Update stress test

This commit modifies the stress test and the stress test client to only
check asymmetric encryption/decryption when they're supported by the
provider.

Signed-off-by: Ionut Mihalcea <ionut.mihalcea@arm.com>

e2e_tests/src/stress.rs

@@ -2,7 +2,7 @@
 // SPDX-License-Identifier: Apache-2.0
 use super::TestClient;
 use log::info;
-use parsec_client::core::interface::requests::ResponseStatus;
+use parsec_client::core::interface::requests::{Opcode, ResponseStatus};
 use rand::Rng;
 use rand::{
  distributions::{Alphanumeric, Distribution, Standard},
@@ -96,7 +96,7 @@ struct StressTestWorker {
  config: StressTestConfig,
  sign_key_name: String,
  ecc_key_name: Option<String>,
- encrypt_key_name: String,
+ encrypt_key_name: Option<String>,
  client: TestClient,
 }
 
@@ -108,6 +108,7 @@ impl StressTestWorker {
  let auth = generate_string(10);
  info!("Worker with auth `{}` starting.", auth);
  client.set_default_auth(Some(auth));
+ let opcodes = client.list_opcodes(client.provider()).unwrap();
 
  // Create sign/verify key
  let sign_key_name = generate_string(10);
@@ -132,9 +133,22 @@ impl StressTestWorker {
 
  // Create asym encrypt/decrypt key
  let encrypt_key_name = generate_string(10);
- client
- .generate_rsa_encryption_keys_rsapkcs1v15crypt(encrypt_key_name.clone())
- .expect("Failed to generate asym encr key");
+ let res = client.generate_rsa_encryption_keys_rsapkcs1v15crypt(encrypt_key_name.clone());
+
+ if !(res.is_ok() || res == Err(ResponseStatus::PsaErrorNotSupported)) {
+ panic!(
+ "Failed to create Asymmetric Encryption key with something different than NotSupported: {}",
+ res.unwrap_err()
+ );
+ }
+ let encrypt_key_name = if res.is_ok()
+ && opcodes.contains(&Opcode::PsaAsymmetricEncrypt)
+ && opcodes.contains(&Opcode::PsaAsymmetricDecrypt)
+ {
+ Some(encrypt_key_name)
+ } else {
+ None
+ };
 
  StressTestWorker {
  config,
@@ -162,8 +176,10 @@ impl StressTestWorker {
 
  fn execute_request(&mut self) {
  let mut op: Operation = rand::random();
- while self.ecc_key_name.is_none()
- && (op == Operation::SignEcc || op == Operation::VerifyEcc)
+ while (self.ecc_key_name.is_none()
+ && (op == Operation::SignEcc || op == Operation::VerifyEcc))
+ || (self.encrypt_key_name.is_none()
+ && (op == Operation::AsymEncrypt || op == Operation::AsymDecrypt))
  {
  op = rand::random();
  }
@@ -269,24 +285,20 @@ impl StressTestWorker {
  .expect("Failed to export key");
  }
  Operation::AsymEncrypt => {
- info!("Encrypting with key: {}", self.encrypt_key_name.clone());
+ let encrypt_key_name = self.encrypt_key_name.as_ref().unwrap().clone();
+ info!("Encrypting with key: {}", encrypt_key_name);
  let _ = self
  .client
- .asymmetric_encrypt_message_with_rsapkcs1v15(
- self.encrypt_key_name.clone(),
- vec![0xa5; 16],
- )
+ .asymmetric_encrypt_message_with_rsapkcs1v15(encrypt_key_name, vec![0xa5; 16])
  .expect("Failed to encrypt");
  }
  Operation::AsymDecrypt => {
- info!("Decrypting with key: {}", self.encrypt_key_name.clone());
+ let encrypt_key_name = self.encrypt_key_name.as_ref().unwrap().clone();
+ info!("Decrypting with key: {}", encrypt_key_name);
  // This will fail with a very generic error for PKCS11 at least
  let _status = self
  .client
- .asymmetric_decrypt_message_with_rsapkcs1v15(
- self.encrypt_key_name.clone(),
- vec![0xa5; 128],
- )
+ .asymmetric_decrypt_message_with_rsapkcs1v15(encrypt_key_name, vec![0xa5; 128])
  .expect_err("Should have failed to decrypt");
  }
  }
@@ -302,11 +314,16 @@ impl ServiceChecker {
  }
 
  let mut client = TestClient::new();
+ let opcodes = client.list_opcodes(client.provider()).unwrap();
 
  loop {
  info!("Verifying that the service is still operating correctly");
  ServiceChecker::check_sign(&mut client);
- ServiceChecker::check_encrypt(&mut client);
+ if opcodes.contains(&Opcode::PsaAsymmetricDecrypt)
+ && opcodes.contains(&Opcode::PsaAsymmetricEncrypt)
+ {
+ ServiceChecker::check_encrypt(&mut client);
+ }
  thread::sleep(config.check_interval.unwrap());
  if recv.try_recv().is_ok() {
  return;
@@ -330,7 +347,7 @@ impl ServiceChecker {
  .expect("Verification failed");
 
  client
- .destroy_key(sign_key_name.clone())
+ .destroy_key(sign_key_name)
  .expect("Failed to destroy key");
  }
 
@@ -352,7 +369,7 @@ impl ServiceChecker {
  assert_eq!(plaintext, vec![0xa5; 16]);
 
  client
- .destroy_key(encr_key_name.clone())
+ .destroy_key(encr_key_name)
  .expect("Failed to destroy key");
  }
 }

e2e_tests/tests/per_provider/normal_tests/hash.rs

@@ -27,16 +27,14 @@ fn hash_not_supported() {
  let mut client = TestClient::new();
  if !client.is_operation_supported(Opcode::PsaHashCompute) {
  assert_eq!(
- client.hash_compute(Hash::Sha256, &vec![],).unwrap_err(),
+ client.hash_compute(Hash::Sha256, &[],).unwrap_err(),
  ResponseStatus::PsaErrorNotSupported
  );
  }
 
  if !client.is_operation_supported(Opcode::PsaHashCompare) {
  assert_eq!(
- client
- .hash_compare(Hash::Sha256, &vec![], &vec![])
- .unwrap_err(),
+ client.hash_compare(Hash::Sha256, &[], &[]).unwrap_err(),
  ResponseStatus::PsaErrorNotSupported
  );
  }

e2e_tests/tests/per_provider/normal_tests/key_agreement.rs

@@ -70,11 +70,7 @@ fn simple_raw_key_agreement() {
  .generate_ecc_pair_secp_r1_key(key_name.clone())
  .unwrap();
  let _shared_secret = client
- .raw_key_agreement(
- RawKeyAgreement::Ecdh,
- key_name.clone(),
- &PEER_PUBLIC_KEY_SECPR1,
- )
+ .raw_key_agreement(RawKeyAgreement::Ecdh, key_name, &PEER_PUBLIC_KEY_SECPR1)
  .unwrap();
 }
 
@@ -91,11 +87,7 @@ fn raw_key_agreement_secpr1() {
  .import_ecc_pair_secp_r1_key(key_name.clone(), OUR_KEY_DATA_SECPR1.to_vec())
  .unwrap();
  let shared_secret = client
- .raw_key_agreement(
- RawKeyAgreement::Ecdh,
- key_name.clone(),
- &PEER_PUBLIC_KEY_SECPR1,
- )
+ .raw_key_agreement(RawKeyAgreement::Ecdh, key_name, &PEER_PUBLIC_KEY_SECPR1)
  .unwrap();
 
  assert_eq!(&EXPECTED_OUTPUT_SECPR1, shared_secret.as_slice());