Add test case for early returns from test_wolfTPM2_EncryptSecret

Author: padelsbach

tests/unit.log

@@ -0,0 +1,32 @@
+wolfSSL Entering wolfCrypt_Init
+wolfSSL Entering wc_PubKeyPemToDer
+wolfSSL Entering PemToDer
+RNG_HEALTH_TEST_CHECK_SIZE = 128
+sizeof(seedB_data)         = 128
+Test TPM Wrapper:	Init:	Passed
+Test TPM Wrapper:	Open Existing:	Passed
+Test TPM Wrapper:	Get Capabilities:	Passed
+Test TPM Wrapper:	Get Random:	Passed
+Test TPM Wrapper:	PCR Select Array:	Passed
+Test TPM2:		Policy NULL Args:	Passed
+Test TPM Wrapper:	KDFa:	Passed
+Test TPM Wrapper:	Read Public Key:	Passed
+Test TPM Wrapper:	EncryptSecret:	Passed
+Test TPM Wrapper:	KeyBlob RSA:	Passed
+Test TPM Wrapper:	KeyBlob ECC:	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=20, CurveSz=32, Hash=SHA256, Flags=):	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=32, CurveSz=32, Hash=SHA256, Flags=):	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=48, CurveSz=32, Hash=SHA256, Flags=):	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=64, CurveSz=32, Hash=SHA256, Flags=):	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=20, CurveSz=48, Hash=SHA384, Flags=):	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=32, CurveSz=48, Hash=SHA384, Flags=):	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=48, CurveSz=48, Hash=SHA384, Flags=):	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=64, CurveSz=48, Hash=SHA384, Flags=):	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=20, CurveSz=66, Hash=SHA512, Flags=):	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=32, CurveSz=66, Hash=SHA512, Flags=):	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=48, CurveSz=66, Hash=SHA512, Flags=):	Passed
+Test TPM Wrapper:	Sign/Verify (DigSz=64, CurveSz=66, Hash=SHA512, Flags=):	Passed
+Test ST33 Firmware Upgrade:	API Availability:	Passed
+Test TPM Wrapper:	Cleanup:	Passed
+Test TPM Wrapper:	Thread Local Storage	Passed
+PASS tests/unit.test (exit status: 0)

tests/unit.trs

@@ -0,0 +1,4 @@
+:test-result: PASS
+:global-test-result: PASS
+:recheck: no
+:copy-in-global-log: no

tests/unit_tests.c

@@ -429,6 +429,43 @@ static void test_TPM2_Policy_NULL_Args(void)
     printf("Test TPM2:\t\tPolicy NULL Args:\tPassed\n");
 }
 
+static void test_wolfTPM2_EncryptSecret(void)
+{
+    int rc;
+    WOLFTPM2_DEV dev;
+    WOLFTPM2_KEY tpmKey;
+    TPM2B_DATA data;
+    TPM2B_ENCRYPTED_SECRET secret;
+
+    XMEMSET(&tpmKey, 0, sizeof(tpmKey));
+    XMEMSET(&data, 0, sizeof(data));
+    XMEMSET(&secret, 0, sizeof(secret));
+
+    rc = wolfTPM2_Init(&dev, TPM2_IoCb, NULL);
+    AssertIntEQ(rc, 0);
+
+    /* Test NULL tpmKey returns success (unsalted session) */
+    rc = wolfTPM2_EncryptSecret(&dev, NULL, &data, &secret, "SECRET");
+    AssertIntEQ(rc, TPM_RC_SUCCESS);
+
+    /* Test NULL dev returns BAD_FUNC_ARG */
+    rc = wolfTPM2_EncryptSecret(NULL, &tpmKey, &data, &secret, "SECRET");
+    AssertIntEQ(rc, BAD_FUNC_ARG);
+
+    /* Test NULL data returns BAD_FUNC_ARG */
+    rc = wolfTPM2_EncryptSecret(&dev, &tpmKey, NULL, &secret, "SECRET");
+    AssertIntEQ(rc, BAD_FUNC_ARG);
+
+    /* Test NULL secret returns BAD_FUNC_ARG */
+    rc = wolfTPM2_EncryptSecret(&dev, &tpmKey, &data, NULL, "SECRET");
+    AssertIntEQ(rc, BAD_FUNC_ARG);
+
+    wolfTPM2_Cleanup(&dev);
+
+    printf("Test TPM Wrapper:\tEncryptSecret:\t%s\n",
+        rc == BAD_FUNC_ARG ? "Passed" : "Failed");
+}
+
 static void test_wolfTPM2_Cleanup(void)
 {
     int rc;
@@ -1047,6 +1084,7 @@ int unit_tests(int argc, char *argv[])
     test_wolfTPM_ImportPublicKey();
     test_wolfTPM2_PCRPolicy();
     #endif
+    test_wolfTPM2_EncryptSecret();
     test_wolfTPM2_KeyBlob(TPM_ALG_RSA);
     test_wolfTPM2_KeyBlob(TPM_ALG_ECC);
     #if !defined(WOLFTPM2_NO_WOLFCRYPT) && defined(HAVE_ECC) && \

wolftpm/tpm2_wrap.h

@@ -3402,7 +3402,7 @@ WOLFTPM_API int wolfTPM2_ChangeHierarchyAuth(WOLFTPM2_DEV* dev, WOLFTPM2_SESSION
 #define wolfTPM2_GetCurveSize TPM2_GetCurveSize
 
 /* for encrypting secrets (like salt) used in auth sessions and external key import */
-WOLFTPM_LOCAL int wolfTPM2_EncryptSecret(WOLFTPM2_DEV* dev, const WOLFTPM2_KEY* tpmKey,
+WOLFTPM_API int wolfTPM2_EncryptSecret(WOLFTPM2_DEV* dev, const WOLFTPM2_KEY* tpmKey,
     TPM2B_DATA *secret, TPM2B_ENCRYPTED_SECRET *encSecret, const char* label);