21 const uint8_t data[] =
"THIS IS MY KEY1";
22 uint8_t exported_data[
sizeof(data)] = {0};
23 size_t exported_data_size = 0;
29 psa_set_key_type(&key_attributes, key_type);
45 TEST_FAIL(
"The number of key bits is different from expected");
49 if (psa_get_key_type(&retrieved_attributes) != key_type) {
50 TEST_FAIL(
"The type of the key is different from expected");
67 TEST_FAIL(
"Number of bytes of exported key different from expected");
72 for (i=0; i<exported_data_size; i++) {
73 if (exported_data[i] != data[i]) {
74 TEST_FAIL(
"Exported key doesn't match the imported key");
87 TEST_FAIL(
"Key handle should be invalid now");
104 const uint8_t data[] =
"THIS IS MY KEY1";
106 const uint8_t iv[] =
"012345678901234";
109 size_t output_length = 0, total_output_length = 0;
111 uint32_t comp_result;
121 #ifdef CRYPTO_HW_ACCELERATOR_CC312
123 TEST_LOG(
"%s %s",
"The CC312 does not support CFB mode.",
124 "The test execution was SKIPPED.\r\n");
130 psa_set_key_usage_flags(&key_attributes, usage);
131 psa_set_key_algorithm(&key_attributes, alg);
132 psa_set_key_type(&key_attributes, key_type);
135 status =
psa_import_key(&key_attributes, data,
sizeof(data), &key_handle);
148 TEST_FAIL(
"The number of key bits is different from expected");
152 if (psa_get_key_type(&key_attributes) != key_type) {
153 TEST_FAIL(
"The type of the key is different from expected");
163 TEST_FAIL(
"Algorithm NOT SUPPORTED by the implementation");
165 TEST_FAIL(
"Error setting up cipher operation object");
173 TEST_FAIL(
"Error setting the IV on the cypher operation object");
176 TEST_FAIL(
"Error aborting the operation");
187 TEST_FAIL(
"Error encrypting one chunk of information");
190 TEST_FAIL(
"Error aborting the operation");
196 TEST_FAIL(
"Expected encrypted data length is different from expected");
199 TEST_FAIL(
"Error aborting the operation");
210 TEST_FAIL(
"Error finalising the cipher operation");
213 TEST_FAIL(
"Error aborting the operation");
218 if (output_length != 0) {
219 TEST_FAIL(
"Unexpected output length after finalisation");
232 TEST_FAIL(
"Error setting up cipher operation object");
239 TEST_FAIL(
"Error setting the IV for decryption");
242 TEST_FAIL(
"Error aborting the operation");
251 (decrypted_data + total_output_length),
252 (ENC_DEC_BUFFER_SIZE - total_output_length),
259 TEST_FAIL(
"Error aborting the operation");
264 total_output_length += output_length;
269 comp_result =
memcmp(plain_text, decrypted_data,
sizeof(plain_text));
271 comp_result =
tfm_memcmp(plain_text, decrypted_data,
sizeof(plain_text));
273 if (comp_result != 0) {
274 TEST_FAIL(
"Decrypted data doesn't match with plain text");
277 TEST_FAIL(
"Error aborting the operation");
287 TEST_FAIL(
"Error finalising the cipher operation");
290 TEST_FAIL(
"Error aborting the operation");
295 total_output_length += output_length;
298 if (total_output_length != ENC_DEC_BUFFER_SIZE) {
299 TEST_FAIL(
"After finalising, unexpected decrypted length");
314 const size_t key_size,
