1 /* Copyright (c) 2024 Nordic Semiconductor
2  * SPDX-License-Identifier: Apache-2.0
3  */
4 #include <zephyr/ztest.h>
5 #include <zephyr/sys/util.h>
6 #include <psa/crypto.h>
7 #include <psa/internal_trusted_storage.h>
8 #include <psa/protected_storage.h>
9 
10 ZTEST_SUITE(secure_storage_psa_crypto, NULL, NULL, NULL, NULL, NULL);
11 
12 #define ID       PSA_KEY_ID_USER_MIN
13 #define KEY_TYPE PSA_KEY_TYPE_AES
14 #define ALG      PSA_ALG_CBC_NO_PADDING
15 #define KEY_BITS 256
16 
fill_key_attributes(psa_key_attributes_t * key_attributes)17 static void fill_key_attributes(psa_key_attributes_t *key_attributes)
18 {
19 	*key_attributes = psa_key_attributes_init();
20 	psa_set_key_lifetime(key_attributes, PSA_KEY_LIFETIME_PERSISTENT);
21 	psa_set_key_usage_flags(key_attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
22 	psa_set_key_id(key_attributes, ID);
23 	psa_set_key_type(key_attributes, KEY_TYPE);
24 	psa_set_key_algorithm(key_attributes, ALG);
25 	psa_set_key_bits(key_attributes, KEY_BITS);
26 }
27 
fill_data(uint8_t * data,size_t size)28 static void fill_data(uint8_t *data, size_t size)
29 {
30 	zassert_equal(psa_generate_random(data, size), PSA_SUCCESS);
31 }
32 
ZTEST(secure_storage_psa_crypto,test_its_caller_isolation)33 ZTEST(secure_storage_psa_crypto, test_its_caller_isolation)
34 {
35 	psa_status_t ret;
36 	psa_key_attributes_t key_attributes;
37 	psa_key_attributes_t retrieved_key_attributes;
38 	psa_key_id_t key_id;
39 	uint8_t data[32];
40 	size_t data_length;
41 	uint8_t its_data[sizeof(data)];
42 	uint8_t ps_data[sizeof(data)];
43 
44 	fill_data(its_data, sizeof(its_data));
45 	fill_data(ps_data, sizeof(ps_data));
46 	zassert_true(memcmp(its_data, ps_data, sizeof(data)));
47 	ret = psa_its_set(ID, sizeof(its_data), its_data, PSA_STORAGE_FLAG_NONE);
48 	zassert_equal(ret, PSA_SUCCESS);
49 	ret = psa_ps_set(ID, sizeof(ps_data), ps_data, PSA_STORAGE_FLAG_NONE);
50 	zassert_equal(ret, PSA_SUCCESS);
51 
52 	fill_key_attributes(&key_attributes);
53 	ret = psa_generate_key(&key_attributes, &key_id);
54 	zassert_equal(ret, PSA_SUCCESS);
55 	zassert_equal(key_id, ID);
56 	ret = psa_purge_key(ID);
57 	zassert_equal(ret, PSA_SUCCESS);
58 
59 	ret = psa_its_get(ID, 0, sizeof(data), data, &data_length);
60 	zassert_equal(ret, PSA_SUCCESS);
61 	zassert_equal(data_length, sizeof(data));
62 	zassert_mem_equal(data, its_data, sizeof(data));
63 	ret = psa_its_remove(ID);
64 	zassert_equal(ret, PSA_SUCCESS);
65 	ret = psa_its_remove(ID);
66 	zassert_equal(ret, PSA_ERROR_DOES_NOT_EXIST);
67 
68 	ret = psa_ps_get(ID, 0, sizeof(data), data, &data_length);
69 	zassert_equal(ret, PSA_SUCCESS);
70 	zassert_equal(data_length, sizeof(data));
71 	zassert_mem_equal(data, ps_data, sizeof(data));
72 	ret = psa_ps_remove(ID);
73 	zassert_equal(ret, PSA_SUCCESS);
74 	ret = psa_ps_remove(ID);
75 	zassert_equal(ret, PSA_ERROR_DOES_NOT_EXIST);
76 
77 	ret = psa_get_key_attributes(ID, &retrieved_key_attributes);
78 	zassert_equal(ret, PSA_SUCCESS);
79 	zassert_mem_equal(&retrieved_key_attributes, &key_attributes, sizeof(key_attributes));
80 	ret = psa_destroy_key(ID);
81 	zassert_equal(ret, PSA_SUCCESS);
82 	ret = psa_get_key_attributes(ID, &retrieved_key_attributes);
83 	zassert_equal(ret, PSA_ERROR_INVALID_HANDLE);
84 }
85 
ZTEST(secure_storage_psa_crypto,test_persistent_key_usage)86 ZTEST(secure_storage_psa_crypto, test_persistent_key_usage)
87 {
88 	psa_status_t ret;
89 	psa_key_attributes_t key_attributes;
90 	psa_key_id_t key_id;
91 	uint8_t key_material[KEY_BITS / BITS_PER_BYTE];
92 
93 	fill_key_attributes(&key_attributes);
94 	fill_data(key_material, sizeof(key_material));
95 	ret = psa_import_key(&key_attributes, key_material, sizeof(key_material), &key_id);
96 	zassert_equal(ret, PSA_SUCCESS);
97 	zassert_equal(key_id, ID);
98 	ret = psa_purge_key(ID);
99 	zassert_equal(ret, PSA_SUCCESS);
100 
101 	static uint8_t plaintext[1024];
102 	static uint8_t ciphertext[PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(KEY_TYPE, ALG, sizeof(plaintext))];
103 	static uint8_t decrypted_text[sizeof(plaintext)];
104 	size_t output_length;
105 
106 	fill_data(plaintext, sizeof(plaintext));
107 	ret = psa_cipher_encrypt(ID, ALG, plaintext, sizeof(plaintext),
108 				 ciphertext, sizeof(ciphertext), &output_length);
109 	zassert_equal(ret, PSA_SUCCESS);
110 	zassert_equal(output_length, sizeof(ciphertext));
111 	ret = psa_purge_key(ID);
112 	zassert_equal(ret, PSA_SUCCESS);
113 
114 	ret = psa_cipher_decrypt(ID, ALG, ciphertext, output_length,
115 				 decrypted_text, sizeof(decrypted_text), &output_length);
116 	zassert_equal(ret, PSA_SUCCESS);
117 	zassert_equal(output_length, sizeof(plaintext));
118 	zassert_mem_equal(plaintext, decrypted_text, sizeof(plaintext));
119 	ret = psa_purge_key(ID);
120 	zassert_equal(ret, PSA_SUCCESS);
121 
122 	ret = psa_destroy_key(ID);
123 	zassert_equal(ret, PSA_SUCCESS);
124 	ret = psa_destroy_key(ID);
125 	zassert_equal(ret, PSA_ERROR_INVALID_HANDLE);
126 }
127