From 7479728200c51d840363421d07f090d8b426b053 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mikolai=20G=C3=BCtschow?= Date: Tue, 17 Oct 2023 17:17:33 +0200 Subject: [PATCH 1/3] sys/psa_crypto: add test for double initialization --- tests/sys/psa_crypto/Makefile | 14 ++++++ tests/sys/psa_crypto/main.c | 70 ++++++++++++++++++++++++++++ tests/sys/psa_crypto/tests/01-run.py | 14 ++++++ 3 files changed, 98 insertions(+) create mode 100644 tests/sys/psa_crypto/Makefile create mode 100644 tests/sys/psa_crypto/main.c create mode 100755 tests/sys/psa_crypto/tests/01-run.py diff --git a/tests/sys/psa_crypto/Makefile b/tests/sys/psa_crypto/Makefile new file mode 100644 index 0000000000000..4d3a999a0cbc3 --- /dev/null +++ b/tests/sys/psa_crypto/Makefile @@ -0,0 +1,14 @@ +include ../Makefile.sys_common + +USEMODULE += embunit + +USEMODULE += psa_crypto + +# FIXME: currently only needed for build to succeed +USEMODULE += psa_cipher +USEMODULE += psa_cipher_aes_128_cbc + +USEMODULE += psa_asymmetric +USEMODULE += psa_asymmetric_ecc_ed25519 + +include $(RIOTBASE)/Makefile.include diff --git a/tests/sys/psa_crypto/main.c b/tests/sys/psa_crypto/main.c new file mode 100644 index 0000000000000..dfbe20237d4f4 --- /dev/null +++ b/tests/sys/psa_crypto/main.c @@ -0,0 +1,70 @@ +/* + * Copyright (C) 2023 TU Dresden + * + * This file is subject to the terms and conditions of the GNU Lesser + * General Public License v2.1. See the file LICENSE in the top level + * directory for more details. + */ + +/** + * @ingroup tests + * @{ + * + * @file + * @brief Test application for the PSA Cryptography API + * + * @author Mikolai Gütschow + * + * @} + */ + +#include +#include "embUnit.h" +#include "psa/crypto.h" + +#define TEST_ASSERT_PSA(func_) TEST_ASSERT_MESSAGE(func_ == PSA_SUCCESS, #func_ " failed"); + +/* + * A second call to psa_crypto_init() should not reset key data. + */ +static void test_init_twice(void) +{ + TEST_ASSERT_PSA(psa_crypto_init()); + + + psa_key_id_t key_id = PSA_KEY_ID_NULL; + psa_key_attributes_t key_attr = psa_key_attributes_init(); + psa_set_key_algorithm(&key_attr, PSA_ALG_PURE_EDDSA); + psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); + psa_set_key_bits(&key_attr, 255); + psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS)); + TEST_ASSERT_PSA(psa_generate_key(&key_attr, &key_id)); + + uint8_t key_data[PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(psa_get_key_type(&key_attr), psa_get_key_bits(&key_attr))]; + size_t key_data_len; + + TEST_ASSERT_PSA(psa_export_public_key(key_id, key_data, sizeof(key_data), &key_data_len)); + TEST_ASSERT_PSA(psa_crypto_init()); + TEST_ASSERT_PSA(psa_export_public_key(key_id, key_data, sizeof(key_data), &key_data_len)); + +} + +static Test *tests_psa_crypto(void) +{ + EMB_UNIT_TESTFIXTURES(fixtures) { + new_TestFixture(test_init_twice), + }; + + EMB_UNIT_TESTCALLER(tests, NULL, NULL, fixtures); + return (Test *)&tests; +} + +int main(void) +{ + puts("psa_crypto test"); + TESTS_START(); + TESTS_RUN(tests_psa_crypto()); + TESTS_END(); + + return 0; +} diff --git a/tests/sys/psa_crypto/tests/01-run.py b/tests/sys/psa_crypto/tests/01-run.py new file mode 100755 index 0000000000000..dc56107fc3715 --- /dev/null +++ b/tests/sys/psa_crypto/tests/01-run.py @@ -0,0 +1,14 @@ +#!/usr/bin/env python3 + +# Copyright (C) 2023 TU Dresden +# +# This file is subject to the terms and conditions of the GNU Lesser +# General Public License v2.1. See the file LICENSE in the top level +# directory for more details. + +import sys +from testrunner import run_check_unittests + + +if __name__ == "__main__": + sys.exit(run_check_unittests()) From 6ad2f052c52fb92da34adc09a4c58f2c8a154eb3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mikolai=20G=C3=BCtschow?= Date: Thu, 19 Oct 2023 11:21:03 +0200 Subject: [PATCH 2/3] sys/psa_crypto: remove unused variable --- sys/crypto/psa_riot_cipher/aes_128_cbc.c | 1 - 1 file changed, 1 deletion(-) diff --git a/sys/crypto/psa_riot_cipher/aes_128_cbc.c b/sys/crypto/psa_riot_cipher/aes_128_cbc.c index 09cf654322d29..0c9d0eb4b4ed3 100644 --- a/sys/crypto/psa_riot_cipher/aes_128_cbc.c +++ b/sys/crypto/psa_riot_cipher/aes_128_cbc.c @@ -71,7 +71,6 @@ psa_status_t psa_cipher_cbc_aes_128_decrypt(const psa_key_attributes_t *attribut size_t *output_length) { DEBUG("RIOT AES 128 Cipher"); - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_cipher_operation_t operation = psa_cipher_operation_init(); size_t required_output_buf_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(PSA_KEY_TYPE_AES, PSA_ALG_CBC_NO_PADDING, input_length); From 25aa2167f692210f2f47dede5c9bc5d79e42ecf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mikolai=20G=C3=BCtschow?= Date: Tue, 17 Oct 2023 17:40:19 +0200 Subject: [PATCH 3/3] sys/psa_crypto: allow repeated calls to psa_crypto_init() as defined per https://armmbed.github.io/mbed-crypto/html/api/library/library.html?highlight=psa_crypto_init#c.psa_crypto_init --- sys/psa_crypto/psa_crypto.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sys/psa_crypto/psa_crypto.c b/sys/psa_crypto/psa_crypto.c index af0a9dab4c059..a780593f33087 100644 --- a/sys/psa_crypto/psa_crypto.c +++ b/sys/psa_crypto/psa_crypto.c @@ -113,6 +113,10 @@ const char *psa_status_to_humanly_readable(psa_status_t status) psa_status_t psa_crypto_init(void) { + if (lib_initialized) { + return PSA_SUCCESS; + } + lib_initialized = 1; #if (IS_USED(MODULE_PSA_KEY_SLOT_MGMT))