SoftwareDesign
/
csu3_am335x


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291
							/* SPDX-License-Identifier: BSD-2-Clause */
/*******************************************************************************
 * Copyright 2018, Fraunhofer SIT sponsored by Infineon Technologies AG
 * All rights reserved.
 ******************************************************************************/

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <stdarg.h>
#include <inttypes.h>
#include <string.h>
#include <stdlib.h>

#include <setjmp.h>
#include <cmocka.h>

#include "tss2_esys.h"
#include "esys_crypto.h"

#define LOGMODULE tests
#include "util/log.h"

/**
 * This unit tst checks several error cases of the crypto backends, which are not
 * covered by the integration tests.
 */

static void
check_hash_functions(void **state)
{
    TSS2_RC rc;
    IESYS_CRYPTO_CONTEXT_BLOB *context;
    uint8_t buffer[10] = { 0 };
    TPM2B tpm2b;
    size_t size = 0;

    rc = iesys_crypto_hash_start(NULL, TPM2_ALG_SHA384);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

#ifndef OSSL
    rc = iesys_crypto_hash_start(&context, TPM2_ALG_SHA512);
    assert_int_equal (rc, TSS2_ESYS_RC_NOT_IMPLEMENTED);
#endif

    rc = iesys_crypto_hash_start(&context, 0);
    assert_int_equal (rc, TSS2_ESYS_RC_NOT_IMPLEMENTED);

    rc = iesys_crypto_hash_start(&context, TPM2_ALG_SHA384);
    assert_int_equal (rc, TSS2_RC_SUCCESS);

    rc = iesys_crypto_hash_finish(NULL, &buffer[0], &size);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    rc = iesys_crypto_hash_finish(&context, &buffer[0], &size);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_SIZE);

    iesys_crypto_hash_abort(NULL);
    iesys_crypto_hash_abort(&context);

    rc = iesys_crypto_hash_update(NULL, &buffer[0], 10);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    rc = iesys_crypto_hash_update2b(NULL, &tpm2b);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    /* Create invalid context */
    rc = iesys_crypto_hmac_start(&context, TPM2_ALG_SHA1, &buffer[0], 10);
    assert_int_equal (rc, TSS2_RC_SUCCESS);

    iesys_crypto_hash_abort(&context);

    rc = iesys_crypto_hash_update(context, &buffer[0], 10);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    rc = iesys_crypto_hash_finish(&context, &buffer[0], &size);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    /* cleanup */
    iesys_crypto_hmac_abort(&context);
}

static void
check_hmac_functions(void **state)
{
    TSS2_RC rc;
    IESYS_CRYPTO_CONTEXT_BLOB *context;
    uint8_t buffer[10] = { 0 };
    TPM2B tpm2b;
    size_t size = 0;

    rc = iesys_crypto_hmac_start(NULL, TPM2_ALG_SHA384, &buffer[0], 10);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

#ifndef OSSL
    rc = iesys_crypto_hmac_start(&context, TPM2_ALG_SHA512, &buffer[0], 10);
    assert_int_equal (rc, TSS2_ESYS_RC_NOT_IMPLEMENTED);
#endif

    rc = iesys_crypto_hmac_start(&context, 0,  &buffer[0], 10);
    assert_int_equal (rc, TSS2_ESYS_RC_NOT_IMPLEMENTED);

    rc = iesys_crypto_hmac_start(&context, TPM2_ALG_SHA1,  &buffer[0], 10);
    assert_int_equal (rc, TSS2_RC_SUCCESS);

    rc = iesys_crypto_hmac_finish(NULL, &buffer[0], &size);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    rc = iesys_crypto_hmac_finish2b(NULL, &tpm2b);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    rc = iesys_crypto_hmac_finish(&context, &buffer[0], &size);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_SIZE);

    iesys_crypto_hmac_abort(NULL);
    iesys_crypto_hmac_abort(&context);

    rc = iesys_crypto_hmac_update(NULL, &buffer[0], 10);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    rc = iesys_crypto_hmac_update2b(NULL, &tpm2b);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    /* Create invalid context */
    rc = iesys_crypto_hash_start(&context, TPM2_ALG_SHA1);
    assert_int_equal (rc, TSS2_RC_SUCCESS);

    iesys_crypto_hmac_abort(&context);

    rc = iesys_crypto_hmac_update(context, &buffer[0], 10);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    rc = iesys_crypto_hmac_finish(&context, &buffer[0], &size);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    /* cleanup */
    iesys_crypto_hash_abort(&context);
}

static void
check_random(void **state)
{
    TSS2_RC rc;
    size_t num_bytes = 0;
    TPM2B_NONCE nonce;
    rc = iesys_crypto_random2b(&nonce, num_bytes);
    assert_int_equal (rc, TSS2_RC_SUCCESS);
}

