tests: suit: Decrypt filter tests now using ram_sink

Earlier they used digest sink. Tests using ram_sink
are a bit simpler to analyze.

Signed-off-by: Artur Hadasz <[email protected]>

Author: ahasztag

tests/subsys/suit/decrypt_filter/prj.conf

@@ -13,7 +13,7 @@ CONFIG_SUIT_UTILS=y
 
 CONFIG_SUIT_STREAM=y
 CONFIG_SUIT_STREAM_FILTER_DECRYPT=y
-CONFIG_SUIT_STREAM_SINK_DIGEST=y
+CONFIG_SUIT_STREAM_SINK_RAM=y
 CONFIG_SUIT_STREAM_SOURCE_MEMPTR=y
 
 CONFIG_ZCBOR=y

tests/subsys/suit/decrypt_filter/src/main.c

@@ -7,7 +7,7 @@
 #include <zephyr/ztest.h>
 #include <psa/crypto.h>
 #include <suit_decrypt_filter.h>
-#include <suit_digest_sink.h>
+#include <suit_ram_sink.h>
 #include <suit_memptr_streamer.h>
 
 /* Forward declaration of the internal, temporary AES key-unwrap implementation. */
@@ -16,10 +16,20 @@ psa_status_t suit_aes_key_unwrap_manual(psa_key_id_t kek_key_id, const uint8_t *
 					psa_algorithm_t cek_key_alg,
 					mbedtls_svc_key_id_t *unwrapped_cek_key_id);
 
+/**
+ * The master key used by these tests can be imported into the local KMS backend by running:
+ *
+ * nrfkms import_keyvalue -k TEST_AES_KEY -t aes -v aHWJdIkl5hdXw4SS1nTdVYE/q7ycMOZm2mR6qx/KvKw=
+ *
+ * The KEK below is derived from context "test"
+ * To acquire ut run:
+ * nrfkms export_derived -k TEST_AES_KEY -c test --format native
+ * hexdump -e '16/1 "0x%02x, " "\n"' kms_output/derived_key_native_test_from_TEST_AES_KEY.bin
+ */
 static const uint8_t test_kek_key[] = {
-	0x7b, 0xf2, 0x67, 0xbe, 0x5c, 0x57, 0x35, 0x77, 0xb6, 0xe0, 0x6d,
-	0xa3, 0x61, 0xc0, 0x88, 0x6b, 0x38, 0x91, 0x8a, 0x76, 0xf4, 0x72,
-	0x02, 0xac, 0xf1, 0x38, 0x19, 0x5f, 0x48, 0xd3, 0x60, 0x59,
+	0xf8, 0xfa, 0x8e, 0x7b, 0xed, 0x32, 0xd0, 0xc7, 0x15, 0x1f, 0xd9, 0xab, 0x0d,
+	0x8d, 0xed, 0x95, 0x26, 0xa8, 0x6a, 0x15, 0x34, 0x16, 0x01, 0xcf, 0x9c, 0x6b,
+	0xba, 0x00, 0x6a, 0xab, 0xaa, 0x9a,
 };
 
 static uint8_t kek_key_id_cbor[] = {
@@ -30,34 +40,52 @@ struct suit_decrypt_filter_tests_fixture {
 	psa_key_id_t key_id;
 };
 
-const static uint8_t ciphertext[] = {
-	0x27, 0x3c, 0xa8, 0x1f, 0x01, 0x6b, 0x76, 0xbe, 0x22, 0xab, 0x9f, 0x76,
-	0xab, 0x33, 0x2a, 0x24, 0x08, 0x3b, 0x98, 0xd4, 0x8f, 0x26, 0xa3, 0xdc,
-	0x4f, 0x35, 0xfd, 0x0b, 0x38, 0xb2, 0xd2, 0xd2, 0xc9, 0x4c, 0xde, 0xc9,
-	0x9c, 0xca, 0x5f, 0x56, 0xda, 0x01, 0xe3, 0x66, 0x50, 0xaf, 0x9c,
+static const uint8_t plaintext[] = {
+	"This is a sample plaintext for testing the decryption filter",
 };
 
-static const uint8_t valid_digest[] = {
-	0xfa, 0xf2, 0xf9, 0xb2, 0x44, 0xdc, 0xc7, 0xaa, 0x53, 0x1e, 0x06,
-	0x49, 0x86, 0x6f, 0xfb, 0x3f, 0xf0, 0x8f, 0x86, 0xad, 0xf4, 0xda,
-	0x5e, 0x2c, 0x15, 0xc9, 0xf5, 0xac, 0x06, 0x6b, 0x9f, 0xde,
+static const uint8_t aad[] = {
+	"sample aad"
 };
 
