From 34955677e5bee237b94ef0b5fe8e6df53dbc53db Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 12 Feb 2024 14:19:24 +0100 Subject: [PATCH] Don't exercise if the algorithm is not supported Parsing a key and importing it into PSA may result in a policy that specifies an algorithm that is not included in the build. This happens if the key type is supported, but not the algorithm, e.g. in a build with MBEDTLS_ECP_C but not MBEDTLS_ECDSA_C. Signed-off-by: Gilles Peskine --- tests/include/test/psa_exercise_key.h | 16 +++++++++ tests/src/psa_exercise_key.c | 45 ++++++++++++++++++++++++ tests/suites/test_suite_pkparse.function | 8 +++-- 3 files changed, 67 insertions(+), 2 deletions(-) diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index a658d1773..82ef2ad56 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -221,4 +221,20 @@ int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key, psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type, psa_algorithm_t alg); +/** Whether the specified algorithm can be exercised. + * + * \note This function is solely based on the algorithm and does not + * consider potential issues with the compatibility of a key. + * The idea is that you already have a key, so you know that the + * key type is supported, and you want to exercise the key but + * only if the algorithm given in its policy is enabled in the + * compile-time configuration. + * + * \note This function currently only supports signature algorithms + * (including wildcards). + * TODO: a more general mechanism, which should be automatically + * generated and possibly available as a library function? + */ +int mbedtls_test_can_exercise_psa_algorithm(psa_algorithm_t alg); + #endif /* PSA_EXERCISE_KEY_H */ diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index 618b83f31..3fcf77d37 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -1009,4 +1009,49 @@ psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type, } +int mbedtls_test_can_exercise_psa_algorithm(psa_algorithm_t alg) +{ + /* Reject algorithms that we know are not supported. Default to + * attempting exercise, so that if an algorithm is missing from this + * function, the result will be a test failure and not silently + * omitting exercise. */ +#if !defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) + if (alg == PSA_ALG_RSA_PKCS1V15_CRYPT) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_RSA_PSS) + if (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg)) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) + if (PSA_ALG_IS_RSA_PSS_ANY_SALT(alg)) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_ECDSA) + if (PSA_ALG_IS_ECDSA(alg)) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) + if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_ECDH) + if (PSA_ALG_IS_ECDH(alg)) { + return 0; + } +#endif + (void) alg; + return 1; +} + #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index 3227ce9ac..add225d73 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -48,10 +48,14 @@ static int test_psa_bridge(const mbedtls_pk_context *ctx, TEST_EQUAL(mbedtls_pk_get_psa_attributes(ctx, usage_flag, &attributes), 0); TEST_EQUAL(mbedtls_pk_import_into_psa(ctx, &attributes, &psa_key), 0); + psa_algorithm_t exercise_usage = psa_get_key_usage_flags(&attributes); psa_algorithm_t exercise_alg = psa_get_key_algorithm(&attributes); - TEST_ASSERT(mbedtls_test_psa_exercise_key(psa_key, - exercise_usage, exercise_alg)); + if (mbedtls_test_can_exercise_psa_algorithm(exercise_alg)) { + TEST_ASSERT(mbedtls_test_psa_exercise_key(psa_key, + exercise_usage, + exercise_alg)); + } mbedtls_test_set_step((unsigned long) -1); ok = 1;