TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 08620cbb62b7ce26d58cdba335b7b87407764929 / . / tests / suites / test_suite_pk.function
blob: fc917d003672279e0844eedff2595b2a9ca7c461 [file] [log] [blame]
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/pk.h"
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]3
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]4/* For error codes */
Gilles Peskine998fbfb2018-12-19 17:08:51 +0100[diff] [blame]5#include "mbedtls/asn1.h"
6#include "mbedtls/base64.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]7#include "mbedtls/ecp.h"
8#include "mbedtls/rsa.h"
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]9
Hanno Becker251d7522019-08-21 13:28:44 +0100[diff] [blame]10#if defined(MBEDTLS_USE_TINYCRYPT)
11#include "tinycrypt/ecc_dh.h"
12#endif /* MBEDTLS_USE_TINYCRYPT */
13
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]14#include <limits.h>
Andres Amaya Garcia6ff067d2017-06-09 14:26:59 +0100[diff] [blame]15#include <stdint.h>
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]16
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]17static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
18
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]19#define RSA_KEY_SIZE 512
20#define RSA_KEY_LEN 64
21
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]22static int pk_genkey( mbedtls_pk_context *pk )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]23{
Paul Bakkera5320902013-12-19 17:29:52 +0100[diff] [blame]24 ((void) pk);
25
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]26#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
27 if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA )
Hanno Becker251d7522019-08-21 13:28:44 +0100[diff] [blame]28 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]29 return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), rnd_std_rand, NULL, RSA_KEY_SIZE, 3 );
Hanno Becker251d7522019-08-21 13:28:44 +0100[diff] [blame]30 } else
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]31#endif
Hanno Becker251d7522019-08-21 13:28:44 +0100[diff] [blame]32#if defined(MBEDTLS_USE_TINYCRYPT)
33 if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY )
34 {
35 int ret;
36
37 ret = uECC_make_key( mbedtls_pk_uecc( *pk )->public_key,
38 mbedtls_pk_uecc( *pk )->private_key,
39 uECC_secp256r1() );
40 if( ret == 0 )
41 return( -1 );
42
43 return( 0 );
44 } else
45#endif /* MBEDTLS_USE_TINYCRYPT */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]46#if defined(MBEDTLS_ECP_C)
47 if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY ||
48 mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY_DH ||
49 mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]50 {
51 int ret;
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]52 if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]53 MBEDTLS_ECP_DP_SECP192R1 ) ) != 0 )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]54 return( ret );
55
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]56 return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, &mbedtls_pk_ec( *pk )->d,
57 &mbedtls_pk_ec( *pk )->Q, rnd_std_rand, NULL );
Hanno Becker251d7522019-08-21 13:28:44 +0100[diff] [blame]58 } else
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]59#endif
Hanno Becker251d7522019-08-21 13:28:44 +0100[diff] [blame]60 return( -1 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]61}
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]62
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]63#if defined(MBEDTLS_RSA_C)
64int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]65 const unsigned char *input, unsigned char *output,
66 size_t output_max_len )
67{
Hanno Becker6ac972d2017-09-07 10:57:48 +0100[diff] [blame]68 return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx,
69 rnd_std_rand, NULL, mode, olen,
70 input, output, output_max_len ) );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]71}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]72int mbedtls_rsa_sign_func( void *ctx,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]73 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]74 int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]75 const unsigned char *hash, unsigned char *sig )
76{
Hanno Beckera5400682017-05-03 16:43:15 +0100[diff] [blame]77 ((void) f_rng);
78 ((void) p_rng);
79 return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, rnd_std_rand, NULL, mode,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]80 md_alg, hashlen, hash, sig ) );
81}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]82size_t mbedtls_rsa_key_len_func( void *ctx )
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]83{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]84 return( ((const mbedtls_rsa_context *) ctx)->len );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]85}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]86#endif /* MBEDTLS_RSA_C */
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]87/* END_HEADER */
88
89/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]90 * depends_on:MBEDTLS_PK_C
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]91 * END_DEPENDENCIES
92 */
93
94/* BEGIN_CASE */
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]95void valid_parameters( )
96{
97 mbedtls_pk_context pk;
Gilles Peskineee3cfec2018-12-19 17:10:02 +0100[diff] [blame]98 unsigned char buf[1];
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]99 size_t len;
Gilles Peskineee3cfec2018-12-19 17:10:02 +0100[diff] [blame]100 void *options = NULL;
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]101
102 mbedtls_pk_init( &pk );
103
Gilles Peskine1f19fa62018-12-19 14:18:39 +0100[diff] [blame]104 TEST_VALID_PARAM( mbedtls_pk_free( NULL ) );
105
106#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
107 TEST_VALID_PARAM( mbedtls_pk_restart_free( NULL ) );
108#endif
109
Gilles Peskinee146e7d2018-12-19 13:20:21 +0100[diff] [blame]110 TEST_ASSERT( mbedtls_pk_setup( &pk, NULL ) ==
111 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]112
Gilles Peskine6af45ec2018-12-19 17:52:05 +0100[diff] [blame]113 /* In informational functions, we accept NULL where a context pointer
114 * is expected because that's what the library has done forever.
