Add acl test - use other partitions' key - asymmetric sign verify

itayzafrir · itayzafrir · commit 5a7ed318aeb8 · 2019-02-27T16:28:36.000+02:00
diff --git a/TESTS/psa/crypto_access_control/COMPONENT_NSPE/main.cpp b/TESTS/psa/crypto_access_control/COMPONENT_NSPE/main.cpp
@@ -337,6 +337,39 @@ void test_use_other_partition_key_aead(void)
     TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_close_key(key_handle));
 }
 
+void test_use_other_partition_key_asymmetric_sign_verify(void)
+{
+    static const psa_key_id_t key_id = 999;
+    static const psa_key_type_t key_type = PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1);
+    static const psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
+    static const psa_key_usage_t key_usage = PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY;
+    static const size_t key_bits = 256;
+    static const unsigned char input[] = "hello world!";
+    unsigned char signature[PSA_ECDSA_SIGNATURE_SIZE(key_bits)] = { 0 };
+    psa_key_handle_t key_handle = 0;
+    size_t len;
+
+    /* via test partition - create a key, set key policy, generate key material and close */
+    TEST_ASSERT_EQUAL(PSA_SUCCESS, create_and_generate_key_via_test_partition(key_id, key_type, key_alg, key_usage,
+                                                                              key_bits, &key_handle, 1));
+
+    /* via test partition - reopen the key created by the test partition */
+    key_handle = 0;
+    TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_open_persistent_key(key_id, &key_handle));
+    TEST_ASSERT_NOT_EQUAL(0, key_handle);
+
+    /* try to asymmetric sign using the key that was created by the test partition */
+    TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_asymmetric_sign(key_handle, key_alg, input, sizeof(input),
+                                                                    signature, sizeof(signature), &len));
+
+    /* try to asymmetric verify using the key that was created by the test partition */
+    TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_asymmetric_verify(key_handle, key_alg, input, sizeof(input),
+                                                                      signature, len));
+
+    /* via test partition - close the key created by the test partition */
+    TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_close_key(key_handle));
+}
+
 utest::v1::status_t case_setup_handler(const Case *const source, const size_t index_of_case)
 {
     psa_status_t status = mbed_psa_reboot_and_request_new_security_state(PSA_LIFECYCLE_ASSEMBLY_AND_TEST);
@@ -382,6 +415,8 @@ Case cases[] = {
          case_setup_handler, test_use_other_partition_key_cipher, case_teardown_handler),
     Case("use other partitions' key - aead",
          case_setup_handler, test_use_other_partition_key_aead, case_teardown_handler),
+    Case("use other partitions' key - asymmetric sign verify",
+         case_setup_handler, test_use_other_partition_key_asymmetric_sign_verify, case_teardown_handler),
 };
 
 Specification specification(test_setup, cases);
