ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
mbed-os/TESTS/psa/entropy_inject/main.cpp

187 lines
6.3 KiB
C++
Raw Blame History

/*
* Copyright (c) 2018 ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an AS IS BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#if ((!defined(TARGET_PSA) || (!defined(COMPONENT_PSA_SRV_IPC)) && !defined(MBEDTLS_ENTROPY_NV_SEED)))
#error [NOT_SUPPORTED] PSA entropy injection tests can run only on PSA-enabled targets.
#else
#include "greentea-client/test_env.h"
#include "unity/unity.h"
#include "utest/utest.h"
#include "psa/internal_trusted_storage.h"
#include "psa/lifecycle.h"
#include "entropy.h"
#include "entropy_poll.h"
#include "psa/crypto.h"
/* MAX value support macro */
#if !defined(MAX)
#define MAX(a,b) (((a)>(b))?(a):(b))
#endif
/* Calculating the minimum allowed entropy size in bytes */
#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE \
MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
using namespace utest::v1;
uint8_t seed[MBEDTLS_ENTROPY_MAX_SEED_SIZE + 2] = {0};
bool skip_tests = false;
void validate_entropy_seed_injection(int seed_length_a,
int expected_status_a,
int seed_length_b,
int expected_status_b)
{
psa_status_t status;
uint8_t output[32] = { 0 };
uint8_t zeros[32] = { 0 };
int memcmp_res = 0;
status = mbedtls_psa_inject_entropy(seed, seed_length_a);
TEST_ASSERT_EQUAL_INT(expected_status_a, status);
status = mbedtls_psa_inject_entropy(seed, seed_length_b);
TEST_ASSERT_EQUAL_INT(expected_status_b, status);
status = psa_crypto_init();
TEST_ASSERT_EQUAL_INT(PSA_SUCCESS, status);
status = psa_generate_random(output, sizeof(output));
TEST_ASSERT_EQUAL_INT(PSA_SUCCESS, status);
memcmp_res = memcmp(output, zeros, sizeof(output));
TEST_ASSERT_NOT_EQUAL(0, memcmp_res);
}
void run_entropy_inject_with_crypto_init()
{
psa_status_t status;
status = psa_crypto_init();
TEST_ASSERT_EQUAL_INT(PSA_ERROR_INSUFFICIENT_ENTROPY, status);
status = mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE);
TEST_ASSERT_EQUAL_INT(PSA_SUCCESS, status);
status = psa_crypto_init();
TEST_ASSERT_EQUAL_INT(PSA_SUCCESS, status);
status = mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE);
TEST_ASSERT_EQUAL_INT(PSA_ERROR_NOT_PERMITTED, status);
mbedtls_psa_crypto_free();
/* The seed is written by nv_seed callback functions therefore the injection will fail */
status = mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE);
TEST_ASSERT_EQUAL_INT(PSA_ERROR_NOT_PERMITTED, status);
}
utest::v1::status_t greentea_test_setup(const size_t number_of_cases)
{
GREENTEA_SETUP(60, "default_auto");
/* fill seed in some data */
for (size_t i = 0; i < sizeof(seed); ++i) {
seed[i] = i;
}
psa_status_t status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
if (mbedtls_psa_inject_entropy(seed, MBEDTLS_ENTROPY_MAX_SEED_SIZE) == PSA_ERROR_NOT_SUPPORTED) {
skip_tests = true;
}
return greentea_test_setup_handler(number_of_cases);
}
static void injection_small_good()
{
TEST_SKIP_UNLESS(!skip_tests);
validate_entropy_seed_injection(
MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_SUCCESS,
MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_ERROR_NOT_PERMITTED);
}
static void injection_big_good()
{
TEST_SKIP_UNLESS(!skip_tests);
validate_entropy_seed_injection(
MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_SUCCESS,
MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_ERROR_NOT_PERMITTED);
}
static void injection_too_small()
{
TEST_SKIP_UNLESS(!skip_tests);
validate_entropy_seed_injection(
(MBEDTLS_ENTROPY_MIN_PLATFORM - 1), PSA_ERROR_INVALID_ARGUMENT,
MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_SUCCESS);
}
static void injection_too_big()
{
TEST_SKIP_UNLESS(!skip_tests);
validate_entropy_seed_injection(
(MBEDTLS_ENTROPY_MAX_SEED_SIZE + 1), PSA_ERROR_INVALID_ARGUMENT,
MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_SUCCESS);
}
static void injection_and_init_deinit()
{
TEST_SKIP_UNLESS(!skip_tests);
run_entropy_inject_with_crypto_init();
}
/***************************************************************************************/
utest::v1::status_t case_teardown_handler(const Case *const source, const size_t passed, const size_t failed, const failure_t reason)
{
psa_status_t status;
status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
mbedtls_psa_crypto_free();
return greentea_case_teardown_handler(source, passed, failed, reason);
}
utest::v1::status_t case_setup_handler(const Case *const source, const size_t index_of_case)
{
psa_status_t status;
status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
return greentea_case_setup_handler(source, index_of_case);
}
Case cases[] = {
Case("PSA entropy injection small good", case_setup_handler, injection_small_good, case_teardown_handler),
Case("PSA entropy injection big good", case_setup_handler, injection_big_good, case_teardown_handler),
Case("PSA entropy injection too big", case_setup_handler, injection_too_big, case_teardown_handler),
Case("PSA entropy injection too small", case_setup_handler, injection_too_small, case_teardown_handler),
Case("PSA entropy injection before and after init", case_setup_handler, injection_and_init_deinit, case_teardown_handler),
};
Specification specification(greentea_test_setup, cases, greentea_test_teardown_handler);
int main()
{
return !Harness::run(specification);
}
#endif // ((!defined(TARGET_PSA) || (!defined(COMPONENT_PSA_SRV_IPC)) && !defined(MBEDTLS_ENTROPY_NV_SEED)))
Reference in New Issue View Git Blame Copy Permalink