1# PSA Crypto Testcase checklist 2 3 4 5| Group | Test | Function | Scenario | Return Value | Steps | Test Case | | 6|------------------------------|-----------|----------------------------------|----------------------------------------------------------------------------------------|---------------------------------------------|------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------|---| 7| Library Initialization | test_c001 | psa_crypto_init | Library initialization | PSA_SUCCESS | Calling this function should return SUCCESS | | | 8| | | | Applications must call this function before calling any other function in this module. | PSA_SUCCESS | Try calling crypto operations doing a crypto_init should be successful(can be covered as part of other testcase) | | | 9| | | | Applications may call this function more than once. Once a call succeeds | subsequent calls are guaranteed to succeed. | PSA_SUCCESS | Try calling multiple crypto init and should return SUCCESS | | 10| | | | Applications must call this function before calling any other function in this module. | PSA_ERROR_BAD_STATE | Try calling crypto operations without doing a crypto_init should return FAILURE | | | 11| | | | | | | | | 12| Key Management | test_c002 | psa_import_key | Import a key in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | | 13| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | | 14| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | | 15| | | | | | 4. Get basic metadata about a key | 4. 2048 RSA public key | | 16| | | | | | 5. Export a key in binary format | 5. 2048 RSA keypair | | 17| | | | | | 6. Check if original key data matches with the exported data | 6. DES 64 bit key | | 18| | | | | | 7. Reset the key attributes | 7. Triple DES 2-Key | | 19| | | | | | | 8. Triple DES 3-Key | | 20| | | | | | | 9. EC Public key | | 21| | | | | | | 10. EC keypair | | 22| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with incorrect key type | Incorrect key type | | 23| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Key data greater than the algorithm size | | 24| | | | | | | 2. Incorrect key data size | | 25| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid key handle should return this error | | | 26| Key Management | test_c003 | psa_export_key | Export a key in binary format | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | | 27| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | | 28| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | | 29| | | | | | 4. Get basic metadata about a key | 4. 2048 RSA public key | | 30| | | | | | 5. Export a key in binary format | 5. 2048 RSA keypair | | 31| | | | | | 6. Check if original key data matches with the exported data | 6. DES 64 bit key | | 32| | | | | | 7. Reset the key attributes | 7. Triple DES 2-Key | | 33| | | | | | | 8. Triple DES 3-Key | | 34| | | | | | | 9. EC Public key | | 35| | | | | | | 10. EC keypair | | 36| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size | | 37| | | | | PSA_ERROR_NOT_PERMITTED | Calling this function with with key policy as verify should return this error | Key policy as PSA_KEY_USAGE_VERIFY | | 38| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Destroyed key slot | | 39| Key Management | test_c004 | psa_export_public_key | Export a public key or the public part of a key pair in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 2048 RSA public key | | 40| | | | | | 2. Setup the attributes for the key | 2. 2048 RSA keypair | | 41| | | | | | 3. Import the key data into the key slot | 3. EC Public key | | 42| | | | | | 4. Get basic metadata about a key | 4. EC keypair | | 43| | | | | | 5. Export a key in binary format | | | 44| | | | | | 6. Check if original key data matches with the exported data | | | 45| | | | | | 7. Reset the key attributes | | | 46| | | | | | | | | 47| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size | | 48| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. DES 64 bit key | | 49| | | | | | | 2. Triple DES 2-Key | | 50| | | | | | | 3. Triple DES 3-Key | | 51| | | | | PSA_ERROR_NOT_PERMITTED | Calling this function with with key policy as verify should return this error | Key usage as PSA_KEY_USAGE_VERIFY | | 52| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid key handle should return this error | 1. Destroyed key slot | | 53| | | | | PSA_ERROR_BAD_STATE | Calling this function with key policy that cannot be exported | Invalid key policy usage | | 54| | | | | PSA_ERROR_DOES_NOT_EXIST | Calling this function with empty key slot | Empty key slot | | 55| Key Management | test_c005 | psa_destroy_key | Destroy a key and restore the slot to its default state. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | | 56| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | | 57| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | | 58| | | | | | 4. Get basic metadata about a key | 4. 2048 RSA public key | | 59| | | | | | 5. Destroy a key and restore the slot to its default state | 5. 2048 RSA keypair | | 60| | | | | | 6. Check that if the key metadata are destroyed | 6. DES 64 bit key | | 61| | | | | | | 7. Triple DES 2-Key | | 62| | | | | | | 8. Triple DES 3-Key | | 63| | | | | | | 9. EC Public key | | 64| | | | | | | 10. EC keypair | | 65| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | Already destroyed key slot | | 66| Message Digests | test_c006 | psa_hash_compute | Calculate the hash (digest) of a message | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | | 67| | | | | | 2. Calculate the hash (digest) of a message | 2. MD4 | | 68| | | | | | 3. Check if it matches with the expected values | 3. MD5 | | 69| | | | | | | 4. RIPEMD160 | | 70| | | | | | | 5. SHA1 | | 71| | | | | | | 6. SHA224 | | 72| | | | | | | 7. SHA256 | | 73| | | | | | | 8. SHA384 | | 74| | | | | | | 9. SHA512 | | 75| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with small buffer size should return this error | small buffer size | | 76| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with invalid algorithm should return this error | Invalid algorithm | | 77| Message Digests | test_c007 | psa_hash_compare | Calculate the hash (digest) of a message and compare it with a reference value | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | | 78| | | | | | 2. Calculate the hash (digest) of a message and compare it with a reference value | 2. MD4 | | 79| | | | | | | 3. MD5 | | 80| | | | | | | 4. RIPEMD160 | | 81| | | | | | | 5. SHA1 | | 82| | | | | | | 6. SHA224 | | 83| | | | | | | 7. SHA256 | | 84| | | | | | | 8. SHA384 | | 85| | | | | | | 9. SHA512 | | 86| | | | | PSA_ERROR_INVALID_SIGNATURE | Calling this function with incorrect expected hash | Incorrect expected hash | | 87| | | | | | Calling this function with incorrect expected hash | Incorrect expected hash length | | 88| Key Derivation | test_c008 | psa_key_derivation_setup | Set up a key derivation operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. ECDH + HKDF-SHA-256 | | 89| | | | | | 2. Set up a key derivation operation | | | 90| | | | | | 3. Abort the key derivation operation | | | 91| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Bad