Пример #1
0
 def keys_for_implicit_usage(
         self, implyer_usage: str, alg: str,
         key_type: crypto_knowledge.KeyType) -> StorageTestData:
     # pylint: disable=too-many-locals
     """Generate test keys for the specified implicit usage flag,
        algorithm and key type combination.
     """
     bits = key_type.sizes_to_test()[0]
     implicit_usage = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage]
     usage_flags = 'PSA_KEY_USAGE_EXPORT'
     material_usage_flags = usage_flags + ' | ' + implyer_usage
     expected_usage_flags = material_usage_flags + ' | ' + implicit_usage
     alg2 = 0
     key_material = key_type.key_material(bits)
     usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', implyer_usage)
     alg_expression = re.sub(r'PSA_ALG_', r'', alg)
     alg_expression = re.sub(r',', r', ', re.sub(r' +', r'',
                                                 alg_expression))
     key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_', r'',
                                  key_type.expression)
     description = 'implied by {}: {} {} {}-bit'.format(
         usage_expression, alg_expression, key_type_expression, bits)
     key = StorageTestData(version=self.version,
                           id=1,
                           lifetime=0x00000001,
                           type=key_type.expression,
                           bits=bits,
                           usage=material_usage_flags,
                           expected_usage=expected_usage_flags,
                           without_implicit_usage=True,
                           alg=alg,
                           alg2=alg2,
                           material=key_material,
                           description=description)
     return key
    def test_cases_for_key_type_not_supported(
        self,
        kt: crypto_knowledge.KeyType,
        param: Optional[int] = None,
        param_descr: str = '',
    ) -> Iterator[test_case.TestCase]:
        """Return test cases exercising key creation when the given type is unsupported.

        If param is present and not None, emit test cases conditioned on this
        parameter not being supported. If it is absent or None, emit test cases
        conditioned on the base type not being supported.
        """
        if kt.name in self.ALWAYS_SUPPORTED:
            # Don't generate test cases for key types that are always supported.
            # They would be skipped in all configurations, which is noise.
            return
        import_dependencies = [
            ('!' if param is None else '') + psa_want_symbol(kt.name)
        ]
        if kt.params is not None:
            import_dependencies += [
                ('!' if param == i else '') + psa_want_symbol(sym)
                for i, sym in enumerate(kt.params)
            ]
        if kt.name.endswith('_PUBLIC_KEY'):
            generate_dependencies = []
        else:
            generate_dependencies = import_dependencies
        for bits in kt.sizes_to_test():
            yield test_case_for_key_type_not_supported(
                'import',
                kt.expression,
                bits,
                finish_family_dependencies(import_dependencies, bits),
                test_case.hex_string(kt.key_material(bits)),
                param_descr=param_descr,
            )
            if not generate_dependencies and param is not None:
                # If generation is impossible for this key type, rather than
                # supported or not depending on implementation capabilities,
                # only generate the test case once.
                continue
                # For public key we expect that key generation fails with
                # INVALID_ARGUMENT. It is handled by KeyGenerate class.
            if not kt.name.endswith('_PUBLIC_KEY'):
                yield test_case_for_key_type_not_supported(
                    'generate',
                    kt.expression,
                    bits,
                    finish_family_dependencies(generate_dependencies, bits),
                    str(bits),
                    param_descr=param_descr,
                )
    def test_cases_for_key_type_key_generation(
            kt: crypto_knowledge.KeyType) -> Iterator[test_case.TestCase]:
        """Return test cases exercising key generation.

        All key types can be generated except for public keys. For public key
        PSA_ERROR_INVALID_ARGUMENT status is expected.
        """
        result = 'PSA_SUCCESS'

        import_dependencies = [psa_want_symbol(kt.name)]
        if kt.params is not None:
            import_dependencies += [
                psa_want_symbol(sym) for i, sym in enumerate(kt.params)
            ]
        if kt.name.endswith('_PUBLIC_KEY'):
            # The library checks whether the key type is a public key generically,
            # before it reaches a point where it needs support for the specific key
            # type, so it returns INVALID_ARGUMENT for unsupported public key types.
            generate_dependencies = []
            result = 'PSA_ERROR_INVALID_ARGUMENT'
        else:
            generate_dependencies = import_dependencies
            if kt.name == 'PSA_KEY_TYPE_RSA_KEY_PAIR':
                generate_dependencies.append("MBEDTLS_GENPRIME")
        for bits in kt.sizes_to_test():
            yield test_case_for_key_generation(
                kt.expression, bits,
                finish_family_dependencies(generate_dependencies, bits),
                str(bits), result)