325 psa_set_key_usage_flags(&key_attributes, usage);
326 psa_set_key_algorithm(&key_attributes, alg);
327 psa_set_key_type(&key_attributes, key_type);
331 (void)
memset(data,
'A', key_size);
337 status =
psa_import_key(&key_attributes, data, key_size, &key_handle);
346 TEST_FAIL(
"Should not successfully setup an invalid cipher");
370 TEST_FAIL(
"Should not successfully setup an unsupported hash alg");
391 {0x00, 0xD2, 0x90, 0xE2, 0x0E, 0x4E, 0xC1, 0x7E,
392 0x7A, 0x95, 0xF5, 0x10, 0x5C, 0x76, 0x74, 0x04,
393 0x6E, 0xB5, 0x56, 0x5E, 0xE5, 0xE7, 0xBA, 0x15,
394 0x6C, 0x23, 0x47, 0xF3},
395 {0x6B, 0x22, 0x09, 0x2A, 0x37, 0x1E, 0xF5, 0x14,
396 0xF7, 0x39, 0x4D, 0xCF, 0xAD, 0x4D, 0x17, 0x46,
397 0x66, 0xCB, 0x33, 0xA0, 0x39, 0xD8, 0x41, 0x4E,
398 0xF1, 0x2A, 0xD3, 0x4D, 0x69, 0xC3, 0xB5, 0x3E},
399 {0x64, 0x79, 0x11, 0xBB, 0x47, 0x4E, 0x47, 0x59,
400 0x3E, 0x4D, 0xBC, 0x60, 0xA5, 0xF9, 0xBF, 0x9C,
401 0xC0, 0xBA, 0x55, 0x0F, 0x93, 0xCA, 0x72, 0xDF,
402 0x57, 0x1E, 0x50, 0x56, 0xF9, 0x4A, 0x01, 0xD6,
403 0xA5, 0x6F, 0xF7, 0x62, 0x34, 0x4F, 0x48, 0xFD,
404 0x9D, 0x15, 0x07, 0x42, 0xB7, 0x72, 0x94, 0xB8},
405 {0xB4, 0x1C, 0xA3, 0x6C, 0xA9, 0x67, 0x1D, 0xAD,
406 0x34, 0x1F, 0xBE, 0x1B, 0x83, 0xC4, 0x40, 0x2A,
407 0x47, 0x42, 0x79, 0xBB, 0x21, 0xCA, 0xF0, 0x60,
408 0xE4, 0xD2, 0x6E, 0x9B, 0x70, 0x12, 0x34, 0x3F,
409 0x55, 0x2C, 0x09, 0x31, 0x0A, 0x5B, 0x40, 0x21,
410 0x01, 0xA8, 0x3B, 0x58, 0xE7, 0x48, 0x13, 0x1A,
411 0x7E, 0xCD, 0xE1, 0xD2, 0x46, 0x10, 0x58, 0x34,
412 0x49, 0x14, 0x4B, 0xAA, 0x89, 0xA9, 0xF5, 0xB1},
418 const char *msg[] = {
"This is my test message, ",
419 "please generate a hash for this."};
421 const size_t msg_size[] = {25, 32};
422 const uint32_t msg_num =
sizeof(msg)/
sizeof(msg[0]);
433 TEST_FAIL(
"Algorithm NOT SUPPORTED by the implementation");
437 TEST_FAIL(
"Error setting up hash operation object");
442 for (idx=0; idx<msg_num; idx++) {
444 (
const uint8_t *)msg[idx],msg_size[idx]);
446 TEST_FAIL(
"Error updating the hash operation object");
452 for (idx=0; hash_alg[idx] != alg; idx++);
457 TEST_FAIL(
"Error verifying the hash operation object");
472 const uint8_t data[] =
"THIS IS MY KEY1";
478 psa_set_key_algorithm(&key_attributes, alg);
479 psa_set_key_type(&key_attributes, key_type);
482 status =
psa_import_key(&key_attributes, data,
sizeof(data), &key_handle);
491 TEST_FAIL(
"Should not successfully setup an unsupported MAC alg");
503 {0xc1, 0x9f, 0x19, 0xac, 0x05, 0x65, 0x5f, 0x02,
504 0x1b, 0x64, 0x32, 0xd9, 0xb1, 0x49, 0xba, 0x75,
505 0x05, 0x60, 0x52, 0x4e, 0x78, 0xfa, 0x61, 0xc9,
506 0x37, 0x5d, 0x7f, 0x58},
507 {0x94, 0x37, 0xbe, 0xb5, 0x7f, 0x7c, 0x5c, 0xb0,
508 0x0a, 0x92, 0x4d, 0xd3, 0xba, 0x7e, 0xb1, 0x1a,
509 0xdb, 0xa2, 0x25, 0xb2, 0x82, 0x8e, 0xdf, 0xbb,
510 0x61, 0xbf, 0x91, 0x1d, 0x28, 0x23, 0x4a, 0x04},
511 {0x94, 0x21, 0x9b, 0xc3, 0xd5, 0xed, 0xe6, 0xee,
512 0x42, 0x10, 0x5a, 0x58, 0xa4, 0x4d, 0x67, 0x87,
513 0x16, 0xa2, 0xa7, 0x6c, 0x2e, 0xc5, 0x85, 0xb7,