-static const psa_algorithm_t valid_algorithm = PSA_ALG_SHA_256;
+/**
+ * Encryption and using wrapped CEK achieved by running:
+ *
+ * echo "This is a sample plaintext for testing the decryption filter" > plaintext.txt
+ * nrfkms wrap -k TEST_AES_KEY -c test -f plaintext.txt --format native -t aes --aad "sample aad"
+ *
+ * Wrapped CEK stored in the resulting wrapped_aek-aes-... file
+ *
+ * Ciphertext and NONCE (IV) taken from the encrypted_asset-... file, which is in format
+ * |nonce (12 bytes)|ciphertext|tag (16 bytes)|
+ *
+*/
+static const uint8_t wrapped_cek[] = {
+	0x7d, 0xd6, 0xf4, 0xd3, 0x52, 0x44, 0x5a, 0x3a, 0x67, 0xb8, 0xcc,
+	0x74, 0x5b, 0x4b, 0x6f, 0x70, 0x62, 0xc3, 0xf2, 0x7b, 0x6b, 0x14,
+	0xf1, 0x06, 0x57, 0xa3, 0x68, 0x32, 0x44, 0xc3, 0x85, 0x77, 0x86,
+	0xe7, 0xda, 0x15, 0xbf, 0xf8, 0x9e, 0x63
+};
 
-static const uint8_t suit_aad_aes256_gcm[] = {
-	0x83,					   /* array (3 elements) */
-	0x67,					   /* context: text (7 characters) */
-	'E',  'n',  'c', 'r', 'y', 'p', 't', 0x43, /* protected: bstr encoded map (3 elements) */
-	0xA1,					   /* map (1 element) */
-	0x01, 0x03,				   /* alg_id: A256GCM */
-	0x40					   /* external_aad: h'' */
+static const uint8_t ciphertext_aes_kw[] = {
+	/* tag (16 bytes) */
+	0xdc, 0xe6, 0x95, 0xac, 0x0f, 0x61, 0x87, 0x17, 0x51, 0x48, 0xb4, 0xa1,
+	0x8e, 0x09, 0x89, 0xb4,
+	/* ciphertext */
+	0x8b, 0xfb, 0xd9, 0xe4, 0xcf, 0xde, 0xf8, 0xcf, 0xe5, 0x69, 0x9d, 0x6d,
+	0x92, 0x8a, 0x04, 0xf8, 0x26, 0x22, 0xd5, 0xd8, 0xe8, 0x77, 0x18, 0x5a,
+	0x01, 0x13, 0xba, 0xd5, 0x23, 0x72, 0xae, 0x80, 0x44, 0xed, 0xea, 0xdf,
+	0x74, 0x79, 0x8a, 0x83, 0x52, 0x72, 0x2f, 0x43, 0x06, 0xe9, 0xd4, 0xbb,
+	0x54, 0x8a, 0x0d, 0xea, 0x7f, 0xe6, 0x48, 0xf0, 0xfd, 0x0e, 0xbb, 0xaa,
+	0xa3,
 };
 
-static const uint8_t iv_aes256_gcm[] = {
-	0x61, 0x61, 0x75, 0x1C, 0x47, 0x79, 0x33, 0x2F, 0xFC, 0xBE, 0x0A, 0xA9,
+static const uint8_t iv_aes_kw[] = {
+	0x61, 0xb4, 0x70, 0x53, 0xa5, 0xe2, 0x05, 0x68, 0xfe, 0x77, 0x12, 0x89,
 };
 
+static uint8_t output_buffer[128] = {0};
+
 static void *test_suite_setup(void)
 {
 	static struct suit_decrypt_filter_tests_fixture fixture = {0};
@@ -99,15 +127,18 @@ static void test_suite_teardown(void *f)
 	}
 }
 
-ZTEST_SUITE(suit_decrypt_filter_tests, NULL, test_suite_setup, NULL, NULL, test_suite_teardown);
+static void test_before(void* f)
+{
+	(void) f;
+	memset(output_buffer, 0, sizeof(output_buffer));
+}
+
+
+ZTEST_SUITE(suit_decrypt_filter_tests, NULL, test_suite_setup, test_before, NULL, test_suite_teardown);
 
