test: add test with persitent key whose length is larger than MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.function b/tests/suites/test_suite_psa_crypto_storage_format.function
index efaaba5..ca70d20 100644
--- a/tests/suites/test_suite_psa_crypto_storage_format.function
+++ b/tests/suites/test_suite_psa_crypto_storage_format.function
@@ -1,14 +1,16 @@
/* BEGIN_HEADER */
#include <psa/crypto.h>
+#include <psa_crypto_storage.h>
#include <test/psa_crypto_helpers.h>
#include <test/psa_exercise_key.h>
#include <psa_crypto_its.h>
-#define TEST_FLAG_EXERCISE 0x00000001
-#define TEST_FLAG_READ_ONLY 0x00000002
+#define TEST_FLAG_EXERCISE 0x00000001
+#define TEST_FLAG_READ_ONLY 0x00000002
+#define TEST_FLAG_OVERSIZED_KEY 0x00000004
/** Write a key with the given attributes and key material to storage.
* Test that it has the expected representation.
@@ -158,6 +160,12 @@
/* Prime the storage with a key file. */
PSA_ASSERT(psa_its_set(uid, representation->len, representation->x, 0));
+ if (flags & TEST_FLAG_OVERSIZED_KEY) {
+ TEST_EQUAL(psa_get_key_attributes(key_id, &actual_attributes), PSA_ERROR_DATA_INVALID);
+ ok = 1;
+ goto exit;
+ }
+
/* Check that the injected key exists and looks as expected. */
PSA_ASSERT(psa_get_key_attributes(key_id, &actual_attributes));
TEST_ASSERT(mbedtls_svc_key_id_equal(key_id,
@@ -281,6 +289,7 @@
mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(0, 1);
psa_storage_uid_t uid = 1;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ uint8_t *custom_key_data = NULL, *custom_storage_data = NULL;
PSA_INIT();
TEST_USES_KEY_ID(key_id);
@@ -293,6 +302,23 @@
psa_set_key_algorithm(&attributes, alg);
psa_set_key_enrollment_algorithm(&attributes, alg2);
+ /* Create a persistent key which is intentionally larger than the specified
+ * bit size. */
+ if (flags & TEST_FLAG_OVERSIZED_KEY) {
+ TEST_CALLOC(custom_key_data, PSA_BITS_TO_BYTES(bits) + 1);
+ memset(custom_key_data, 0xAA, PSA_BITS_TO_BYTES(bits) + 1);
+ material->len = PSA_BITS_TO_BYTES(bits) + 1;
+ material->x = custom_key_data;
+
+ /* 36 bytes are the overhead of psa_persistent_key_storage_format */
+ TEST_CALLOC(custom_storage_data, PSA_BITS_TO_BYTES(bits) + 1 + 36);
+ representation->len = PSA_BITS_TO_BYTES(bits) + 1 + 36;
+ representation->x = custom_storage_data;
+
+ psa_format_key_data_for_storage(custom_key_data, PSA_BITS_TO_BYTES(bits) + 1,
+ &attributes, custom_storage_data);
+ }
+
/* Test that we can use a key with the given representation. This
* guarantees backward compatibility with keys that were stored by
* past versions of Mbed TLS. */
@@ -300,6 +326,8 @@
uid, representation, flags));
exit:
+ mbedtls_free(custom_key_data);
+ mbedtls_free(custom_storage_data);
psa_reset_key_attributes(&attributes);
PSA_DONE();
}
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.misc.data b/tests/suites/test_suite_psa_crypto_storage_format.misc.data
index 48e3804..8aabe4c 100644
--- a/tests/suites/test_suite_psa_crypto_storage_format.misc.data
+++ b/tests/suites/test_suite_psa_crypto_storage_format.misc.data
@@ -9,3 +9,9 @@
PSA storage save: AES-GCM+CTR
depends_on:PSA_WANT_KEY_TYPE_AES
key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:PSA_ALG_CTR:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800001010000000250050010c00410000000404142434445464748494a4b4c4d4e4f"
+
+# Create a persistent key which is larger than MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE
+# so that when psa_get_key_attributes() tries to load it from the storage it will fail.
+PSA storage read: key larger than MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA:MBEDTLS_PSA_STATIC_KEY_SLOTS
+key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE*8:PSA_KEY_USAGE_EXPORT:PSA_ALG_NONE:PSA_ALG_NONE:"":"":TEST_FLAG_OVERSIZED_KEY