514 0x6a, 0x4c, 0x90, 0xb2, 0x73, 0xee, 0x58, 0x3c,
515 0x59, 0x16, 0x67, 0xf3, 0x6f, 0x30, 0x99, 0x1c,
516 0x2a, 0xf7, 0xb1, 0x5f, 0x45, 0x83, 0xf5, 0x9f},
517 {0x8f, 0x76, 0xef, 0x12, 0x0b, 0x92, 0xc2, 0x06,
518 0xce, 0x01, 0x18, 0x75, 0x84, 0x96, 0xd9, 0x6f,
519 0x23, 0x88, 0xd4, 0xf8, 0xcf, 0x79, 0xf8, 0xcf,
520 0x27, 0x12, 0x9f, 0xa6, 0x7e, 0x87, 0x9a, 0x68,
521 0xee, 0xe2, 0xe7, 0x1d, 0x4b, 0xf2, 0x87, 0xc0,
522 0x05, 0x6a, 0xbd, 0x7f, 0x9d, 0xff, 0xaa, 0xf3,
523 0x9a, 0x1c, 0xb7, 0xb7, 0xbd, 0x03, 0x61, 0xa3,
524 0xa9, 0x6a, 0x5d, 0xb2, 0x81, 0xe1, 0x6f, 0x1f},
528 0x47, 0xa3, 0x42, 0xb1, 0x2f, 0x52, 0xd3, 0x8f,
529 0x1e, 0x02, 0x4a, 0x46, 0x73, 0x0b, 0x77, 0xc1,
530 0x5e, 0x93, 0x31, 0xa9, 0x3e, 0xc2, 0x81, 0xb5,
531 0x3d, 0x07, 0x6f, 0x31
535 uint8_t use_long_key,
538 const char *msg[] = {
"This is my test message, ",
539 "please generate a hmac for this."};
540 const size_t msg_size[] = {25, 32};
541 const uint32_t msg_num =
sizeof(msg)/
sizeof(msg[0]);
545 const uint8_t data[] =
"THIS IS MY KEY1";
546 const uint8_t long_data[] =
"THIS IS MY UNCOMMONLY LONG KEY1";
548 size_t bit_size_test_key = 0;
558 psa_set_key_usage_flags(&key_attributes, usage);
559 psa_set_key_algorithm(&key_attributes, alg);
560 psa_set_key_type(&key_attributes, key_type);
563 if (use_long_key == 1) {
580 if (use_long_key == 1) {
589 goto destroy_key_mac;
592 if (psa_get_key_bits(&retrieved_attributes) != bit_size_test_key) {
593 TEST_FAIL(
"The number of key bits is different from expected");
594 goto destroy_key_mac;
597 if (psa_get_key_type(&retrieved_attributes) != key_type) {
598 TEST_FAIL(
"The type of the key is different from expected");
599 goto destroy_key_mac;
607 TEST_FAIL(
"Error setting up mac operation object");
608 goto destroy_key_mac;
612 for (idx=0; idx<msg_num; idx++) {
614 (
const uint8_t *)msg[idx],
618 goto destroy_key_mac;
626 if (use_long_key == 1) {
629 &(long_key_hmac_val[0]),
638 TEST_FAIL(
"Error during finalising the mac operation");
639 goto destroy_key_mac;
655 const size_t nonce_length = 12;
656 const uint8_t nonce[] =
"01234567890";
659 "This is associated data";
661 size_t encrypted_data_length = 0, decrypted_data_length = 0;
664 const uint8_t data[] =
"THIS IS MY KEY1";
665 uint32_t comp_result;
673 psa_set_key_usage_flags(&key_attributes, usage);
674 psa_set_key_algorithm(&key_attributes, alg);
675 psa_set_key_type(&key_attributes, key_type);
678 status =
psa_import_key(&key_attributes, data,
sizeof(data), &key_handle);
687 goto destroy_key_aead;
691 TEST_FAIL(
"The number of key bits is different from expected");
692 goto destroy_key_aead;
695 if (psa_get_key_type(&retrieved_attributes) != key_type) {
696 TEST_FAIL(
"The type of the key is different from expected");
697 goto destroy_key_aead;
705 sizeof(associated_data),
709 sizeof(encrypted_data),
710 &encrypted_data_length);
714 TEST_FAIL(
"Algorithm NOT SUPPORTED by the implementation");
715 goto destroy_key_aead;
718 TEST_FAIL(
"Error performing AEAD encryption");
