commit 0dc604ed2b3f207571dd68f0286e23f51793779e
author Raef Coles <raef.coles@arm.com> Mon Oct 10 17:35:26 2022 +0100
committer Raef Coles <raef.coles@arm.com> Thu Oct 13 14:29:48 2022 +0100
tree a31223252359a05802a341d9705bbaad029425f7
parent 4829459c9067bf924aae9a0049a8534eaaf1f92b

Change how LMS and LMOTS negative tests work

Signed-off-by: Raef Coles <raef.coles@arm.com>

tests/suites/test_suite_lms.function

diff --git a/tests/suites/test_suite_lms.function b/tests/suites/test_suite_lms.function
index e4c4b91..9c966cf 100644
--- a/tests/suites/test_suite_lms.function
+++ b/tests/suites/test_suite_lms.function
@@ -85,12 +85,63 @@
                           int expected_rc )
 {
     mbedtls_lms_public_t ctx;
+    unsigned int size;
+    unsigned char *tmp_sig = NULL;
 
     mbedtls_lms_public_init( &ctx);
 
-    mbedtls_lms_import_public_key( &ctx, pub_key->x, pub_key->len );
+    TEST_EQUAL(mbedtls_lms_import_public_key( &ctx, pub_key->x, pub_key->len ), 0);
 
-    TEST_ASSERT( mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ) == expected_rc );
+    TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), expected_rc);
+
+    /* Test negative cases if the input data is valid */
+    if( expected_rc == 0 )
+    {
+        /* Altering first message byte must cause verification failure */
+        msg->x[0] ^= 1;
+        TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ),
+                   MBEDTLS_ERR_LMS_VERIFY_FAILED);
+        msg->x[0] ^= 1;
+
+        /* Altering last message byte must cause verification failure */
+        msg->x[msg->len - 1] ^= 1;
+        TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ),
+                   MBEDTLS_ERR_LMS_VERIFY_FAILED);
+        msg->x[msg->len - 1] ^= 1;
+
+        /* Altering first signature byte must cause verification failure */
+        sig->x[0] ^= 1;
+        TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ),
+                   MBEDTLS_ERR_LMS_VERIFY_FAILED);
+        sig->x[0] ^= 1;
+
+        /* Altering first signature byte must cause verification failure */
+        sig->x[0] ^= 1;
+        TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ),
+                   MBEDTLS_ERR_LMS_VERIFY_FAILED);
+        sig->x[0] ^= 1;
+
+        /* Altering last signature byte must cause verification failure */
+        sig->x[sig->len - 1] ^= 1;
+        TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ),
+                   MBEDTLS_ERR_LMS_VERIFY_FAILED);
+        sig->x[sig->len - 1] ^= 1;
+
+        /* Signatures of all sizes must not verify, whether shorter or longer */
+        for( size = 0; size < sig->len; size++ ) {
+            if( size == sig->len )
+                continue;
+
+            ASSERT_ALLOC( tmp_sig, size );
+            if( tmp_sig != NULL )
+                memcpy( tmp_sig, sig->x, MIN(size, sig->len) );
+
+            TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, tmp_sig, size ),
+                       MBEDTLS_ERR_LMS_VERIFY_FAILED);
+            mbedtls_free( tmp_sig );
+            tmp_sig = NULL;
+        }
+    }
 
 exit:
     mbedtls_lms_public_free( &ctx );