 ZTEST_F(suit_decrypt_filter_tests, test_aes_unwrap_smoke)
 {
 	mbedtls_svc_key_id_t unwrapped_cek_key_id;
-	const uint8_t wrapped_cek[] = {0xb2, 0x43, 0x88, 0x9a, 0x6a, 0x4a, 0x91, 0xc4, 0xf0, 0xb0,
-				       0x9b, 0xe8, 0xc5, 0xbc, 0x54, 0x60, 0xb9, 0x38, 0x99, 0xa0,
-				       0x1a, 0xdd, 0xa7, 0xd3, 0x87, 0x9f, 0xc7, 0x0a, 0xd8, 0xbf,
-				       0x53, 0x28, 0xfa, 0x64, 0xea, 0x44, 0xaf, 0xb5, 0xbb, 0x92};
 
 	psa_status_t status =
 		suit_aes_key_unwrap_manual(fixture->key_id, wrapped_cek, 256, PSA_KEY_TYPE_AES,
@@ -119,20 +150,16 @@ ZTEST_F(suit_decrypt_filter_tests, test_aes_unwrap_smoke)
 ZTEST_F(suit_decrypt_filter_tests, test_filter_smoke)
 {
 	struct stream_sink dec_sink;
-	struct stream_sink digest_sink;
-	const uint8_t wrapped_cek[] = {0x50, 0x0A, 0xC9, 0x37, 0x2F, 0xA0, 0x34, 0x14, 0x8D, 0xB3,
-				       0xE6, 0x59, 0x50, 0xED, 0x37, 0xE4, 0x76, 0xBE, 0x30, 0x18,
-				       0x58, 0x81, 0xEA, 0xFA, 0xE5, 0x8A, 0xD1, 0x44, 0x1E, 0xD1,
-				       0xAB, 0x3C, 0x6E, 0xBD, 0x31, 0xDD, 0x33, 0x61, 0x13, 0x49};
+	struct stream_sink ram_sink;
 	struct suit_encryption_info enc_info = {
 		.enc_alg_id = suit_cose_aes256_gcm,
 		.IV = {
-				.value = iv_aes256_gcm,
-				.len = sizeof(iv_aes256_gcm),
+				.value = iv_aes_kw,
+				.len = sizeof(iv_aes_kw),
 			},
 		.aad = {
-				.value = suit_aad_aes256_gcm,
-				.len = sizeof(suit_aad_aes256_gcm),
+				.value = aad,
+				.len = strlen(aad),
 			},
 		.kw_alg_id = suit_cose_aes256_kw,
 		.kw_key.aes = {.key_id = {.value = kek_key_id_cbor, .len = sizeof(kek_key_id_cbor)},
@@ -142,27 +169,25 @@ ZTEST_F(suit_decrypt_filter_tests, test_filter_smoke)
 					}},
 	};
 
-	suit_plat_err_t err = suit_digest_sink_get(&digest_sink, valid_algorithm, valid_digest);
+	suit_plat_err_t err = suit_ram_sink_get(&ram_sink, output_buffer, sizeof(output_buffer));
 
-	zassert_equal(err, SUIT_PLAT_SUCCESS, "Unable to create digest sink");
+	zassert_equal(err, SUIT_PLAT_SUCCESS, "Unable to create RAM sink");
 
-	err = suit_decrypt_filter_get(&dec_sink, &enc_info, &digest_sink);
+	err = suit_decrypt_filter_get(&dec_sink, &enc_info, &ram_sink);
 
 	zassert_equal(err, SUIT_PLAT_SUCCESS, "Failed to create decrypt filter");
 
-	err = suit_memptr_streamer_stream(ciphertext, sizeof(ciphertext), &dec_sink);
+	err = suit_memptr_streamer_stream(ciphertext_aes_kw, sizeof(ciphertext_aes_kw), &dec_sink);
 
 	zassert_equal(err, SUIT_PLAT_SUCCESS, "Failed to decrypt ciphertext");
 
 	err = dec_sink.flush(dec_sink.ctx);
 
 	zassert_equal(err, SUIT_PLAT_SUCCESS, "Failed to flush decrypt filter");
 
-	err = suit_digest_sink_digest_match(digest_sink.ctx);
-
-	zassert_equal(err, SUIT_PLAT_SUCCESS, "Decrypted content digest mismatch");
-
 	err = dec_sink.release(dec_sink.ctx);
 
 	zassert_equal(err, SUIT_PLAT_SUCCESS, "Failed to release decrypt filter");
+
+	zassert_equal(memcmp(output_buffer, plaintext, strlen(plaintext)), 0, "Decrypted plaintext does not match");
 }