definition: crypto_spe.h:89
void psa_invalid_cipher_test(const psa_key_type_t key_type, const psa_algorithm_t alg, const size_t key_size, struct test_result_t *ret)
Tests invalid key type and algorithm combinations for block ciphers.
__STATIC_INLINE void * tfm_memset(void *ptr, int value, size_t num)
#define PSA_SUCCESS
Definition: crypto_values.h:35
#define psa_aead_encrypt
Definition: crypto_spe.h:49
#define TEST_FAIL(info_msg)
#define PSA_KEY_TYPE_RAW_DATA
#define psa_mac_operation_init
Definition: crypto_spe.h:105
#define PSA_KEY_LIFETIME_VOLATILE
uint32_t psa_key_id_t
Definition: crypto_types.h:223
#define PSA_ALG_GCM
#define psa_cipher_operation_init
Definition: crypto_spe.h:71
#define psa_cipher_set_iv
Definition: crypto_spe.h:75
#define KEY_DERIV_SECRET_LEN
#define KEY_DERIV_SEED_SALT_LEN
#define psa_hash_verify
Definition: crypto_spe.h:95
#define PSA_ALG_IS_HKDF(alg)
#define psa_mac_verify_setup
Definition: crypto_spe.h:109
#define psa_reset_key_attributes
Definition: crypto_spe.h:63
#define PSA_ALG_SHA_256
#define PSA_KEY_DERIVATION_INPUT_LABEL
void psa_mac_test(const psa_algorithm_t alg, uint8_t use_long_key, struct test_result_t *ret)
Tests different MAC algorithms.
#define PSA_KEY_ATTRIBUTES_INIT
Definition: crypto.h:113
#define KEY_DERIV_LABEL_INFO_LEN
#define PSA_ALG_SHA_512
void psa_invalid_key_length_test(struct test_result_t *ret)
Tests invalid key length.
void psa_persistent_key_test(psa_key_id_t key_id, struct test_result_t *ret)
Tests persistent keys.
#define PSA_ALG_SHA_224
void psa_policy_key_interface_test(struct test_result_t *ret)
Tests the policy key interface.
#define PSA_KEY_USAGE_DERIVE
#define psa_get_key_attributes
Definition: crypto_spe.h:61
#define psa_import_key
Definition: crypto_spe.h:57
void psa_cipher_test(const psa_key_type_t key_type, const psa_algorithm_t alg, struct test_result_t *ret)
Run block ciphering tests with different algorithms and key types.
#define BYTE_SIZE_TEST_KEY
Macro to extract the size of the key in bytes.
#define PSA_ALG_SHA_384
#define PSA_KEY_USAGE_DECRYPT
#define psa_cipher_encrypt_setup
Definition: crypto_spe.h:77
#define PSA_KEY_DERIVATION_INPUT_INFO
#define BIT_SIZE_TEST_LONG_KEY
Size of the long key to use in tests in bits.
#define psa_key_derivation_output_key
Definition: crypto_spe.h:37
#define PSA_ALG_CBC_NO_PADDING
#define psa_hash_update
Definition: crypto_spe.h:91
#define PSA_BYTES_TO_BITS(bytes)
Definition: crypto_sizes.h:34
#define PSA_ERROR_INVALID_ARGUMENT
#define PSA_ALG_CFB
#define psa_key_derivation_input_key
Definition: crypto_spe.h:35
#define psa_key_derivation_input_bytes
Definition: crypto_spe.h:31
#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)
Definition: crypto_sizes.h:200
#define BYTE_SIZE_CHUNK
Size in bytes of a chunk of data to process.
#define psa_open_key
Definition: crypto_spe.h:53
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
Definition: crypto_types.h:90
#define NR_TEST_AES_MODE
#define psa_cipher_update
Definition: crypto_spe.h:81
#define PSA_ERROR_NOT_PERMITTED
Definition: crypto_values.h:65
void psa_aead_test(const psa_key_type_t key_type, const psa_algorithm_t alg, struct test_result_t *ret)
Run AEAD tests with different algorithms and key types.
#define psa_key_derivation_setup
Definition: crypto_spe.h:39
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
Definition: crypto_types.h:233
void psa_unsupported_mac_test(const psa_key_type_t key_type, const psa_algorithm_t alg, struct test_result_t *ret)
Tests setup of an unsupported MAC algorithm.
#define PSA_KEY_TYPE_AES
uint16_t psa_key_type_t
Encoding of a key type.
Definition: crypto_types.h:58
#define PSA_ALG_HMAC_GET_HASH(hmac_alg)
#define PSA_KEY_USAGE_VERIFY
Definition: crypto_compat.h:71
#define PSA_KEY_DERIVATION_INPUT_SALT
void psa_key_derivation_test(psa_algorithm_t deriv_alg, struct test_result_t *ret)
Key derivation test.
_unsigned_integral_type_ psa_key_handle_t
Key handle.
Definition: crypto.h:35
#define PSA_ALG_CTR
int memcmp(const void *s1, const void *s2, size_t n)
Definition: crt_memcmp.c:11
#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type)
#define PSA_KEY_DERIVATION_INPUT_SECRET
#define PSA_ERROR_NOT_SUPPORTED
Definition: crypto_values.h:52
#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg)
#define PSA_HASH_OPERATION_INIT
Definition: crypto.h:965
#define KEY_DERIVE_OUTPUT_LEN
#define psa_hash_operation_init
Definition: crypto_spe.h:87
#define PSA_KEY_TYPE_HMAC
#define psa_key_derivation_abort
Definition: crypto_spe.h:41
#define ENC_DEC_BUFFER_SIZE
Size in bytes of the encryption/decryption buffers.
#define PSA_ALG_IS_CIPHER(alg)
#define PSA_ERROR_INVALID_HANDLE
#define TEST_LOG(...)
#define ASSOCIATED_DATA_SIZE
Size in bytes of the associated data to authenticate in AEAD tests.
#define psa_destroy_key
Definition: crypto_spe.h:59
#define PSA_ALG_CCM
enum test_status_t val
#define psa_mac_verify_finish
Definition: crypto_spe.h:115
#define psa_cipher_decrypt_setup
Definition: crypto_spe.h:79
__STATIC_INLINE int tfm_memcmp(const void *ptr1, const void *ptr2, size_t num)
void psa_hash_test(const psa_algorithm_t alg, struct test_result_t *ret)
Tests different hashing algorithms.
uint32_t psa_key_lifetime_t
Definition: crypto_types.h:133
void psa_policy_invalid_policy_usage_test(struct test_result_t *ret)
Tests invalid policy usage.
#define psa_cipher_abort
Definition: crypto_spe.h:85
#define psa_close_key
Definition: crypto_spe.h:55
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:43
#define TEST_MAX_KEY_LENGTH
The maximum allowed key length in bytes used in the tests.
#define PSA_KEY_USAGE_ENCRYPT
#define psa_export_key
Definition: crypto_spe.h:65
void * memset(void *s, int c, size_t n)
Definition: crt_memset.c:10
#define PSA_ALG_VENDOR_FLAG
#define psa_aead_decrypt
Definition: crypto_spe.h:51
#define PSA_ALG_IS_TLS12_PRF(alg)