psa: Extend hash bad order test

Patater · Patater · commit 6a8b98608d11 · 2019-02-19T14:11:08.000Z
Extend hash bad order test in line with the new bad order tests for MAC
and cipher, covering more cases and making comments and test layout
consistent.

Ensure that when doing hash operations out of order, PSA_ERROR_BAD_STATE
is returned as documented in crypto.h and the PSA Crypto specification.
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
@@ -1999,32 +1999,79 @@ exit:
 /* BEGIN_CASE */
 void hash_bad_order( )
 {
+    psa_algorithm_t alg = PSA_ALG_SHA_256;
     unsigned char input[] = "";
     /* SHA-256 hash of an empty string */
-    unsigned char hash[] = {
+    const unsigned char valid_hash[] = {
         0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
         0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
         0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 };
+    unsigned char hash[sizeof(valid_hash)] = { 0 };
     size_t hash_len;
     psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
 
     PSA_ASSERT( psa_crypto_init( ) );
 
-    /* psa_hash_update without calling psa_hash_setup beforehand */
-    memset( &operation, 0, sizeof( operation ) );
+    /* Call update without calling setup beforehand. */
     TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
                 PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
 
-    /* psa_hash_verify without calling psa_hash_setup beforehand */
-    memset( &operation, 0, sizeof( operation ) );
-    TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ),
+    /* Call update after finish. */
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_finish( &operation,
+                                 hash, sizeof( hash ), &hash_len ) );
+    TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
+                PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
+
+    /* Call verify without calling setup beforehand. */
+    TEST_EQUAL( psa_hash_verify( &operation,
+                                 valid_hash, sizeof( valid_hash ) ),
+                PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
+
+    /* Call verify after finish. */
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_finish( &operation,
+                                 hash, sizeof( hash ), &hash_len ) );
+    TEST_EQUAL( psa_hash_verify( &operation,
+                                 valid_hash, sizeof( valid_hash ) ),
+                PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
+
+    /* Call verify twice in a row. */
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_verify( &operation,
+                                 valid_hash, sizeof( valid_hash ) ) );
+    TEST_EQUAL( psa_hash_verify( &operation,
+                                 valid_hash, sizeof( valid_hash ) ),
+                PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
+
+    /* Call finish without calling setup beforehand. */
+    TEST_EQUAL( psa_hash_finish( &operation,
+                                 hash, sizeof( hash ), &hash_len ),
                 PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
 
-    /* psa_hash_finish without calling psa_hash_setup beforehand */
-    memset( &operation, 0, sizeof( operation ) );
+    /* Call finish twice in a row. */
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_finish( &operation,
+                                 hash, sizeof( hash ), &hash_len ) );
+    TEST_EQUAL( psa_hash_finish( &operation,
+                                 hash, sizeof( hash ), &hash_len ),
+                PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
+
+    /* Call finish after calling verify. */
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_verify( &operation,
+                                 valid_hash, sizeof( valid_hash ) ) );
     TEST_EQUAL( psa_hash_finish( &operation,
                                  hash, sizeof( hash ), &hash_len ),
                 PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
 
 exit:
     mbedtls_psa_crypto_free( );
