Skip to content

Commit bdc96fd

Browse files
gilles-peskine-armgilles-peskine-arm
committed
Add tests to generate more random than MBEDTLS_CTR_DRBG_MAX_REQUEST
Add tests that call psa_generate_random() (possibly via psa_generate_key()) with a size that's larger than MBEDTLS_CTR_DRBG_MAX_REQUEST. This causes psa_generate_random() to fail because it calls mbedtls_ctr_drbg_random() without taking the maximum request size of CTR_DRBG into account. Non-regression test for #206
1 parent a6b2f60 commit bdc96fd

File tree

2 files changed

+21
-0
lines changed

2 files changed

+21
-0
lines changed

tests/suites/test_suite_psa_crypto.data

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2209,6 +2209,15 @@ generate_random:19
22092209
PSA generate random: 260 bytes
22102210
generate_random:260
22112211

2212+
PSA generate random: MBEDTLS_CTR_DRBG_MAX_REQUEST bytes
2213+
generate_random:MBEDTLS_CTR_DRBG_MAX_REQUEST
2214+
2215+
PSA generate random: MBEDTLS_CTR_DRBG_MAX_REQUEST+1 bytes
2216+
generate_random:MBEDTLS_CTR_DRBG_MAX_REQUEST + 1
2217+
2218+
PSA generate random: 2*MBEDTLS_CTR_DRBG_MAX_REQUEST+1 bytes
2219+
generate_random:2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1
2220+
22122221
PSA generate key: bad type (0)
22132222
generate_key:PSA_KEY_TYPE_NONE:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
22142223

@@ -2227,6 +2236,12 @@ generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_AR
22272236
PSA generate key: raw data, 8 bits
22282237
generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
22292238

2239+
PSA generate key: raw data, (MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
2240+
generate_key:PSA_KEY_TYPE_RAW_DATA:(MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
2241+
2242+
PSA generate key: raw data, (2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
2243+
generate_key:PSA_KEY_TYPE_RAW_DATA:(2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
2244+
22302245
PSA generate key: raw data, 65528 bits (ok)
22312246
depends_on:HAVE_RAM_AVAILABLE_128K
22322247
generate_key:PSA_KEY_TYPE_RAW_DATA:65528:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS

tests/suites/test_suite_psa_crypto.function

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,10 @@
55
#include "mbedtls/asn1write.h"
66
#include "mbedtls/oid.h"
77

8+
/* For MBEDTLS_CTR_DRBG_MAX_REQUEST, knowing that psa_generate_random()
9+
* uses mbedtls_ctr_drbg internally. */
10+
#include "mbedtls/ctr_drbg.h"
11+
812
#include "psa_crypto_helpers.h"
913

1014
/* Tests that require more than 128kB of RAM plus change have this symbol
@@ -14,6 +18,8 @@
1418
* platforms. */
1519
#define HAVE_RAM_AVAILABLE_128K
1620

21+
#include "psa/crypto.h"
22+
1723
/** An invalid export length that will never be set by psa_export_key(). */
1824
static const size_t INVALID_EXPORT_LENGTH = ~0U;
1925

0 commit comments

Comments
 (0)