return g_api->encrypt(params, key_alias, password, decrypted, ppencrypted);
}
-// Policy backend to use in subsequent operations (global for each test case)
-PolicyBackend g_backend = PolicyBackend::DEFAULT;
-
-class testBackend {
-public:
- testBackend(PolicyBackend backend){
- m_backend = g_backend;
- g_backend = backend;
- }
-
- virtual ~testBackend(){
- //restore in destructor
- g_backend = m_backend;
- }
-private:
- PolicyBackend m_backend;
-};
-
inline CKM::Password _tostring(const char *str)
{
return (str == nullptr) ? Password() : Password(str);
ckmc_raw_buffer_s* AAD32;
ckmc_raw_buffer_s* AAD64;
-void generateSymmetricKeys(ManagerShPtr& manager, size_t bitLen)
+void generateSymmetricKeys(ManagerShPtr& manager, PolicyBackend backend, size_t bitLen)
{
for (int i = 0; i < KEY_IDX_MAX; i++)
{
- Policy p(Password(), true, g_backend);
+ Policy p(Password(), false, backend);
if (i == PASSWORD_PROTECTED)
p.password.assign(PASSWORD);
}
}
-void generateRsaKeys(ManagerShPtr& manager, size_t bitLen)
+void generateRsaKeys(ManagerShPtr& manager, PolicyBackend backend, size_t bitLen)
{
for (int i = 0; i < KEY_IDX_MAX; i++)
{
- Policy p(Password(), true, g_backend);
+ Policy prvPolicy(Password(), false, backend);
+ Policy pubPolicy(Password(), true, backend);
if (i == PASSWORD_PROTECTED) {
- p.password.assign(PASSWORD);
- //p.extractable = false;
+ prvPolicy.password.assign(PASSWORD);
+ pubPolicy.password.assign(PASSWORD);
}
KeyAliasPair alias;
alias.prv = std::string("akey_") + std::to_string(bitLen) + std::string("_") + std::to_string(i);
alias.pub = std::string("pub") + alias.prv;
- int ret = manager->createKeyPairRSA(bitLen, alias.prv, alias.pub, p);
+ int ret = manager->createKeyPairRSA(bitLen, alias.prv, alias.pub, prvPolicy, pubPolicy);
if (ret != CKM_API_SUCCESS)
RUNNER_ERROR_MSG("RSA key creation failed");
if (ret != CKMC_ERROR_NONE)
RUNNER_ERROR_MSG("DB unlock failed: " << CKMCErrorToString(ret));
+ // Policy backend to use in subsequent operations (global for each test case)
+#ifdef TZ_BACKEND
+ PolicyBackend backend = PolicyBackend::FORCE_HARDWARE;
+#else
+ PolicyBackend backend = PolicyBackend::FORCE_SOFTWARE;
+#endif
+
// generate keys
auto manager = Manager::create();
generateSymmetricKeys(manager, 128);
generateRsaKeys(manager, 4096);
PLAIN_DATA = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
+#ifdef TZ_BACKEND
+ BIG_DATA = create_raw_buffer(createRandomBufferCAPI(100000));
+#else
BIG_DATA = create_raw_buffer(createRandomBufferCAPI(5000000));
+#endif
DEFAULT_IV = createRandomBufferCAPI(DEFAULT_IV_LEN);
IV11 = createRandomBufferCAPI(11);
IV12 = createRandomBufferCAPI(12);
RUNNER_TEST_MULTIPLE(TED_0200_encrypt_decrypt_different_keys, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_GCM, 128}, false);
testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_GCM, 192}, false);
testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_GCM, 256}, false);
// long test split into smaller ones
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CBC_128, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_CBC, 128});
}
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CBC_192, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_CBC, 192});
}
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CBC_256, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_CBC, 256});
}
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_GCM_128, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_GCM, 128});
}
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_GCM_192, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_GCM, 192});
}
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_GCM_256, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_GCM, 256});
}
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CTR_128, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_CTR, 128});
}
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CTR_192, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_CTR, 192});
}
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CTR_256, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_CTR, 256});
}
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CFB_128, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_CFB, 128});
}
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CFB_192, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_CFB, 192});
}
RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CFB_256, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testEncryptDecryptBigData({CKMC_ALGO_AES_CFB, 256});
}
RUNNER_TEST_MULTIPLE(TED_1200_gcm_encryption_tag_len, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testGcmEncryptionTagLen({CKMC_ALGO_AES_GCM, 128});
testGcmEncryptionTagLen({CKMC_ALGO_AES_GCM, 192});
testGcmEncryptionTagLen({CKMC_ALGO_AES_GCM, 256});
RUNNER_TEST_MULTIPLE(TED_1210_gcm_decryption_tag_len, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testGcmDecryptionTagLen({CKMC_ALGO_AES_GCM, 128});
testGcmDecryptionTagLen({CKMC_ALGO_AES_GCM, 192});
testGcmDecryptionTagLen({CKMC_ALGO_AES_GCM, 256});
RUNNER_TEST_MULTIPLE(TED_1230_gcm_wrong_tag, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
testGcmWrongTag({CKMC_ALGO_AES_GCM, 128});
testGcmWrongTag({CKMC_ALGO_AES_GCM, 192});
testGcmWrongTag({CKMC_ALGO_AES_GCM, 256});
RUNNER_TEST_MULTIPLE(TED_1250_gcm_aad, SyncEnv, AsyncEnv)
{
- testBackend b(PolicyBackend::FORCE_SOFTWARE);
encryptionWithCustomData({CKMC_ALGO_AES_GCM, 128}, CKMC_PARAM_ED_AAD);
encryptionWithCustomData({CKMC_ALGO_AES_GCM, 192}, CKMC_PARAM_ED_AAD);
encryptionWithCustomData({CKMC_ALGO_AES_GCM, 256}, CKMC_PARAM_ED_AAD);
projects / platform / core / test / security-tests.git / commitdiff