719 goto destroy_key_aead;
722 if (encrypted_data_length
724 TEST_FAIL(
"Encrypted data length is different than expected");
725 goto destroy_key_aead;
731 sizeof(associated_data),
733 encrypted_data_length,
735 sizeof(decrypted_data),
736 &decrypted_data_length);
740 TEST_FAIL(
"Algorithm NOT SUPPORTED by the implementation");
742 TEST_FAIL(
"Error performing AEAD decryption");
745 goto destroy_key_aead;
748 if (
sizeof(plain_text) != decrypted_data_length) {
749 TEST_FAIL(
"Decrypted data length is different from plain text");
750 goto destroy_key_aead;
755 comp_result =
memcmp(plain_text, decrypted_data,
sizeof(plain_text));
757 comp_result =
tfm_memcmp(plain_text, decrypted_data,
sizeof(plain_text));
759 if (comp_result != 0) {
760 TEST_FAIL(
"Decrypted data doesn't match with plain text");
761 goto destroy_key_aead;
777 #ifdef TFM_CRYPTO_TEST_ALG_CBC
780 #ifdef TFM_CRYPTO_TEST_ALG_CCM
783 #ifdef TFM_CRYPTO_TEST_ALG_CFB
786 #ifdef TFM_CRYPTO_TEST_ALG_CTR
789 #ifdef TFM_CRYPTO_TEST_ALG_GCM
797 #define NR_TEST_AES_MODE (sizeof(test_aes_mode_array) / \
798 sizeof(test_aes_mode_array[0]) - 1)
805 const uint8_t data[19] = {0};
808 TEST_FAIL(
"A cipher mode in AES is required in current test case");
814 psa_set_key_algorithm(&key_attributes, test_aes_mode_array[0]);
818 status =
psa_import_key(&key_attributes, data,
sizeof(data), &key_handle);
820 TEST_FAIL(
"Should not successfully import with an invalid key length");
838 TEST_FAIL(
"A cipher mode in AES is required in current test case");
843 usage_out = psa_get_key_usage_flags(&key_attributes);
844 if (usage_out != 0) {
849 alg_out = psa_get_key_algorithm(&key_attributes);
856 psa_set_key_usage_flags(&key_attributes, usage);
857 psa_set_key_algorithm(&key_attributes, alg);
860 usage_out = psa_get_key_usage_flags(&key_attributes);
861 if (usage_out != usage) {
867 alg_out = psa_get_key_algorithm(&key_attributes);
868 if (alg_out != alg) {
874 lifetime_out = psa_get_key_lifetime(&key_attributes);
876 if (lifetime_out != lifetime) {
877 TEST_FAIL(
"Unexpected key lifetime value");
893 const uint8_t data[] =
"THIS IS MY KEY1";
894 uint8_t data_out[
sizeof(data)];
900 TEST_LOG(
"Two cipher modes are required. Skip this test case\r\n");
910 alg = test_aes_mode_array[i];
917 not_permit_alg = test_aes_mode_array[j];
922 if (j == NR_TEST_AES_MODE) {
923 TEST_LOG(
"Unable to find two Cipher algs. Skip this test case.\r\n");
928 psa_set_key_usage_flags(&key_attributes, usage);
929 psa_set_key_algorithm(&key_attributes, alg);
933 status =
psa_import_key(&key_attributes, data,
sizeof(data), &key_handle);
942 TEST_FAIL(
"Failed to setup cipher operation");
948 TEST_FAIL(
"Failed to abort cipher operation");
955 TEST_FAIL(
"Was able to setup cipher operation with wrong alg");
960 status =
psa_export_key(key_handle, data_out,
sizeof(data_out), &data_len);
962 TEST_FAIL(
"Should not be able to export key without correct usage");
982 const uint8_t data[] =
"THIS IS MY KEY1";