115 * We do not document that NULL is accepted, so we may wish to change
116 * the behavior in a future version. */
Gilles Peskinee146e7d2018-12-19 13:20:21 +0100[diff] [blame]117 TEST_ASSERT( mbedtls_pk_get_bitlen( NULL ) == 0 );
Gilles Peskinee146e7d2018-12-19 13:20:21 +0100[diff] [blame]118 TEST_ASSERT( mbedtls_pk_get_len( NULL ) == 0 );
Gilles Peskinee146e7d2018-12-19 13:20:21 +0100[diff] [blame]119 TEST_ASSERT( mbedtls_pk_can_do( NULL, MBEDTLS_PK_NONE ) == 0 );
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]120
Gilles Peskineee3cfec2018-12-19 17:10:02 +0100[diff] [blame]121 TEST_ASSERT( mbedtls_pk_sign_restartable( &pk,
122 MBEDTLS_MD_NONE,
123 NULL, 0,
124 buf, &len,
125 rnd_std_rand, NULL,
126 NULL ) ==
127 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
128
129 TEST_ASSERT( mbedtls_pk_sign_restartable( &pk,
130 MBEDTLS_MD_NONE,
131 NULL, 0,
132 buf, &len,
133 rnd_std_rand, NULL,
134 NULL ) ==
135 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
136
137 TEST_ASSERT( mbedtls_pk_sign( &pk,
138 MBEDTLS_MD_NONE,
139 NULL, 0,
140 buf, &len,
141 rnd_std_rand, NULL ) ==
142 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
143
144 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk,
145 MBEDTLS_MD_NONE,
146 NULL, 0,
147 buf, sizeof( buf ),
148 NULL ) ==
149 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
150
151 TEST_ASSERT( mbedtls_pk_verify( &pk,
152 MBEDTLS_MD_NONE,
153 NULL, 0,
154 buf, sizeof( buf ) ) ==
155 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
156
157 TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
158 &pk,
159 MBEDTLS_MD_NONE,
160 NULL, 0,
161 buf, sizeof( buf ) ) ==
162 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
163
Gilles Peskinee146e7d2018-12-19 13:20:21 +0100[diff] [blame]164 TEST_ASSERT( mbedtls_pk_encrypt( &pk,
165 NULL, 0,
166 NULL, &len, 0,
167 rnd_std_rand, NULL ) ==
168 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]169
Gilles Peskinee146e7d2018-12-19 13:20:21 +0100[diff] [blame]170 TEST_ASSERT( mbedtls_pk_decrypt( &pk,
171 NULL, 0,
172 NULL, &len, 0,
173 rnd_std_rand, NULL ) ==
174 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]175
176#if defined(MBEDTLS_PK_PARSE_C)
Gilles Peskinee146e7d2018-12-19 13:20:21 +0100[diff] [blame]177 TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1 ) ==
178 MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]179
Gilles Peskinee146e7d2018-12-19 13:20:21 +0100[diff] [blame]180 TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, NULL, 0 ) ==
181 MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]182#endif /* MBEDTLS_PK_PARSE_C */
Gilles Peskine998fbfb2018-12-19 17:08:51 +0100[diff] [blame]183}
184/* END_CASE */
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]185
Gilles Peskine998fbfb2018-12-19 17:08:51 +0100[diff] [blame]186/* BEGIN_CASE depends_on:MBEDTLS_PK_WRITE_C */
187void valid_parameters_pkwrite( data_t *key_data )
188{
189 mbedtls_pk_context pk;
190
191 /* For the write tests to be effective, we need a valid key pair. */
192 mbedtls_pk_init( &pk );
193 TEST_ASSERT( mbedtls_pk_parse_key( &pk,
194 key_data->x, key_data->len,
195 NULL, 0 ) == 0 );
196
Gilles Peskinee146e7d2018-12-19 13:20:21 +0100[diff] [blame]197 TEST_ASSERT( mbedtls_pk_write_key_der( &pk, NULL, 0 ) ==
Gilles Peskine998fbfb2018-12-19 17:08:51 +0100[diff] [blame]198 MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]199
Gilles Peskinee146e7d2018-12-19 13:20:21 +0100[diff] [blame]200 TEST_ASSERT( mbedtls_pk_write_pubkey_der( &pk, NULL, 0 ) ==
Gilles Peskine998fbfb2018-12-19 17:08:51 +0100[diff] [blame]201 MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
202
203#if defined(MBEDTLS_PEM_WRITE_C)
204 TEST_ASSERT( mbedtls_pk_write_key_pem( &pk, NULL, 0 ) ==
205 MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
206
207 TEST_ASSERT( mbedtls_pk_write_pubkey_pem( &pk, NULL, 0 ) ==
208 MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
209#endif /* MBEDTLS_PEM_WRITE_C */
210
211exit:
212 mbedtls_pk_free( &pk );
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]213}
214/* END_CASE */
215
216/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
217void invalid_parameters( )
218{
219 size_t len;
220 unsigned char *null_buf = NULL;
221 unsigned char buf[1];
222 unsigned char *p = buf;
223 char str[1] = {0};
224 mbedtls_pk_context pk;