key derivation algorithm | | 92| | | | | | | 2. Invalid Algorithm | | 93| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported parameter should return this error | ECDH, unknown KDF | | 94| Key Derivation | test_c009 | psa_key_derivation_input_bytes | Provide an input for key derivation or key agreement | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Step as Info | | 95| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. Step as salt | | 96| | | | | | 3. Provide an input for key derivation or key agreement | 3. Step as label | | 97| | | | | | 4. Allocate a key slot for a transient key | 4. Step as seed | | 98| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Step as secret | | 99| | | | | | | 2. Invalid step | | 100| | | | | PSA_ERROR_BAD_STATE | Key derivation on an aborted operation | Aborted operation | | 101| Key Attributes | test_c010 | psa_set_key_id | Set the attributes for the key | NA | 1. Initialize the PSA crypto library | Testing only volatile keys and persistence key types will be supported in future release | | 102| | | psa_set_key_lifetime | | | 2. Check if all the attributes are initialized to zero | | | 103| | | psa_set_key_type | | | 3. Setup the attributes for the key | | | 104| | | psa_set_key_bits | | | 4. Check if all the attributes are as per the input | | | 105| | | psa_set_key_usage_flags | | | 5. Reset the attributes | | | 106| | | psa_set_key_algorithm | | | 6. Check if all the attributes are erased | | | 107| | | psa_get_key_id | Get the attributes for the key | | | | | 108| | | psa_get_key_lifetime | | | | | | 109| | | psa_get_key_type | | | | | | 110| | | psa_get_key_bits | | | | | | 111| | | psa_get_key_usage_flags | | | | | | 112| | | psa_get_key_algorithm | | | | | | 113| | | psa_reset_key_attributes | | | | | | 114| Message Digests | test_c011 | psa_hash_start | Start a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | | 115| | | | | | 2. Start a multipart hash operation | 2. MD4 | | 116| | | | | | 3. Abort the hash operation | 3. MD5 | | 117| | | | | | | 4. RIPEMD160 | | 118| | | | | | | 5. SHA1 | | 119| | | | | | | 6. SHA224 | | 120| | | | | | | 7. SHA256 | | 121| | | | | | | 8. SHA512 | | 122| | | | | | | 9. SHA512_224 | | 123| | | | | | | 10. SHA512_256 | | 124| | | | | | | 11. SHA3_224 1 | | 125| | | | | | | 2. SHA3_256 1 | | 126| | | | | | | 3. SHA3_384 1 | | 127| | | | | | | 4. SHA3_512 | | 128| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported algorithm should return error | Invalid hash algorithm | | 129| | | | | PSA_ERROR_BAD_STATE | Calling this function again after setup | Multiple setup calls after one another | | 130| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid algorithm | | 131| | | | | | | 2. CTR algorithm | | 132| Message Digests | test_c012 | psa_hash_update | Add a message fragment to a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | | 133| | | | | | 2. Start a multipart hash operation | 2. MD4 | | 134| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 | | 135| | | | | | 4. Abort the hash operation | 4. RIPEMD160 | | 136| | | | | | | 5. SHA1 | | 137| | | | | | | 6. SHA224 | | 138| | | | | | | 7. SHA256 | | 139| | | | | | | 8. SHA384 | | 140| | | | | | | 9. SHA512 | | 141| | | | | PSA_ERROR_BAD_STATE | 1. Calling this function without calling the psa_hash_setup() should return error | Operation handle without setup | | 142| | | | | | 2. Calling this function with completed operation handle should return error | Completed operation handle | | 143| Message Digests | test_c013 | psa_hash_verify | Finish the calculation of the hash of a message and compare it with an expected value. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | | 144| | | | | | 2. Start a multipart hash operation | 2. MD4 | | 145| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 | | 146| | | | | | 4. Finish the calculation of the hash of a message and compare it with an expected value | 4. RIPEMD160 | | 147| | | | | | 5. Abort the hash operation | 5. SHA1 | | 148| | | | | | | 6. SHA224 | | 149| | | | | | | 7. SHA256 | | 150| | | | | | | 8. SHA384 | | 151| | | | | | | 9. SHA512 | | 152| | | | | PSA_ERROR_BAD_STATE | Calling this function with inactive operation handle should return error | 1. Inactive operation handle | | 153| | | | | | Calling this function with invalid operation handle should return error | 2. Invalid operation handle | | 154| | | | | PSA_ERROR_INVALID_SIGNATURE | Calling this function with incorrect expected value should return error | 1. Incorrect expected hash value | | 155| | | | | | | 2. Incorrect expected hash length | | 156| Message Digests | test_c014 | psa_hash_finish | Finish the calculation of the hash of a message. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | | 157| | | | | | 2. Start a multipart hash operation | 2. MD4 | | 158| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 | | 159| | | | | | 4. Finish the calculation of the hash of a message | 4. RIPEMD160 | | 160| | | | | | 5. Compare it with the expected value | 5. SHA1 | | 161| | | | | | 6. Abort the hash operation | 6. SHA224 | | 162| | | | | | | 7. SHA256 | | 163| | | | | | | 8. SHA384 | | 164| | | | | | | 9. SHA512 | | 165| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with an inactive operation handle should return error | Inactive operation handle | | 166| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with a hash buffer whose size is less than the algorithm output should return error | Buffer size less than required | | 167| | | | | PSA_ERROR_BAD_STATE | Calling this function with completed operation handle | completed operation handle | | 168| Message Digests | test_c015 | psa_hash_abort | Abort a hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | | 169| | | | | | 2. Start a multipart hash operation | 2. MD4 | | 170| | | | | | 3. Abort a hash operation | 3. MD5 | | 171| | | | | | | 4. RIPEMD160 | | 172| | | | | | | 5. SHA1 | | 173| | | | | | | 6. SHA224 | | 174| | | | | | | 7. SHA256 | | 175| | | | | | | 8. SHA384 | | 176| | | | | | | 9. SHA512 | | 177| Generation | test_c016 | psa_generate_key | Generate a key or key pair | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES | | 178| | | | | | 2. Setup the attributes for the key | 2. DES | | 179| | | | | | 3. Generate a key or key pair | 3. ECC | | 180| | | | | | 4. Get basic metadata about a key | 4. RSA | | 181| | | | | | 5. Check if key type and key length matches | | | 182| | | | | | 6. Export a key in binary format | | | 183| | | | | | 7. Check if the metadata matches | | | 184| | | | | | 8. Reset and destroy the key | | | 185| | | | | | | | | 186| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid usage flags | invalid usage flags | | 187| | | | | PSA_ERROR_ALREADY_EXISTS | Calling this function with pre-occupied key slot should return this error | Pre-occupied key slot | | 188| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function to generate only public key should return this error | 1. Key type as public key | | 189| | | | | | | 2. Invalid key type | | 190| Generation | test_c017 | psa_generate_random | Generate random bytes | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte data | | 191| | | | | | 2. Generate random bytes Run several times to ensure that every output byte will be nonzero at least once | 2. 