983 uint8_t data_out[
sizeof(data)] = {0};
986 TEST_FAIL(
"A cipher mode in AES is required in current test case");
991 psa_set_key_id(&key_attributes, key_id);
992 psa_set_key_usage_flags(&key_attributes, usage);
993 psa_set_key_algorithm(&key_attributes, alg);
997 status =
psa_import_key(&key_attributes, data,
sizeof(data), &key_handle);
1006 TEST_FAIL(
"Failed to close a persistent key handle");
1013 TEST_FAIL(
"Failed to open a persistent key");
1018 status =
psa_export_key(key_handle, data_out,
sizeof(data_out), &data_len);
1020 TEST_FAIL(
"Failed to export a persistent key");
1024 if (data_len !=
sizeof(data)) {
1025 TEST_FAIL(
"Number of bytes of exported key different from expected");
1031 comp_result =
memcmp(data_out, data,
sizeof(data));
1033 comp_result =
tfm_memcmp(data_out, data,
sizeof(data));
1035 if (comp_result != 0) {
1036 TEST_FAIL(
"Exported key does not match the imported key");
1043 TEST_FAIL(
"Failed to destroy a persistent key");
1050 #define KEY_DERIVE_OUTPUT_LEN 32
1051 #define KEY_DERIV_SECRET_LEN 16
1052 #define KEY_DERIV_LABEL_INFO_LEN 8
1053 #define KEY_DERIV_SEED_SALT_LEN 8
1067 uint8_t counter = 0xA5;
1080 deriv_ops = psa_key_derivation_operation_init();
1083 psa_set_key_algorithm(&input_key_attr, deriv_alg);
1096 TEST_FAIL(
"Failed to setup derivation operation");
1104 key_deriv_seed_salt,
1121 key_deriv_label_info,
1130 key_deriv_seed_salt,
1147 key_deriv_label_info,
1154 TEST_FAIL(
"Unsupported derivation algorithm");
1159 TEST_LOG(
"No AES algorithm to verify. Output raw data instead");
1163 psa_set_key_algorithm(&output_key_attr, test_aes_mode_array[0]);
1166 psa_set_key_bits(&output_key_attr,
1182 if (output_handle) {
#define PSA_KEY_USAGE_EXPORT
void psa_unsupported_hash_test(const psa_algorithm_t alg, struct test_result_t *ret)
Tests setup of an unsupported hash algorithm.
#define BIT_SIZE_TEST_KEY
Size of the key to use in tests in bits.
#define PSA_HASH_SIZE(alg)
#define PSA_KEY_DERIVATION_INPUT_SEED
void psa_key_interface_test(const psa_key_type_t key_type, struct test_result_t *ret)
Tests the key interfaces with different key types.
#define PSA_MAC_OPERATION_INIT
#define psa_cipher_finish
#define PSA_KEY_TYPE_DERIVE
void psa_invalid_cipher_test(const psa_key_type_t key_type, const psa_algorithm_t alg, const size_t key_size, struct test_result_t *ret)
Tests invalid key type and algorithm combinations for block ciphers.
__STATIC_INLINE void * tfm_memset(void *ptr, int value, size_t num)
#define TEST_FAIL(info_msg)
#define PSA_KEY_TYPE_RAW_DATA
#define psa_mac_operation_init
#define PSA_KEY_LIFETIME_VOLATILE
#define psa_cipher_operation_init
#define psa_cipher_set_iv
#define KEY_DERIV_SECRET_LEN
#define KEY_DERIV_SEED_SALT_LEN
#define PSA_ALG_IS_HKDF(alg)
#define psa_mac_verify_setup
#define psa_reset_key_attributes
#define PSA_KEY_DERIVATION_INPUT_LABEL
void psa_mac_test(const psa_algorithm_t alg, uint8_t use_long_key, struct test_result_t *ret)
Tests different MAC algorithms.
