File: test_suite_psa_crypto_entropy.function

package info (click to toggle)
edk2 2025.02-8
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 271,704 kB
  • sloc: ansic: 2,109,987; asm: 263,832; perl: 227,730; python: 149,919; sh: 34,967; cpp: 21,813; makefile: 3,282; xml: 806; pascal: 721; lisp: 35; ruby: 16; sed: 6; tcl: 4
file content (195 lines) | stat: -rw-r--r-- 6,529 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
 
/* BEGIN_HEADER */
#include <stdint.h>
#include <string.h>

#include <psa/crypto.h>

#include "mbedtls/entropy.h"
#include "entropy_poll.h"

/* Calculating the minimum allowed entropy size in bytes */
#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)

#if defined(MBEDTLS_PSA_INJECT_ENTROPY)

#if defined(MBEDTLS_PSA_ITS_FILE_C)
#include <stdio.h>
#else
#include <psa/internal_trusted_storage.h>
#endif

/* Remove the entropy seed file. Since the library does not expose a way
 * to do this (it would be a security risk if such a function was ever
 * accessible in production), implement this functionality in a white-box
 * manner. */
psa_status_t remove_seed_file( void )
{
#if defined(MBEDTLS_PSA_ITS_FILE_C)
    if( remove( "00000000ffffff52.psa_its" ) == 0 )
        return( PSA_SUCCESS );
    else
        return( PSA_ERROR_DOES_NOT_EXIST );
#else
    return( psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ) );
#endif
}

#endif /* MBEDTLS_PSA_INJECT_ENTROPY */

/* END_HEADER */

/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
void external_rng_failure_generate( )
{
    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
    psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
    psa_set_key_bits( &attributes, 128 );
    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
    uint8_t output[1];

    PSA_ASSERT( psa_crypto_init( ) );

    PSA_ASSERT( psa_generate_random( output, sizeof( output ) ) );
    PSA_ASSERT( psa_generate_key( &attributes, &key ) );
    PSA_ASSERT( psa_destroy_key( key ) );

    mbedtls_test_disable_insecure_external_rng( );
    TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
                psa_generate_random( output, sizeof( output ) ) );
    TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
                psa_generate_key( &attributes, &key ) );

exit:
    psa_destroy_key( key );
    PSA_DONE( );
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
void external_rng_failure_sign( int key_type, data_t *key_data, int alg,
                                int input_size_arg )
{
    /* This test case is only expected to pass if the signature mechanism
     * requires randomness, either because it is a randomized signature
     * or because the implementation uses blinding. */

    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
    psa_set_key_type( &attributes, key_type );
    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
    psa_set_key_algorithm( &attributes, alg );
    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
    size_t input_size = input_size_arg;
    uint8_t *input = NULL;
    uint8_t *signature = NULL;
    size_t signature_size = PSA_SIGNATURE_MAX_SIZE;
    size_t signature_length;

    ASSERT_ALLOC( input, input_size );
    ASSERT_ALLOC( signature, signature_size );

    PSA_ASSERT( psa_crypto_init( ) );
    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
                                &key ) );
    PSA_ASSERT( psa_sign_hash( key, alg,
                               input, input_size,
                               signature, signature_size,
                               &signature_length ) );
    PSA_ASSERT( psa_destroy_key( key ) );

    mbedtls_test_disable_insecure_external_rng( );
    /* Import the key again, because for RSA Mbed TLS caches blinding values
     * in the key object and this could perturb the test. */
    PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
                                &key ) );
    TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
                psa_sign_hash( key, alg,
                               input, input_size,
                               signature, signature_size,
                               &signature_length ) );
    PSA_ASSERT( psa_destroy_key( key ) );

exit:
    psa_destroy_key( key );
    PSA_DONE( );
    mbedtls_free( input );
    mbedtls_free( signature );
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */
void validate_entropy_seed_injection( int seed_length_a,
                                      int expected_status_a,
                                      int seed_length_b,
                                      int expected_status_b )
{
    psa_status_t status;
    uint8_t output[32] = { 0 };
    uint8_t zeros[32] = { 0 };
    uint8_t *seed = NULL;
    int i;
    int seed_size;
    if( seed_length_a > seed_length_b )
    {
        seed_size = seed_length_a;
    }
    else
    {
        seed_size = seed_length_b;
    }
    ASSERT_ALLOC( seed, seed_size );
    /* fill seed with some data */
    for( i = 0; i < seed_size; ++i )
    {
        seed[i] = i;
    }
    status =  remove_seed_file( );
    TEST_ASSERT( ( status == PSA_SUCCESS ) ||
                 ( status == PSA_ERROR_DOES_NOT_EXIST ) );
    status = mbedtls_psa_inject_entropy( seed, seed_length_a );
    TEST_EQUAL( status, expected_status_a );
    status = mbedtls_psa_inject_entropy( seed, seed_length_b );
    TEST_EQUAL( status, expected_status_b );
    PSA_ASSERT( psa_crypto_init( ) );
    PSA_ASSERT( psa_generate_random( output,
                                     sizeof( output ) ) );
    TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 );
exit:
    mbedtls_free( seed );
    remove_seed_file( );
    PSA_DONE( );
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */
void run_entropy_inject_with_crypto_init( )
{
    psa_status_t status;
    size_t i;
    uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 };
    /* fill seed with some data */
    for( i = 0; i < sizeof( seed ); ++i )
    {
        seed[i] = i;
    }
    status =  remove_seed_file( );
    TEST_ASSERT( ( status == PSA_SUCCESS ) ||
                 ( status == PSA_ERROR_DOES_NOT_EXIST ) );
    status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
    PSA_ASSERT( status );
    status =  remove_seed_file( );
    TEST_EQUAL( status, PSA_SUCCESS );
    status = psa_crypto_init( );
    TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY );
    status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
    PSA_ASSERT( status );
    status = psa_crypto_init( );
    PSA_ASSERT( status );
    PSA_DONE( );
    /* The seed is written by nv_seed callback functions therefore the injection will fail */
    status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
    TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
exit:
    remove_seed_file( );
    PSA_DONE( );
}
/* END_CASE */