24 Byte data | | 192| | | | | | 3. Check that no more than bytes have been overwritten | 3. 32 Byte data | | 193| | | | | | 4. Check that every byte was changed to nonzero at least once. | 4. 64 Byte data | | 194| | | | | | | 5. 128 Byte data | | 195| | | | | | | 6. 256 Byte data | | 196| | | | | | | 7. 512 Byte data | | 197| | | | | | | 8. 1000 Byte data | | 198| | | | | | | 9. 1024 Byte data | | 199| Key Derivation | test_c018 | psa_key_derivation_input_key | Provide an input for key derivation in the form of a key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte key | | 200| | | | | | 2. Setup the attributes for the key | | | 201| | | | | | 3. Import the key data into the key slot | | | 202| | | | | | 4. Set up a key derivation operation | | | 203| | | | | | 5. Provide an input for key derivation or key agreement | | | 204| | | | | | 6. Abort the key derivation operation | | | 205| | | | | PSA_ERROR_NOT_PERMITTED | Calling this function with incorrect data | 1. Invalid usage | | 206| | | | | | | 2. Incorrect key algorithm | | 207| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Step as label | | 208| | | | | | | 2. Step as info | | 209| | | | | | | 3. Step as seed | | 210| | | | | | | 4. Step as salt | | 211| | | | | | | 5. Input key type as AES (not derive) | | 212| | | | | | | 6. Key type a RSA public key | | 213| | | | | | | 7. Key type as RSA Keypair | | 214| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with destroyed key handle | 1. No key in slot | | 215| | | | | PSA_ERROR_BAD_STATE | Calling this function without setup should return this error | | | 216| Key Derivation | test_c019 | psa_key_derivation_key_agreement | Perform a key agreement and use the shared secret as input to a key derivation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. ECDH SECP256R1 | | 217| | | | | | 2. Setup the attributes for the key | 2. ECDH SECP384R1 | | 218| | | | | | 3. Import the key data into the key slot | | | 219| | | | | | 4. Set up a key agreement operation | | | 220| | | | | | 5. Perform a key agreement | | | 221| | | | | | 6. Abort | | | 222| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid step | | 223| | | | | | | 2. Invalid usage | | 224| | | | | | | 3. KDF instead of a key agreement algorithm | | 225| | | | | | | 4. Public key on different curve | | 226| | | | | | | 5. Public key instead of private key | | 227| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Zero as key slot | | 228| | | | | | | 2. Empty key handle | | 229| Key Derivation | test_c020 | psa_key_derivation_output_bytes | Read some data from a key derivation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Key | | 230| | | | | | 2. Setup the attributes for the key | 2. Info | | 231| | | | | | 3. Import the key if the derivation input is key | | | 232| | | | | | 4. Set up a key derivation operation | | | 233| | | | | | 5. Set the capacity for the generator | | | 234| | | | | | 6. Provide input as key or data depending on the step | | | 235| | | | | | 7. Read some data from a key derivation operation | | | 236| | | | | | 8. Abort the derivation operation | | | 237| | | | | PSA_ERROR_BAD_STATE | Calling this function with only supportive step | 1. Salt | | 238| | | | | | | 2. Label | | 239| | | | | | | 3. Seed | | 240| | | | | | | 4. Aborted operation | | 241| | | | | PSA_ERROR_INSUFFICIENT_DATA | Calling this function when there are no capacity | 1. Requesting greater capacity than available | | 242| | | | | | | 2. No data available in the operation | | 243| Key Derivation | test_c021 | psa_key_derivation_output_key | Derive a key from an ongoing key derivation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Key | | 244| | | | | | 2. Setup the attributes for the key | 2. Indo | | 245| | | | | | 3. Import the key if the derivation input is key | 3. Label | | 246| | | | | | 4. Set up a key derivation operation | 4. Seed | | 247| | | | | | 5. Set the capacity for the generator | 5. Salt | | 248| | | | | | 6. Provide input as key or data depending on the step | 6. DES key export | | 249| | | | | | 7. Setup the attributes for the new key | 7. ECC keypair | | 250| | | | | | 8. Derive a key from an ongoing key derivation operation | 9. RSA keypair | | 251| | | | | | 9. Abort the derivation operation | | | 252| | | | | PSA_ERROR_INSUFFICIENT_DATA | Calling this function with insufficient data | 1. Requesting greater capacity than available | | 253| | | | | | | 2. No data available in the operation | | 254| | | | | PSA_ERROR_BAD_STATE | Calling this function on an aborted operation shoukd return this error | Aborted operation | | 255| | | | | PSA_ERROR_NOT_SUPPORTED | Generating public key | 1. RSA public key | | 256| | | | | | | 2. ECC public key | | 257| Key Derivation | test_c022 | psa_key_derivation_abort | Abort a key derivation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | | | 258| | | | | | 2. Abort the key derivation operation for the different types of initialization | | | 259| | | | | | 3. Read some data from a key derivation operation with no data in the operation | | | 260| Key Derivation | test_c023 | psa_key_derivation_set_capacity | Set the maximum capacity of a key derivation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Less than operation's capacity | | 261| | | psa_key_derivation_get_capacity | Retrieve the current capacity of a key derivation operation | | 2. Start the key derivation operation | 2. Equal to operation's capacity | | 262| | | | | | 3. Set the capacity for the generator | | | 263| | | | | | 4. Get the capacity for the generator | | | 264| | | | | | 5. Check if the capacity as per the expected value | | | 265| | | | | | 6. Abort the operation | | | 266| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | More than operation's capacity | | 267| | | | | PSA_ERROR_BAD_STATE | Calling this function on an aborted operation shoukd return this error | 1. Get capacity on an aborted operation | | 268| | | | | | | 2. Set capacity on an aborted operation | | 269| AEAD | test_c024 | psa_aead_encrypt | Process an authenticated encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. CCM - 16B AES - 13B Nounce & 8B addi data | | 270| | | | | | 2. Setup the attributes for the key | 2. AES-CCM | | 271| | | | | | 3. Import the key data into the key slot | 3. AES-CCM 24 bytes Tag length = 4 | | 272| | | | | | 4. Call aead encrypt | 4. GCM - 16B AES - 12B Nounce & 12B addi data | | 273| | | | | | 5. Check if the status is expected | 5 | | 274| | | | | | 6. Check if the cipher text and length is as expected | | | 275| | | | | | 7. Destroy and reset the key | | | 276| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES key | | 277| | | | | | | 2. Unsupported algorithm | | 278| | | | | PSA_ERROR_INVALID_HANDLE | | Operation on a destroyed key handle | | 279| | | | | PSA_ERROR_NOT_PERMITTED | | 1. Small output buffer size | | 280| | | | | | | 2. Invalid key usage | | 281| AEAD | test_c025 | psa_aead_decrypt | Process an authenticated decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. GCM -16B AES - 12B Nounce & 12B addi data | | 282| | | | | | 2. Setup the attributes for the key | 2. CCM - 16B AES - 13B Nounce & 8B addi data | | 283| | | | | | 3. Import the key data into the key slot | 3. AES CCM | | 284| | | | | | 4. Call aead decrypt | 4. AES-CCM 24 bytes Tag length = 4 | | 285| | | | | | 5. Check if the status is expected | | | 286| | | | | | 6. Check if the cipher text and length is as expected | | | 287| | | | | | 7. Destroy and reset the key | | | 288| | | | | | | | | 289| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES key | | 290| | | | | | | 2. Unsupported algorithm | | 291| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size | | 292| | | | | PSA_ERROR_INVALID_ARGUMENT | | Invalid tag length | | 293| | | | | PSA_ERROR_INVALID_HANDLE | | Destroyed key handle | | 294| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid key usage | | 295| | | | | PSA_ERROR_INVALID_SIGNATURE | | 1. Invalid cipher text | | 296| | | | | | | 2. Invalid cipher text size | | 297| Message Authentication Codes | test_c026 | psa_mac_sign_setup | Start a multipart MAC calculation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 64 Byte HMAC | | 298| | | | | | 2. Setup the attributes for the key | 2. 16 Byte AES - CMAC | | 299| | | | | | 3. Import the key data into the key slot | | | 300| | | | | | 4. Start a multipart MAC calculation operation | | | 301| | | | | | 5. Abort the MAC operation | | | 302| | | | | | 6. Destroy the key | | | 303| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte AES - GMAC | | 304| | | | | | | 2. Incompatible HMAC for CMAC | | 305| | | | | | | 3. Bad algorithm (unknown MAC algorithm) | | 306| | | | | | | 4. Truncated MAC too small | | 307| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | | 308| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type | | 309| | | | | | | 2. Truncated MAC too large | | 310| | | | | | | 3. Bad algorithm (not a MAC algorithm) | | 311| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key handle | | 312| | | | | | | 2. Zero as key handle | | 313| Message Authentication Codes | test_c027 | psa_mac_update | Add a message fragment to a multipart MAC operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1.64 Byte HMAC SHA256 | | 314| | | | | | 2. Setup the attributes for the key | 2. 16 Byte AES - CMAC | | 315| | | | | | 3. Import the key data into the key slot | 3. 32 Byte HMAC SHA512 | | 316| | | | | | 4. Start a multipart MAC calculation operation | | | 317| | | | | | 5. Add a message fragment to a multipart MAC operation | | | 318| | | | | | 6. Finish the calculation of the MAC of a message | | | 319| | | | | | 7. Abort a MAC operation | | | 320| | | | | | 8. Destroy the key | | | 321| | | | | PSA_ERROR_BAD_STATE | | 1. Completed operation as input | | 322| | | | | | | 2. Uninitialized operation as input | | 323| Message Authentication Codes | test_c028 | psa_mac_sign_finish | Finish the calculation of the MAC of a message | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 | | 324| | | | | | 2. Setup the attributes for the key | 2. HMAC SHA 256 | | 325| | | | | | 3. Import the key data into the key slot | 3. HMAC SHA 512 | | 326| | | | | | 4. Start a multipart MAC calculation operation | 4. HMAC SHA 224 (truncated to 8 Byte) | | 327| | | | | | 5. Add a message fragment to a multipart MAC operation | 5. CMAC AES 128 | | 328| | | | | | 6. Finish the calculation of the MAC of a message | | | 329| | | | | | 7. Check if the MAC length matches with the expected length | | | 330| | | | | | 8. Check if the MAC data matches with the expected data | | | 331| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small size buffer | | 332| | | | | PSA_ERROR_BAD_STATE | Finish the calculation of the MAC of a message using same operation should return error | Aborted operation as input | | 333| Message Authentication Codes | test_c029 | psa_mac_verify_setup | | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 64 Byte HMAC | | 334| | | | | | 2. Setup the attributes for the key | 2. 16 Byte AES - CMAC | | 335| | | | | | 3. Import the key data into the key slot | | | 336| | | | | | 4. Start a multipart MAC calculation operation | | | 337| | | | | | 5. Abort the MAC operation | | | 338| | | | | | 6. Destroy the key | | | 339| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte AES - GMAC | | 340| | | | | | | 2. Incompatible HMAC for CMAC | | 341| | | | | | | 3. Bad algorithm (unknown MAC algorithm) | | 342| | | | | | | 4. Truncated MAC too small | | 343| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | | 344| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type | | 345| | | | | | | 2. Truncated MAC too large | | 346| | | | | | | 3. Bad algorithm (unknown MAC algorithm) | | 347| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key handle | | 348| | | | | | | 2. Zero as key handle | | 349| Message Authentication Codes | test_c030 | psa_mac_verify_finish | Finish the calculation of the MAC of a message and compare it with an expected value | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 | | 350| | | | | | 2. Setup the attributes for the key | 2. HMAC SHA 256 | | 351| | | | | | 3. Import the key data into the key slot | 3. HMAC SHA 512 | | 352| | | | | | 4. Start a multipart MAC calculation operation | 4. HMAC SHA 224 (truncated to 8 Byte) | | 353| | | | | | 5. Add a message fragment to a multipart MAC operation | 5. CMAC AES 128 | | 354| | | | | | 6. Finish the calculation of the MAC of a message and compare with expected value | | | 355| | | | | PSA_ERROR_INVALID_SIGNATURE | | 1. Small size buffer | | 356| | | | | | | 2. Incorrect expected hash | | 357| | | | | PSA_ERROR_BAD_STATE | | Invalid operation as input | | 358| Message Authentication Codes | test_c031 | psa_mac_abort | Abort a MAC operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 | | 359| | | | | | 2. Setup the attributes for the key | 2. HMAC SHA 256 | | 360| | | | | | 3. Import the key data into the key slot | 3. HMAC SHA 512 | | 361| | | | | | 4. Start a multipart MAC calculation operation | 4. CMAC AES 128 | | 362| | | | | | 5. Abort the MAC operation | 5. HMAC truncated | | 363| | | | | | 6. Destroy the key | 6. Multiple abort | | 364| | | | | | | 7. psa_mac_finish after psa_mac_abort should return failure | | 365| Symmetric Ciphers | test_c032 | psa_cipher_encrypt_setup | Set the key for a multipart symmetric encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | | 366| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | | 367| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | | 368| | | | | | 4. Set the key for a multipart symmetric encryption operation | 4. DES 64 bit key | | 369| | | | | | 5. Reset and destroy the key | 5. Triple DES 2-Key | | 370| | | | | | | 6. Triple DES 3-Key | | 371| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte raw data | | 372| | | | | | | 2. Unknown cipher algorithm | | 373| | | | | | | 3. Incompatible key ARC4 | | 374| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Not a cipher algorithm | | 375| | | | | | | 2. RSA public key | | 376| | | | | | | 3. RSA keypair | | 377| | | | | | | 4. EC Public key | | 378| | | | | | | 5. EC keypair | | 379| | | | | PSA_ERROR_NOT_PERMITTED | | Incorrect usage | | 380| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Unallocated key handle | | 381| | | | | | | 2. Zero as key handle | | 382| Symmetric Ciphers | test_c033 | psa_cipher_decrypt_setup | Set the key for a multipart symmetric decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | | 383| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | | 384| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | | 385| | | | | | 4. Set the key for a multipart symmetric decryption operation | 4. DES 64 bit key | | 386| | | | | | 5. Reset and destroy the key | 5. Triple DES 2-Key | | 387| | | | | | | 6. Triple DES 3-Key | | 388| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte raw data | | 389| | | | | | | 2. Unknown cipher algorithm | | 390| | | | | | | 3. Incompatible key ARC4 | | 391| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Not a cipher algorithm | | 392| | | | | | | 2. RSA public key | | 393| | | | | | | 3. RSA keypair | | 394| | | | | | | 4. EC Public key | | 395| | | | | | | 5. EC keypair | | 396| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Unallocated key handle | | 397| | | | | | | 2. Zero as key handle | | 398| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | | 399| Symmetric Ciphers | test_c034 | psa_cipher_generate_iv | Generate an IV for a symmetric encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | | 400| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | | 401| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | | 402| | | | | | 4. Set the key for a multipart symmetric decryption operation | 4. DES 64 bit key | | 403| | | | | | 5. Generate an IV for a symmetric encryption operation | 5. Triple DES 2-Key | | 404| | | | | | 6. Check that if generated iv length match the expected length | 6. Triple DES 3-Key | | 405| | | | | | 7. Check that if generated iv are not zero | 7. AES - large iv buffer | | 406| | | | | | 8. Reset and destroy the key | 8. DES - large iv buffer | | 407| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | 1. AES - small iv buffer | | 408| | | | | | | 2. DES - small iv buffer | | 409| | | | | PSA_ERROR_BAD_STATE | | 1. Completed operation handle | | 410| Symmetric Ciphers | test_c035 | psa_cipher_set_iv | Set the IV for a symmetric encryption or decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | | 411| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | | 412| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | | 413| | | | | | 4. Set the key for a multipart symmetric encryption/decryption operation | 4. DES 64 bit key | | 414| | | | | | 5. Set an IV for a symmetric encryption/decryption operation | 5. Triple DES 2-Key | | 415| | | | | | 6. Reset and destroy the key | 6. Triple DES 3-Key | | 416| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. AES - small iv buffer | | 417| | | | | | | 2. DES - small iv buffer | | 418| | | | | | | 3. AES - large iv buffer | | 419| | | | | | | 4. DES - large iv buffer | | 420| | | | | PSA_ERROR_BAD_STATE | Setting an IV for a symmetric encryption/decryption operation using the same operator should fail | 1. Completed operation handle | | 421| Symmetric Ciphers | test_c036 | psa_cipher_update | Encrypt or decrypt a message fragment in an active cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING | | 422| | | | | | 2. Setup the attributes for the key | 2. AES CBC_NO_PADDING (Short input) | | 423| | | | | | 3. Import the key data into the key slot | 3. AES CBC_PKCS7 | | 424| | | | | | 4. Set the key for a multipart symmetric encryption operation | 4. AES CBC_PKCS7 (Short input) | | 425| | | | | | 5. Set an IV for a symmetric encryption operation | 5. AES CTR | | 426| | | | | | 6. Encrypt or decrypt a message fragment in an active cipher operation | 6. DES CBC (nopad) | | 427| | | | | | 7. Check if the output length matches the expected length | 7. 2-key 3DE -CBC (nopad) | | 428| | | | | | 8. Check if the output data matches the expected data | 8. 3-key 3DE -CBC (nopad) | | 429| | | | | | 9. Reset and destroy the key | | | 430| | | | | PSA_ERROR_BAD_STATE | Encrypt or decrypt a message fragment in an invalid cipher operation should fail | Invalid operation as input | | 431| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size | | 432| Symmetric Ciphers | test_c037 | psa_cipher_finish | Finish encrypting or decrypting a message in a cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING | | 433| | | | | | 2. Setup the attributes for the key | 2. AES CBC_PKCS7 | | 434| | | | | | 3. Import the key data into the key slot | 3. AES CBC_PKCS7 (Short input) | | 435| | | | | | 4. Set the key for a multipart symmetric encryption operation | 4. AES CTR | | 436| | | | | | 5. Set an IV for a symmetric encryption operation | 5. DES CBC (nopad) | | 437| | | | | | 6. Encrypt or decrypt a message fragment in an active cipher operation | 6. 2-key 3DE -CBC (nopad) | | 438| | | | | | 7. Finish encrypting or decrypting a message in a cipher operation | 7. 3-key 3DE -CBC (nopad) | | 439| | | | | | 8. Check if the output length matches the expected length | | | 440| | | | | | 9. Check if the output data matches the expected data | | | 441| | | | | | 10. Reset and destroy the key | | | 442| | | | | PSA_ERROR_BAD_STATE | Encrypt or decrypt a message fragment in an invalid cipher operation should fail | Invalid operation as input | | 443| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size | | 444| | | | | PSA_ERROR_INVALID_ARGUMENT | | AES CBC_NO_PADDING (Short input) | | 445| Symmetric Ciphers | test_c038 | psa_cipher_abort | Abort a cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Encrypt - AES CBC_NO_PADDING | | 446| | | | | | 2. Setup the attributes for the key | 2. Encrypt - AES CBC_PKCS7 | | 447| | | | | | 3. Import the key data into the key slot | 3. Encrypt - AES CTR | | 448| | | | | | 4. Set the key for a multipart symmetric encryption/decryption operation | 4. Encrypt - DES CBC (nopad) | | 449| | | | | | 5. Abort a cipher operation | 5. Encrypt - 2-key 3DE -CBC (nopad) | | 450| | | | | | 6. Multiple abort cipher operation should return success | 6. Encrypt - 3-key 3DE -CBC (nopad) | | 451| | | | | | | 7. Decrypt - AES CBC_NO_PADDING | | 452| | | | | | | 8. Decrypt - AES CBC_PKCS7 | | 453| | | | | | | 9. Decrypt - AES CTR | | 454| | | | | | | 10. Decrypt - DES CBC (nopad) | | 455| | | | | | | 11. Decrypt - 2-key 3DE -CBC (nopad) | | 456| | | | | | | 12. Decrypt - 3-key 3DE -CBC (nopad) | | 457| | | | | | | 13. psa_cipher_update after psa_cipher_abort should fail | | 458| Asymmetric Cryptography | test_c039 | psa_asymmetric_encrypt | Encrypt a short message with a public key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA PKCS1V15 | | 459| | | | | | 2. Setup the attributes for the key | 2. RSA OAEP SHA256 | | 460| | | | | | 3. Import the key data into the key slot | 3. RSA OAEP SHA256 with label | | 461| | | | | | 4. Encrypt a short message with a public key | 4. RSA KEYPAIR PKCS1V15 | | 462| | | | | | 5. Check if the output length matches with the expected output length | | | 463| | | | | | 6. Decrypt the cipher text | | | 464| | | | | | 7. Check if the output length matches with the input length | | | 465| | | | | | 8. Check if the output matches with the given input data | | | 466| | | | | | 9. Reset and destroy the key | | | 467| | | | | | | | | 468| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type | | 469| | | | | | | 2. Invalid algorithm | | 470| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | | 471| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer | | 472| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid handle | | 473| | | | | | | 2. Zero as key handle | | 474| Asymmetric Cryptography | test_c040 | psa_asymmetric_decrypt | Decrypt a short message with a private key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 | | 475| | | | | | 2. Setup the attributes for the key | 2. RSA KEYPAIR OAEP SHA256 | | 476| | | | | | 3. Import the key data into the key slot | 3. RSA KEYPAIR OAEP SHA256 with label | | 477| | | | | | 4. Decrypt a short message with a private key | | | 478| | | | | | 5. Check if the output length matches with the expected length | | | 479| | | | | | 6. Check if the output matches with the expected data | | | 480| | | | | | 7. Reset and destroy the key | | | 481| | | | | PSA_ERROR_INVALID_ARGUMENT+E524 | | 1. Invalid key type (RSA public key) | | 482| | | | | | | 2. Invalid algorithm | | 483| | | | | | | 3. Invalid key type (AES Key) | | 484| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot | | 485| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | | 486| | | | | PSA_ERROR_INVALID_HANDLE | | Uninitialized key handle | | 487| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer | | 488| Asymmetric Cryptography | test_c041 | psa_sign_hash | Sign a hash or short message with a private key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW | | 489| | | | | | 2. Setup the attributes for the key | 2. RSA KEYPAIR PKCS1V15 SHA-256 | | 490| | | | | | 3. Import the key data into the key slot | 3. ECDSA KEYPAIR SECP256R1 SHA-256 | | 491| | | | | | 4. Sign a hash or short message with a private key | | | 492| | | | | | 4. Check if the output length matches with the expected length | | | 493| | | | | | 5. Check if the output matches with the expected data | | | 494| | | | | | 6. Reset and destroy the key | | | 495| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type (RSA public key) | | 496| | | | | | | 2. Invalid algorithm | | 497| | | | | | | 3. Invalid key type (AES Key) | | 498| | | | | | | 4. Wrong hash size | | 499| | | | | PSA_ERROR_INVALID_HANDLE | | Uninitialized key handle | | 500| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot | | 501| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | | 502| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer | | 503| Asymmetric Cryptography | test_c042 | psa_verify_hash | Verify the signature a hash or short message using a public key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW | | 504| | | | | | 2. Setup the attributes for the key | 2. RSA KEYPAIR PKCS1V15 SHA-256 | | 505| | | | | | 3. Import the key data into the key slot | 3. ECDSA KEYPAIR SECP256R1 SHA-256 | | 506| | | | | | 4. Verify the signature a hash or short message using a public key | 4. RSA public key | | 507| | | | | | 5. Reset and destroy the key | 5. EC public key | | 508| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid algorithm | | 509| | | | | | | 2. Wrong hash size | | 510| | | | | PSA_ERROR_INVALID_HANDLE | | | | 511| | | | | PSA_ERROR_INVALID_SIGNATURE | | Wrong signature size | | 512| | | | | | | Wrong signature | | 513| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot | | 514| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | | 515| | | | | PSA_ERROR_NOT_SUPPORTED | | Invalid key type (AES Key) | | 516| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer | | 517| Key Derivation | test_c043 | psa_raw_key_agreement | Perform a key agreement and return the raw shared secret | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. ECDH SECP256R1 | | 518| | | | | | 2. Setup the attributes for the key | 2. ECDH SECP384R1 | | 519| | | | | | 3. Import the key data into the key slot | | | 520| | | | | | 4. Set up a key agreement operation | | | 521| | | | | | 5. Reset and destroy the key | | | 522| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Not a key agreement alg | | 523| | | | | | | 2. Public key on different curve | | 524| | | | | | | 3. Public key instead of private key | | 525| | | | | | | 4. Unknown KDF | | 526| | | | | | | 5. Small size buffer | | 527| | | | | PSA_ERROR_INVALID_HANDLE | | Uninitialized key handle | | 528| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | | 529| Key Management | test_c044 | psa_copy_key | Copy key material from one location to another | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | | 530| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | | 531| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES with constraints | | 532| | | | | | 4. Setup the attributes for the target key | 4. 2048 RSA public key | | 533| | | | | | 5. Make a copy of a key | 5. 2048 RSA key pair | | 534| | | | | | 6. Destroy the source to ensure that this doesn't affect the target | 6. DES 64 bit key | | 535| | | | | | 7. Export a key in binary format and check if it matches with source material | 7. Triple DES 2-Key | | 536| | | | | | 8. Reset and destroy the key | 8. Triple DES 3-Key | | 537| | | | | | | 9. EC Public key | | 538| | | | | | | 10. EC key pair | | 539| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Incompatible target policy(source and target) | | 540| | | | | | | 2. Incompatible constraint | | 541| | | | | | | 3. Incompatible target policy | | 542| | | | | | | 4. Copy on a destroyed source | | 543| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Unallocated target key slot | | 544| | | | | PSA_ERROR_NOT_PERMITTED | | Usage set as export (not copy) | | 545| Key Management | test_c045 | psa_hash_clone | Clone a hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | | 546| | | | | | 2. Start a multipart hash operation | 2. MD4 | | 547| | | | | | 3. Clone a hash operation | 3. MD5 | | 548| | | | | | 4. Add a message fragment to a multipart hash source_operation | 4. RIPEMD160 | | 549| | | | | | 5. Finish the calculation of the hash of a message | 5. SHA1 | | 550| | | | | | 6. Abort the hash operation | 6. SHA224 | | 551| | | | | | | 7. SHA256 | | 552| | | | | | | 8. SHA512 | | 553| | | | | PSA_ERROR_BAD_STATE | Cloning to an active hash operation should be an error | 1. Active clone hash | | 554| | | | | | | 2. Aborted operator | | 555| Message Authentication Codes | test_c046 | psa_mac_compute | Calculate the MAC (message authentication code) of a message. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 | | 556| | | | | | 2. Setup the attributes for the key | 2. CMAC AES 128 | | 557| | | | | | 3. Import the key data into the key slot | 3. HMAC SHA 224 (truncated to 8 Byte | | 558| | | | | | 4. Calculate the MAC (message authentication code) of a message | 4. HMAC SHA 512 | | 559| | | | | | 5. Check if the MAC length and data matches with the expected values | 5. HMAC SHA 256 | | 560| | | | | | 6. Reset and destroy the key | | | 561| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported values | 1. Incompactible HMAC for CMAC | | 562| | | | | | | 2. Invalid usage | | 563| | | | | | | 3. Truncated MAC too small | | 564| | | | | | | 4. Bad algorithm (unknown MAC algorithm) | | 565| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid key type | | 566| | | | | | | 2. Truncated MAC too large | | 567| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small size buffer | | 568| | | | | PSA_ERROR_INVALID_HANDLE | | Destroyed key handle | | 569| Message Authentication Codes | test_c047 | psa_mac_verify | Calculate the MAC of a message and compare it with a reference value | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 | | 570| | | | | | 2. Setup the attributes for the key | 2. HMAC SHA 256 | | 571| | | | | | 3. Import the key data into the key slot | 3. HMAC SHA 512 | | 572| | | | | | 4. Calculate and verify MAC with reference value | 4. HMAC SHA 224 (truncated to 8 Byte) | | 573| | | | | | 5. Reset and destroy the key | 5. CMAC AES 128 | | 574| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported values | 1. Incompactible HMAC for CMAC | | 575| | | | | | | 2. Invalid usage | | 576| | | | | | | 3. Truncated MAC too small | | 577| | | | | | | 4. Bad algorithm (unknown MAC algorithm) | | 578| | | | | PSA_ERROR_INVALID_SIGNATURE | | 1. Small size buffer | | 579| | | | | | | 2. Incorrect expected MAC | | 580| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Truncated MAC too large | | 581| | | | | | | 2. Invalid key type | | 582| | | | | PSA_ERROR_INVALID_HANDLE | | Destroyed key handle | | 583| Symmetric Ciphers | test_c048 | psa_cipher_encrypt | Encrypt a message using a symmetric cipher. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING | | 584| | | | | | 2. Setup the attributes for the key | 2. AES CBC_PKCS7 | | 585| | | | | | 3. Import the key data into the key slot | 3. AES CBC_PKCS7 (Short input) | | 586| | | | | | 4. Encrypt a message using a symmetric cipher | 4. AES CTR | | 587| | | | | | 5. Check if the output matches the expected value | 5. AES CTR (short input) | | 588| | | | | | 6. Reset and destroy the key | 6. DES CBC (nopad) | | 589| | | | | | | 7. 2-key 3DE -CBC (nopad) | | 590| | | | | | | 8. 3-key 3DE -CBC (nopad) | | 591| | | | | PSA_ERROR_NOT_PERMITTED | | Decrypt - AES CBC_NO_PADDING | | 592| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size | | 593| | | | | PSA_ERROR_INVALID_ARGUMENT | | AES CBC_NO_PADDING (Short input) | | 594| | | | | PSA_ERROR_INVALID_HANDLE | | Aborted key handle | | 595| Symmetric Ciphers | test_c049 | psa_cipher_decrypt | Decrypt a message using a symmetric cipher. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING | | 596| | | | | | 2. Setup the attributes for the key | 2. AES CBC_PKCS7 | | 597| | | | | | 3. Import the key data into the key slot | 3. AES CBC_PKCS7 (Short input) | | 598| | | | | | 4. Encrypt a message using a symmetric cipher | 4. AES CTR | | 599| | | | | | 5. Check if the output matches the expected value | 5. AES CTR (short input) | | 600| | | | | | 6. Reset and destroy the key | 6. DES CBC (nopad) | | 601| | | | | | | 7. 2-key 3DE -CBC (nopad) | | 602| | | | | | | 8. 3-key 3DE -CBC (nopad) | | 603| | | | | PSA_ERROR_INVALID_ARGUMENT | | AES CBC_NO_PADDING (Short input) | | 604| | | | | PSA_ERROR_NOT_PERMITTED | | AES CBC_NO_PADDING | | 605| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size | | 606| | | | | PSA_ERROR_INVALID_HANDLE | | Aborted key handle | | 607| Key Management | test_c050 | psa_open_key | Open a handle to an existing persistent key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | | 608| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | | 609| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | | 610| | | | | | 4. Save the details of current check, key id and key handle value in NV memory | 4. 2048 RSA public key | | 611| | | | | | 5. Reset the system | 5. 2048 RSA keypair | | 612| | | | | | 6. After reset, get the values of check, key id and key handle value before the system was reset from NV | 6. DES 64 bit key | | 613| | | | | | 7. Get the attributes of the imported key and check if it matches the given value | 7. Triple DES 2-Key | | 614| | | | | | 8. Export a key in binary format | 8. Triple DES 3-Key | | 615| | | | | | 9. Check the value of the exported key | 9. EC Public key | | 616| | | | | | 10. Reset and destroy the key | 10. EC keypair | | 617| | | | | PSA_ERROR_INVALID_ARGUMENT | | Key data greater than the algorithm size | | 618| Key Management | test_c051 | psa_close_key | Close a key handle | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | | 619| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | | 620| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | | 621| | | | | | 4. Close the key handle | 4. 2048 RSA public key | | 622| | | | | | 5. Check if all the attributes are erased | 5. 2048 RSA keypair | | 623| | | | | | 6. Open the key handle and retrieve the data | 6. DES 64 bit key | | 624| | | | | | | 7. Triple DES 2-Key | | 625| | | | | | | 8. Triple DES 3-Key | | 626| | | | | | | 9. EC Public key | | 627| | | | | | | 10. EC keypair | | 628| | | | | PSA_ERROR_INVALID_HANDLE | | Closing an empty key handle | | 629| AEAD | test_c052 | psa_aead_encrypt_setup | Set the key for a multipart authenticated encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | | 630| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | | 631| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | | 632| | | | | | 4. Set the key for a multipart authenticated encryption operation | | | 633| | | | | | 5. Destroy the key | | | 634| | | | | | 6. Abort the AEAD operation | | | 635| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES Key | | 636| | | | | | | 2. Unsupported Algorithm | | 637| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid key usage | | 638| | | | | PSA_ERROR_INVALID_HANDLE | | Destroyed key handle | | 639| AEAD | test_c053 | psa_aead_decrypt_setup | Set the key for a multipart authenticated decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | | 640| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | | 641| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | | 642| | | | | | 4. Set the key for a multipart authenticated decryption operation | | | 643| | | | | | 5. Destroy the key | | | 644| | | | | | 6. Abort the AEAD operation | | | 645| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES Key | | 646| | | | | | | 2. Unsupported Algorithm | | 647| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid key usage | | 648| | | | | PSA_ERROR_INVALID_HANDLE | | Destroyed key handle | | 649| AEAD | test_c054 | psa_aead_generate_nonce | Generate a random nonce for an authenticated encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | | 650| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | | 651| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | | 652| | | | | | 4. Set the key for a multipart authenticated decryption operation | | | 653| | | | | | 5. Generate a random nonce