Skip to content

Commit 11aa7ee

Browse files
PataterPatater
committed
psa: Extend hash bad order test
Extend hash bad order test in line with the new bad order tests for MAC and cipher, covering more cases and making comments and test layout consistent. Ensure that when doing hash operations out of order, PSA_ERROR_BAD_STATE is returned as documented in crypto.h and the PSA Crypto specification.
1 parent a0f625a commit 11aa7ee

File tree

2 files changed

+57
-9
lines changed

2 files changed

+57
-9
lines changed

tests/suites/test_suite_psa_crypto.data

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -655,6 +655,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
655655
hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
656656

657657
PSA hash: bad order function calls
658+
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
658659
hash_bad_order:
659660

660661
PSA hash verify: bad arguments

tests/suites/test_suite_psa_crypto.function

Lines changed: 56 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1961,7 +1961,7 @@ void hash_operation_init( )
19611961

19621962
memset( &zero, 0, sizeof( zero ) );
19631963

1964-
/* A default hash operation should not be usable. */
1964+
/* A freshly-initialized hash operation should not be usable. */
19651965
TEST_EQUAL( psa_hash_update( &func, input, sizeof( input ) ),
19661966
PSA_ERROR_BAD_STATE );
19671967
TEST_EQUAL( psa_hash_update( &init, input, sizeof( input ) ),
@@ -1999,32 +1999,79 @@ exit:
19991999
/* BEGIN_CASE */
20002000
void hash_bad_order( )
20012001
{
2002+
psa_algorithm_t alg = PSA_ALG_SHA_256;
20022003
unsigned char input[] = "";
20032004
/* SHA-256 hash of an empty string */
2004-
unsigned char hash[] = {
2005+
const unsigned char valid_hash[] = {
20052006
0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
20062007
0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
20072008
0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 };
2009+
unsigned char hash[sizeof(valid_hash)] = { 0 };
20082010
size_t hash_len;
20092011
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
20102012

20112013
PSA_ASSERT( psa_crypto_init( ) );
20122014

2013-
/* psa_hash_update without calling psa_hash_setup beforehand */
2014-
memset( &operation, 0, sizeof( operation ) );
2015+
/* Call update without calling setup beforehand. */
20152016
TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
20162017
PSA_ERROR_BAD_STATE );
2018+
PSA_ASSERT( psa_hash_abort( &operation ) );
20172019

2018-
/* psa_hash_verify without calling psa_hash_setup beforehand */
2019-
memset( &operation, 0, sizeof( operation ) );
2020-
TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ),
2020+
/* Call update after finish. */
2021+
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
2022+
PSA_ASSERT( psa_hash_finish( &operation,
2023+
hash, sizeof( hash ), &hash_len ) );
2024+
TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
2025+
PSA_ERROR_BAD_STATE );
2026+
PSA_ASSERT( psa_hash_abort( &operation ) );
2027+
2028+
/* Call verify without calling setup beforehand. */
2029+
TEST_EQUAL( psa_hash_verify( &operation,
2030+
valid_hash, sizeof( valid_hash ) ),
2031+
PSA_ERROR_BAD_STATE );
2032+
PSA_ASSERT( psa_hash_abort( &operation ) );
2033+
2034+
/* Call verify after finish. */
2035+
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
2036+
PSA_ASSERT( psa_hash_finish( &operation,
2037+
hash, sizeof( hash ), &hash_len ) );
2038+
TEST_EQUAL( psa_hash_verify( &operation,
2039+
valid_hash, sizeof( valid_hash ) ),
2040+
PSA_ERROR_BAD_STATE );
2041+
PSA_ASSERT( psa_hash_abort( &operation ) );
2042+
2043+
/* Call verify twice in a row. */
2044+
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
2045+
PSA_ASSERT( psa_hash_verify( &operation,
2046+
valid_hash, sizeof( valid_hash ) ) );
2047+
TEST_EQUAL( psa_hash_verify( &operation,
2048+
valid_hash, sizeof( valid_hash ) ),
2049+
PSA_ERROR_BAD_STATE );
2050+
PSA_ASSERT( psa_hash_abort( &operation ) );
2051+
2052+
/* Call finish without calling setup beforehand. */
2053+
TEST_EQUAL( psa_hash_finish( &operation,
2054+
hash, sizeof( hash ), &hash_len ),
20212055
PSA_ERROR_BAD_STATE );
2056+
PSA_ASSERT( psa_hash_abort( &operation ) );
20222057

2023-
/* psa_hash_finish without calling psa_hash_setup beforehand */
2024-
memset( &operation, 0, sizeof( operation ) );
2058+
/* Call finish twice in a row. */
2059+
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
2060+
PSA_ASSERT( psa_hash_finish( &operation,
2061+
hash, sizeof( hash ), &hash_len ) );
2062+
TEST_EQUAL( psa_hash_finish( &operation,
2063+
hash, sizeof( hash ), &hash_len ),
2064+
PSA_ERROR_BAD_STATE );
2065+
PSA_ASSERT( psa_hash_abort( &operation ) );
2066+
2067+
/* Call finish after calling verify. */
2068+
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
2069+
PSA_ASSERT( psa_hash_verify( &operation,
2070+
valid_hash, sizeof( valid_hash ) ) );
20252071
TEST_EQUAL( psa_hash_finish( &operation,
20262072
hash, sizeof( hash ), &hash_len ),
20272073
PSA_ERROR_BAD_STATE );
2074+
PSA_ASSERT( psa_hash_abort( &operation ) );
20282075

20292076
exit:
20302077
mbedtls_psa_crypto_free( );

0 commit comments

Comments
 (0)