commit 4d7ae1d8cfb1046f681d51eb9dd3c5ae05c3274f
author Archana <archana.madhavan@silabs.com> Wed Jul 07 02:50:22 2021 +0530
committer Archana <archana.madhavan@silabs.com> Wed Sep 08 22:03:54 2021 +0530
tree 1d4946eba55a4b2ee0c6787a1009a120dcf7a051
parent d8a83dc17235b13a3ed1bd7db8afde1d3111fc73

Add test driver support for opaque key import

-Add test driver support to import/export while wrapping keys
 meant to be stored in the PSA core as opaque( emulating an
 SE without storage ).
-Export validate_unstructured_key_bit_size as
 psa_validate_unstructured_key_bit_size, thereby changing its scope.
-Improve the import/export test cases in test_suite_psa_crypto to also
 cover opaque keys, thereby avoiding duplication.

Signed-off-by: Archana <archana.madhavan@silabs.com>

tests/suites/test_suite_psa_crypto.function

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 8df2cea..7e9a743 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -15,6 +15,9 @@
 #include "test/asn1_helpers.h"
 #include "test/psa_crypto_helpers.h"
 #include "test/psa_exercise_key.h"
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#include "test/drivers/test_driver.h"
+#endif
 
 /* If this comes up, it's a bug in the test code or in the test data. */
 #define UNUSED 0xdeadbeef
@@ -484,6 +487,7 @@
 void import_export( data_t *data,
                     int type_arg,
                     int usage_arg, int alg_arg,
+                    int lifetime_arg,
                     int expected_bits,
                     int export_size_delta,
                     int expected_export_status_arg,
@@ -494,6 +498,7 @@
     psa_algorithm_t alg = alg_arg;
     psa_status_t expected_export_status = expected_export_status_arg;
     psa_status_t status;
+    psa_key_lifetime_t lifetime = lifetime_arg;
     unsigned char *exported = NULL;
     unsigned char *reexported = NULL;
     size_t export_size;
@@ -508,6 +513,7 @@
         ASSERT_ALLOC( reexported, export_size );
     PSA_ASSERT( psa_crypto_init( ) );
 
+    psa_set_key_lifetime( &attributes, lifetime );
     psa_set_key_usage_flags( &attributes, usage_arg );
     psa_set_key_algorithm( &attributes, alg );
     psa_set_key_type( &attributes, type );
@@ -543,8 +549,11 @@
      * this validates the canonical representations. For canonical inputs,
      * this doesn't directly validate the implementation, but it still helps
      * by cross-validating the test data with the sanity check code. */
-    if( ! mbedtls_test_psa_exercise_key( key, usage_arg, 0 ) )
-        goto exit;
+    if( !psa_key_lifetime_is_external( lifetime ) )
+    {
+        if( ! mbedtls_test_psa_exercise_key( key, usage_arg, 0 ) )
+            goto exit;
+    }
 
     if( canonical_input )
         ASSERT_COMPARE( data->x, data->len, exported, exported_length );
@@ -552,17 +561,17 @@
     {
         mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT;
         PSA_ASSERT( psa_import_key( &attributes, exported, exported_length,
-                                    &key2 ) );
+                                     &key2 ) );
         PSA_ASSERT( psa_export_key( key2,
-                                    reexported,
-                                    export_size,
-                                    &reexported_length ) );
+                                     reexported,
+                                     export_size,
+                                     &reexported_length ) );
         ASSERT_COMPARE( exported, exported_length,
-                        reexported, reexported_length );
+                         reexported, reexported_length );
         PSA_ASSERT( psa_destroy_key( key2 ) );
     }
     TEST_ASSERT( exported_length <=
-                 PSA_EXPORT_KEY_OUTPUT_SIZE( type,
+             PSA_EXPORT_KEY_OUTPUT_SIZE( type,
                                              psa_get_key_bits( &got_attributes ) ) );
     TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE );
 
@@ -577,7 +586,7 @@
      * thus reset them as required.
      */
     psa_reset_key_attributes( &got_attributes );
-
+    psa_destroy_key( key ) ;
     mbedtls_free( exported );
     mbedtls_free( reexported );
     PSA_DONE( );
@@ -588,6 +597,7 @@
 void import_export_public_key( data_t *data,
                                int type_arg,
                                int alg_arg,
+                               int lifetime_arg,
                                int export_size_delta,
                                int expected_export_status_arg,
                                data_t *expected_public_key )
@@ -597,6 +607,7 @@
     psa_algorithm_t alg = alg_arg;
     psa_status_t expected_export_status = expected_export_status_arg;
     psa_status_t status;
+    psa_key_lifetime_t lifetime = lifetime_arg;
     unsigned char *exported = NULL;
     size_t export_size = expected_public_key->len + export_size_delta;
     size_t exported_length = INVALID_EXPORT_LENGTH;
@@ -604,6 +615,7 @@
 
     PSA_ASSERT( psa_crypto_init( ) );
 
+    psa_set_key_lifetime( &attributes, lifetime );
     psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
     psa_set_key_algorithm( &attributes, alg );
     psa_set_key_type( &attributes, type );
@@ -614,8 +626,8 @@
     /* Export the public key */
     ASSERT_ALLOC( exported, export_size );
     status = psa_export_public_key( key,
-                                    exported, export_size,
-                                    &exported_length );
+                                exported, export_size,
+                                &exported_length );
     TEST_EQUAL( status, expected_export_status );
     if( status == PSA_SUCCESS )
     {
@@ -632,7 +644,6 @@
         ASSERT_COMPARE( expected_public_key->x, expected_public_key->len,
                         exported, exported_length );
     }
-
 exit:
     /*
      * Key attributes may have been returned by psa_get_key_attributes()