PSA storage format: exercise keys (2.26) #4444
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gilles-peskine-arm
added
enhancement
mbed TLS team
needs-ci
The new test suite psa_crypto_op_fail is intended for systematically generated test cases that ensure that cryptographic operations with invalid parameters fail as expected. I intend invalid parameters to cover things like an invalid algorithm, an algorithm that is incompatible with the operation, a key type that is incompatible with the algorithm, etc. This commit just creates the infrastructure. Subsequent commits will add data generation and test code. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Test that hash operation functions fail when given a hash algorithm that is not supported or an algorithm that is not a hash. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When TEST_EQUAL fails, show the two numerical values in the test log (only with host_test). The values are printed in hexa and signed decimal. The arguments of TEST_EQUAL must now be integers, not pointers or floats. The current implementation requires them to fit in unsigned long long Signed values no larger than long long will work too. The implementation uses unsigned long long rather than uintmax_t to reduce portability concerns. The snprintf function must support "%llx" and "%lld". For this purpose, add room for two lines of text to the mbedtls_test_info structure. This adds 154 bytes of global data. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Determine the category of operations supported by an algorithm based on its name. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Determine key types that are compatible with an algorithm based on their names. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
force-pushed
the
psa-storage-format-test-exercise
branch
from
761af30 to
55026d1
Compare
gilles-peskine-arm
changed the base branch from
development
to
dev/gilles-peskine-arm/psa-storage-format-test-algorithms
The new test suite test_suite_psa_crypto_op_fail runs a large number of automatically generated test cases which attempt to perform a one-shot operation or to set up a multi-part operation with invalid parameters. The following cases are fully covered (based on the enumeration of valid algorithms and key types): * An algorithm is not supported. * The key type is not compatible with the algorithm (for operations that use a key). * The algorithm is not compatible for the operation. Some test functions allow the library to return PSA_ERROR_NOT_SUPPORTED where the test code generator expects PSA_ERROR_INVALID_ARGUMENT or vice versa. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
PSA_ALG_KEY_AGREEMENT(..., kdf) is a valid key derivation algorithm when kdf is one. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
No behavior change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Otherwise the systematically generated algorithm-not-supported tests complain when they try to start an operation and succeed. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
…t supported Otherwise the systematically generated algorithm-not-supported tests complain when they try to start an operation and succeed. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In the generated storage format test cases, cover all supported algorithms for each key type. The test code already takes care of exercising the key after loading if it has a nonzero algorithm policy. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
psa_verify_hash() on an RSA signature returns PSA_ERROR_INVALID_SIGNATURE if the signature size does not match the key size when RSA keys are supported, regardless of whether the particular signature algorithm is supported. This is ok, but distracts from the systematic testing of not-supported cases. So pass a potential signature of the correct size. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
force-pushed
the
psa-storage-format-test-exercise
branch
from
55026d1 to
ff8ba72
Compare
|
|
||
| If alg is not None, this key allows it. | ||
| """ | ||
| usage_flags = 'PSA_KEY_USAGE_EXPORT' |
There was a problem hiding this comment.
Since we're generating keys with only EXPORT allowed, TEST_FLAG_EXERCISE only causes keys to be exported, it doesn't cause cryptographic operations. I also need to determine which usage flags to allow here.
4 tasks
5 tasks
gilles-peskine-arm
added
size-m
| self.private_type = re.sub(r'_PUBLIC_KEY\Z', r'_KEY_PAIR', self.name) | ||
| """The key type macro name for the corresponding key pair type. | ||
|
|
||
| For everything other than a public key type, this is the same as | ||
| `self.name`. | ||
| """ | ||
|
|
||
| def is_public(self) -> bool: |
There was a problem hiding this comment.
Use it in NotSupported; see also #5037 (comment)
This was referenced Oct 11, 2021
daverodgman
deleted the branch
Mbed-TLS:dev/gilles-peskine-arm/psa-storage-format-test-algorithms
|
This is a follow-up of #4385. It got closed because the target branch was deleted. The target branch has now been merged. I'll make a new PR against |
gilles-peskine-arm
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Abandonned. The work goes on in #5635 and #5644.