for an authenticated encryption operation | | | 654| | | | | | 6. Check that if generated iv are non zero | | | 655| | | | | | 7. Destroy the key | | | 656| | | | | | 8. Reset the key attributes | | | 657| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small buffer size | | 658| | | | | PSA_ERROR_BAD_STATE | | 1. Call generate a random nonce twice | | 659| | | | | | | 2. Aborted operation | | 660| AEAD | test_c055 | psa_aead_set_nonce | Set the nonce for an authenticated encryption or decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | | 661| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | | 662| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | | 663| | | | | | 4. Set the key for a multipart authenticated decryption operation | | | 664| | | | | | 5. Set the nonce for an authenticated encryption operation | | | 665| | | | | | 6. Reset and destroy the key | | | 666| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Small nounce size | | 667| | | | | | | 2. Large nonce size | | 668| | | | | PSA_ERROR_BAD_STATE | | 1. Call set nonce twice | | 669| | | | | | | 2. Aborted operation | | 670| AEAD | test_c056 | psa_aead_set_lengths | Declare the lengths of the message and additional data for AEAD | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | | 671| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | | 672| | | | | | 3. Import the key data into the key slot | | | 673| | | | | | 4. Set the key for a multipart authenticated decryption operation | | | 674| | | | | | 5. Set the nonce for an authenticated encryption operation | | | 675| | | | | | 6. Declare the lengths of the message and additional data for AEAD | | | 676| | | | | | 7. Abort the AEAD operation | | | 677| | | | | | 8. Reset and destroy the key | | | 678| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Zero ad size | | 679| | | | | | | 2. Zero plaintext size | | 680| | | | | | | 3. Invalid lengths | | 681| | | | | | | 4. Vey large lengths | | 682| | | | | PSA_ERROR_BAD_STATE | | 1. Failed operation | | 683| | | | | | | 2. Aborted operation | | 684| AEAD | test_c057 | psa_aead_update_ad | Pass additional data to an active AEAD operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | | 685| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | | 686| | | | | | 3. Import the key data into the key slot | | | 687| | | | | | 4. Set the key for a multipart authenticated decryption operation | | | 688| | | | | | 5. Set the nonce for an authenticated encryption operation | | | 689| | | | | | 6. Declare the lengths of the message and additional data for AEAD | | | 690| | | | | | 7. Pass additional data to an active AEAD operation | | | 691| | | | | | 8. Reset and destroy the key | | | 692| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Zero ad size | | 693| | | | | | | 2. Zero plaintext size | | 694| | | | | | | 3. Invalid lengths | | 695| | | | | | | 4. Vey large lengths | | 696| | | | | PSA_ERROR_BAD_STATE | | Inactive AEAD operation | | 697| AEAD | test_c058 | psa_aead_update | Encrypt or decrypt a message fragment in an active AEAD operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | | 698| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | | 699| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | | 700| | | | | | 4. Set the key for a multipart authenticated decryption operation | | | 701| | | | | | 5. Set the nonce for an authenticated encryption operation | | | 702| | | | | | 6. Declare the lengths of the message and additional data for AEAD | | | 703| | | | | | 7. Pass additional data to an active AEAD operation | | | 704| | | | | | 8. Encrypt or decrypt a message fragment in an active AEAD operation | | | 705| | | | | | 9. Compare the output and its length with the expected values | | | 706| | | | | | 10. Abort the AEAD operation | | | 707| | | | | | 11. Reset and destroy the key | | | 708| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Zero plaintext size | | 709| | | | | | | 2. Input length overflows plaintext length | | 710| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small buffer size | | 711| | | | | PSA_ERROR_BAD_STATE | | Inactive AEAD operation | | 712| AEAD | test_c059 | psa_aead_finish | Finish encrypting a message in an AEAD operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | | 713| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | | 714| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | | 715| | | | | | 4. Set the key for a multipart authenticated decryption operation | | | 716| | | | | | 5. Set the nonce for an authenticated encryption operation | | | 717| | | | | | 6. Declare the lengths of the message and additional data for AEAD | | | 718| | | | | | 7. Pass additional data to an active AEAD operation | | | 719| | | | | | 8. Encrypt or decrypt a message fragment in an active AEAD operation | | | 720| | | | | | 9. Finish encrypting a message in an AEAD operation | | | 721| | | | | | 10. Compare the output and its length with the expected values | | | 722| | | | | | 11. Abort the AEAD operation | | | 723| | | | | | 12. Reset and destroy the key | | | 724| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Zero plaintext size | | 725| | | | | | | 2. Input length overflows plaintext length | | 726| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small buffer size | | 727| | | | | PSA_ERROR_BAD_STATE | | Inactive AEAD operation | | 728| AEAD | test_c060 | psa_aead_abort | Abort an AEAD operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | | 729| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | | 730| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | | 731| | | | | | 4. Set the key for a multipart authenticated decryption operation | | | 732| | | | | | 5. Abort the AEAD operation | | | 733| | | | | | 6. Reset and destroy the key | | | 734| AEAD | test_c061 | psa_aead_verify | Finish authenticating and decrypting a message in an AEAD operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | | 735| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | | 736| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | | 737| | | | | | 4. Set the key for a multipart authenticated decryption operation | | | 738| | | | | | 5. Set the nonce for an authenticated encryption operation | | | 739| | | | | | 6. Declare the lengths of the message and additional data for AEAD | | | 740| | | | | | 7. Pass additional data to an active AEAD operation | | | 741| | | | | | 8. Encrypt or decrypt a message fragment in an active AEAD operation | | | 742| | | | | | 9. Finish decrypting a message in an AEAD operation | | | 743| | | | | | 10. Compare the output and its length with the expected values | | | 744| | | | | | 11. Abort the AEAD operation | | | 745| | | | | | 12. Reset and destroy the key | | | 746| | | | | PSA_ERROR_INVALID_ARGUMENT | | Input length is less than plaintext length | | 747| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small buffer size | | 748| | | | | PSA_ERROR_BAD_STATE | | Inactive operator | | 749 750## License 751Arm PSA test suite is distributed under Apache v2.0 License. 752 753-------------- 754 755*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.* 756
