mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2026-04-27 05:53:49 +02:00
71 lines
2.3 KiB
C
71 lines
2.3 KiB
C
/* BEGIN_HEADER */
|
|
|
|
#include "psa/crypto.h"
|
|
#include "test/psa_crypto_helpers.h"
|
|
|
|
#define INVALID_KEY_ID mbedtls_svc_key_id_make(0, 0xfedcba98)
|
|
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_PSA_CRYPTO_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE */
|
|
void import_not_supported(int key_type, data_t *key_material)
|
|
{
|
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
|
mbedtls_svc_key_id_t key_id = INVALID_KEY_ID;
|
|
|
|
PSA_ASSERT(psa_crypto_init());
|
|
psa_set_key_type(&attributes, key_type);
|
|
psa_status_t actual_status =
|
|
psa_import_key(&attributes, key_material->x, key_material->len, &key_id);
|
|
|
|
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
|
if (actual_status == PSA_ERROR_INVALID_ARGUMENT) {
|
|
/* Edge case: when importing an ECC public key with an unspecified
|
|
* bit-size (as we do here), the implementation of psa_import_key()
|
|
* infers the bit-size from the input. If the key type specifies an
|
|
* unknown curve, the validation might reject the data as invalid
|
|
* before it checks that the curve is supported. If so, that's ok.
|
|
* In practice, at the time of writing, this happens with Ed25519,
|
|
* for which a valid but unsupported 32-byte input causes
|
|
* psa_import_key() to fail because it assumes a Weierstrass curve
|
|
* which must have an odd-length encoding.
|
|
*
|
|
* In other cases, we do not expect an INVALID_ARGUMENT error here. */
|
|
TEST_ASSERT(PSA_KEY_TYPE_IS_ECC(key_type));
|
|
} else
|
|
#endif /* defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) */
|
|
{
|
|
TEST_EQUAL(actual_status, PSA_ERROR_NOT_SUPPORTED);
|
|
}
|
|
TEST_ASSERT(mbedtls_svc_key_id_equal(key_id, MBEDTLS_SVC_KEY_ID_INIT));
|
|
|
|
exit:
|
|
psa_destroy_key(key_id);
|
|
PSA_DONE();
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void generate_not_supported(int key_type, int bits)
|
|
{
|
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
|
mbedtls_svc_key_id_t key_id = INVALID_KEY_ID;
|
|
|
|
PSA_ASSERT(psa_crypto_init());
|
|
psa_set_key_type(&attributes, key_type);
|
|
psa_set_key_bits(&attributes, bits);
|
|
TEST_EQUAL(psa_generate_key(&attributes, &key_id),
|
|
PSA_ERROR_NOT_SUPPORTED);
|
|
TEST_ASSERT(mbedtls_svc_key_id_equal(key_id, MBEDTLS_SVC_KEY_ID_INIT));
|
|
|
|
exit:
|
|
psa_destroy_key(key_id);
|
|
PSA_DONE();
|
|
}
|
|
/* END_CASE */
|