Gilles Peskineee3cfec2018-12-19 17:10:02 +0100[diff] [blame]225 mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]226 void *options = buf;
227
Gilles Peskine88ca3a22018-12-20 12:26:16 +0100[diff] [blame]228 (void) null_buf;
229 (void) p;
Gilles Peskine743e3982018-12-20 12:29:48 +0100[diff] [blame]230 (void) str;
Gilles Peskine88ca3a22018-12-20 12:26:16 +0100[diff] [blame]231
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]232 mbedtls_pk_init( &pk );
233
234 TEST_INVALID_PARAM( mbedtls_pk_init( NULL ) );
235
236#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
237 TEST_INVALID_PARAM( mbedtls_pk_restart_init( NULL ) );
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]238#endif
239
240 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
241 mbedtls_pk_setup( NULL, NULL ) );
242
243#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
244 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
245 mbedtls_pk_setup_rsa_alt( NULL, buf,
246 NULL, NULL, NULL ) );
247#endif
248
249 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
250 mbedtls_pk_verify_restartable( NULL,
251 MBEDTLS_MD_NONE,
252 buf, sizeof( buf ),
253 buf, sizeof( buf ),
254 NULL ) );
255 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
256 mbedtls_pk_verify_restartable( &pk,
257 MBEDTLS_MD_NONE,
258 NULL, sizeof( buf ),
259 buf, sizeof( buf ),
260 NULL ) );
261 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
262 mbedtls_pk_verify_restartable( &pk,
Gilles Peskineee3cfec2018-12-19 17:10:02 +0100[diff] [blame]263 valid_md,
264 NULL, 0,
265 buf, sizeof( buf ),
266 NULL ) );
267 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
268 mbedtls_pk_verify_restartable( &pk,
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]269 MBEDTLS_MD_NONE,
270 buf, sizeof( buf ),
271 NULL, sizeof( buf ),
272 NULL ) );
273
274 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
275 mbedtls_pk_verify( NULL,
276 MBEDTLS_MD_NONE,
277 buf, sizeof( buf ),
278 buf, sizeof( buf ) ) );
279 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
280 mbedtls_pk_verify( &pk,
281 MBEDTLS_MD_NONE,
282 NULL, sizeof( buf ),
283 buf, sizeof( buf ) ) );
284 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
285 mbedtls_pk_verify( &pk,
Gilles Peskineee3cfec2018-12-19 17:10:02 +0100[diff] [blame]286 valid_md,
287 NULL, 0,
288 buf, sizeof( buf ) ) );
289 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
290 mbedtls_pk_verify( &pk,
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]291 MBEDTLS_MD_NONE,
292 buf, sizeof( buf ),
293 NULL, sizeof( buf ) ) );
294
295 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
296 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
297 NULL,
298 MBEDTLS_MD_NONE,
299 buf, sizeof( buf ),
300 buf, sizeof( buf ) ) );
301 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
302 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
303 &pk,
304 MBEDTLS_MD_NONE,
305 NULL, sizeof( buf ),
306 buf, sizeof( buf ) ) );
307 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
308 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
309 &pk,
Gilles Peskineee3cfec2018-12-19 17:10:02 +0100[diff] [blame]310 valid_md,
311 NULL, 0,
312 buf, sizeof( buf ) ) );
313 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
314 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
315 &pk,
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]316 MBEDTLS_MD_NONE,
317 buf, sizeof( buf ),
318 NULL, sizeof( buf ) ) );
319
320 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
321 mbedtls_pk_sign_restartable( NULL,
322 MBEDTLS_MD_NONE,
323 buf, sizeof( buf ),
324 buf, &len,
325 rnd_std_rand, NULL,
326 NULL ) );
327 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
328 mbedtls_pk_sign_restartable( &pk,
329 MBEDTLS_MD_NONE,
330 NULL, sizeof( buf ),
331 buf, &len,
332 rnd_std_rand, NULL,
333 NULL ) );
334 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
335 mbedtls_pk_sign_restartable( &pk,
Gilles Peskineee3cfec2018-12-19 17:10:02 +0100[diff] [blame]336 valid_md,
337 NULL, 0,
338 buf, &len,
339 rnd_std_rand, NULL,
340 NULL ) );
341 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
342 mbedtls_pk_sign_restartable( &pk,
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]343 MBEDTLS_MD_NONE,
344 buf, sizeof( buf ),
345 NULL, &len,
346 rnd_std_rand, NULL,
347 NULL ) );
348