#define PSA_KEY_ATTRIBUTES_INIT
#define KEY_DERIV_LABEL_INFO_LEN
void psa_invalid_key_length_test(struct test_result_t *ret)
Tests invalid key length.
void psa_persistent_key_test(psa_key_id_t key_id, struct test_result_t *ret)
Tests persistent keys.
void psa_policy_key_interface_test(struct test_result_t *ret)
Tests the policy key interface.
#define PSA_KEY_USAGE_DERIVE
#define psa_get_key_attributes
void psa_cipher_test(const psa_key_type_t key_type, const psa_algorithm_t alg, struct test_result_t *ret)
Run block ciphering tests with different algorithms and key types.
#define BYTE_SIZE_TEST_KEY
Macro to extract the size of the key in bytes.
#define PSA_KEY_USAGE_DECRYPT
#define psa_cipher_encrypt_setup
#define PSA_KEY_DERIVATION_INPUT_INFO
#define BIT_SIZE_TEST_LONG_KEY
Size of the long key to use in tests in bits.
#define psa_key_derivation_output_key
#define PSA_ALG_CBC_NO_PADDING
#define PSA_BYTES_TO_BITS(bytes)
#define PSA_ERROR_INVALID_ARGUMENT
#define psa_key_derivation_input_key
#define psa_key_derivation_input_bytes
#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)
#define BYTE_SIZE_CHUNK
Size in bytes of a chunk of data to process.
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
#define psa_cipher_update
#define PSA_ERROR_NOT_PERMITTED
void psa_aead_test(const psa_key_type_t key_type, const psa_algorithm_t alg, struct test_result_t *ret)
Run AEAD tests with different algorithms and key types.
#define psa_key_derivation_setup
uint32_t psa_key_usage_t
Encoding of permitted usage on a key.
void psa_unsupported_mac_test(const psa_key_type_t key_type, const psa_algorithm_t alg, struct test_result_t *ret)
Tests setup of an unsupported MAC algorithm.
uint16_t psa_key_type_t
Encoding of a key type.
#define PSA_ALG_HMAC_GET_HASH(hmac_alg)
#define PSA_KEY_USAGE_VERIFY
#define PSA_KEY_DERIVATION_INPUT_SALT
void psa_key_derivation_test(psa_algorithm_t deriv_alg, struct test_result_t *ret)
Key derivation test.
int memcmp(const void *s1, const void *s2, size_t n)
#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type)
#define PSA_KEY_DERIVATION_INPUT_SECRET
#define PSA_ERROR_NOT_SUPPORTED
#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg)
#define PSA_HASH_OPERATION_INIT
#define KEY_DERIVE_OUTPUT_LEN
#define psa_hash_operation_init
#define PSA_KEY_TYPE_HMAC
#define psa_key_derivation_abort
#define ENC_DEC_BUFFER_SIZE
Size in bytes of the encryption/decryption buffers.
#define PSA_ALG_IS_CIPHER(alg)
#define PSA_ERROR_INVALID_HANDLE
#define ASSOCIATED_DATA_SIZE
Size in bytes of the associated data to authenticate in AEAD tests.
#define psa_mac_verify_finish
#define psa_cipher_decrypt_setup
__STATIC_INLINE int tfm_memcmp(const void *ptr1, const void *ptr2, size_t num)
void psa_hash_test(const psa_algorithm_t alg, struct test_result_t *ret)
Tests different hashing algorithms.
uint32_t psa_key_lifetime_t
void psa_policy_invalid_policy_usage_test(struct test_result_t *ret)
Tests invalid policy usage.
int32_t psa_status_t
Function return status.
#define TEST_MAX_KEY_LENGTH
The maximum allowed key length in bytes used in the tests.
#define PSA_KEY_USAGE_ENCRYPT
void * memset(void *s, int c, size_t n)
#define PSA_ALG_VENDOR_FLAG
#define PSA_ALG_IS_TLS12_PRF(alg)