static void
check_pk_encrypt(void **state)
{
    TSS2_RC rc;
    uint8_t in_buffer[5] = { 1, 2, 3, 4, 5 };
    size_t size = 5;
    uint8_t out_buffer[5];
    TPM2B_PUBLIC inPublicRSA = {
        .size = 0,
        .publicArea = {
            .type = TPM2_ALG_RSA,
            .nameAlg = TPM2_ALG_SHA1,
            .objectAttributes = (TPMA_OBJECT_USERWITHAUTH |
                                 TPMA_OBJECT_RESTRICTED |
                                 TPMA_OBJECT_DECRYPT |
                                 TPMA_OBJECT_FIXEDTPM |
                                 TPMA_OBJECT_FIXEDPARENT |
                                 TPMA_OBJECT_SENSITIVEDATAORIGIN),
            .authPolicy = {
                 .size = 0,
             },
            .parameters.rsaDetail = {
                 .symmetric = {
                     .algorithm = TPM2_ALG_AES,
                     .keyBits.aes = 128,
                     .mode.aes = TPM2_ALG_CFB,
                 },
                 .scheme = {
                      .scheme =
                      TPM2_ALG_NULL,
                  },
                 .keyBits = 2048,
                 .exponent = 0,
             },
            .unique.rsa = {
                 .size = 0,
                 .buffer = {}
                 ,
             }
        }
    };

    inPublicRSA.publicArea.nameAlg = 0;
    rc = iesys_crypto_pk_encrypt(&inPublicRSA, size, &in_buffer[0], size, &out_buffer[0], &size, "LABEL");
    assert_int_equal (rc, TSS2_ESYS_RC_NOT_IMPLEMENTED);

    inPublicRSA.publicArea.nameAlg = TPM2_ALG_SHA1;
    inPublicRSA.publicArea.parameters.rsaDetail.scheme.scheme = 0;
    rc = iesys_crypto_pk_encrypt(&inPublicRSA, size, &in_buffer[0], size, &out_buffer[0], &size, "LABEL");
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_VALUE);
}

static void
check_aes_encrypt(void **state)
{
    TSS2_RC rc;
    uint8_t key[32] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
                       1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16  };
    uint8_t buffer[5] = { 1, 2, 3, 4, 5 };
    size_t size = 5;

    rc = iesys_crypto_sym_aes_encrypt(NULL, TPM2_ALG_AES, 192, TPM2_ALG_CFB,
                                      &buffer[0], size, &key[0]);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    rc = iesys_crypto_sym_aes_encrypt(&key[0], TPM2_ALG_AES, 192, TPM2_ALG_CFB,
                                      &buffer[0], size, &key[0]);
    assert_int_equal (rc, TSS2_RC_SUCCESS);
    rc = iesys_crypto_sym_aes_encrypt(&key[0], TPM2_ALG_AES, 256, TPM2_ALG_CFB,
                                      &buffer[0], size, &key[0]);
    assert_int_equal (rc, TSS2_RC_SUCCESS);

    rc = iesys_crypto_sym_aes_encrypt(&key[0], 0, 256, TPM2_ALG_CFB,
                                      &buffer[0], size, &key[0]);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_VALUE);

    rc = iesys_crypto_sym_aes_encrypt(&key[0], TPM2_ALG_AES, 256, 0,
                                      &buffer[0], size, &key[0]);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_VALUE);

    rc = iesys_crypto_sym_aes_encrypt(&key[0], TPM2_ALG_AES, 999, TPM2_ALG_CFB,
                                      &buffer[0], size, &key[0]);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_VALUE);

    rc = iesys_crypto_sym_aes_decrypt(NULL, TPM2_ALG_AES, 192, TPM2_ALG_CFB,
                                      &buffer[0], size, &key[0]);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_REFERENCE);

    rc = iesys_crypto_sym_aes_decrypt(&key[0], 0, 192, TPM2_ALG_CFB,
                                      &buffer[0], size, &key[0]);
    assert_int_equal (rc, TSS2_ESYS_RC_BAD_VALUE);
}

static void
check_free(void **state)
{
    uint8_t *buffer;

    buffer = malloc(10);
    Esys_Free(buffer);
}

static void
check_get_sys_context(void **state)
{
    ESYS_CONTEXT *ctx;
    TSS2_TCTI_CONTEXT_COMMON_V1 tcti = {0};
    TSS2_SYS_CONTEXT *sys_ctx = NULL;
    TSS2_RC rc;

    rc = Esys_GetSysContext(NULL, NULL);
    assert_int_equal(rc, TSS2_ESYS_RC_BAD_REFERENCE);

    tcti.version = 1;
    tcti.transmit = (void*) 0xdeadbeef;
    tcti.receive = (void*) 0xdeadbeef;

    rc = Esys_Initialize(&ctx, (TSS2_TCTI_CONTEXT *) &tcti, NULL);
    assert_int_equal(rc, TSS2_RC_SUCCESS);

    rc = Esys_GetSysContext(ctx, &sys_ctx);
    assert_ptr_not_equal(sys_ctx, NULL);
    assert_int_equal(rc, TSS2_RC_SUCCESS);

    Esys_Finalize(&ctx);
}

int
main(int argc, char *argv[])
{
    const struct CMUnitTest tests[] = {
        cmocka_unit_test(check_hash_functions),
        cmocka_unit_test(check_hmac_functions),
        cmocka_unit_test(check_random),
        cmocka_unit_test(check_pk_encrypt),
        cmocka_unit_test(check_aes_encrypt),
        cmocka_unit_test(check_free),
        cmocka_unit_test(check_get_sys_context),
    };
    return cmocka_run_group_tests(tests, NULL, NULL);
}