349 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
350 mbedtls_pk_sign( NULL,
351 MBEDTLS_MD_NONE,
352 buf, sizeof( buf ),
353 buf, &len,
354 rnd_std_rand, NULL ) );
355 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
356 mbedtls_pk_sign( &pk,
357 MBEDTLS_MD_NONE,
358 NULL, sizeof( buf ),
359 buf, &len,
360 rnd_std_rand, NULL ) );
361 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
362 mbedtls_pk_sign( &pk,
Gilles Peskineee3cfec2018-12-19 17:10:02 +0100[diff] [blame]363 valid_md,
364 NULL, 0,
365 buf, &len,
366 rnd_std_rand, NULL ) );
367 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
368 mbedtls_pk_sign( &pk,
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]369 MBEDTLS_MD_NONE,
370 buf, sizeof( buf ),
371 NULL, &len,
372 rnd_std_rand, NULL ) );
373
374 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
375 mbedtls_pk_decrypt( NULL,
376 buf, sizeof( buf ),
377 buf, &len, sizeof( buf ),
378 rnd_std_rand, NULL ) );
379 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
380 mbedtls_pk_decrypt( &pk,
381 NULL, sizeof( buf ),
382 buf, &len, sizeof( buf ),
383 rnd_std_rand, NULL ) );
384 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
385 mbedtls_pk_decrypt( &pk,
386 buf, sizeof( buf ),
387 NULL, &len, sizeof( buf ),
388 rnd_std_rand, NULL ) );
389 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
390 mbedtls_pk_decrypt( &pk,
391 buf, sizeof( buf ),
392 buf, NULL, sizeof( buf ),
393 rnd_std_rand, NULL ) );
394
395 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
396 mbedtls_pk_encrypt( NULL,
397 buf, sizeof( buf ),
398 buf, &len, sizeof( buf ),
399 rnd_std_rand, NULL ) );
400 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
401 mbedtls_pk_encrypt( &pk,
402 NULL, sizeof( buf ),
403 buf, &len, sizeof( buf ),
404 rnd_std_rand, NULL ) );
405 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
406 mbedtls_pk_encrypt( &pk,
407 buf, sizeof( buf ),
408 NULL, &len, sizeof( buf ),
409 rnd_std_rand, NULL ) );
410 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
411 mbedtls_pk_encrypt( &pk,
412 buf, sizeof( buf ),
413 buf, NULL, sizeof( buf ),
414 rnd_std_rand, NULL ) );
415
416 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
417 mbedtls_pk_check_pair( NULL, &pk ) );
418 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
419 mbedtls_pk_check_pair( &pk, NULL ) );
420
421 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
422 mbedtls_pk_debug( NULL, NULL ) );
423
424#if defined(MBEDTLS_PK_PARSE_C)
Gilles Peskined6027112018-12-20 12:15:41 +0100[diff] [blame]425#if defined(MBEDTLS_FS_IO)
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]426 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
427 mbedtls_pk_load_file( NULL, &p, &len ) );
428 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
429 mbedtls_pk_load_file( str, NULL, &len ) );
430 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
431 mbedtls_pk_load_file( str, &p, NULL ) );
432
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]433 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
434 mbedtls_pk_parse_keyfile( NULL, str, NULL ) );
435 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
436 mbedtls_pk_parse_keyfile( &pk, NULL, NULL ) );
437
438 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
439 mbedtls_pk_parse_public_keyfile( NULL, str ) );
440 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
441 mbedtls_pk_parse_public_keyfile( &pk, NULL ) );
442#endif
443
444 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
445 mbedtls_pk_parse_subpubkey( NULL, buf, &pk ) );
446 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
447 mbedtls_pk_parse_subpubkey( &null_buf, buf, &pk ) );
448 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
449 mbedtls_pk_parse_subpubkey( &p, NULL, &pk ) );
450 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
451 mbedtls_pk_parse_subpubkey( &p, buf, NULL ) );
452
453 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
454 mbedtls_pk_parse_key( NULL,
455 buf, sizeof( buf ),
456 buf, sizeof( buf ) ) );
457 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
458 mbedtls_pk_parse_key( &pk,
459 NULL, sizeof( buf ),
460 buf, sizeof( buf ) ) );
Gilles Peskine78438e42018-12-19 00:55:07 +0100[diff] [blame]461
462 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
463 mbedtls_pk_parse_public_key( NULL,
464 buf, sizeof( buf ) ) );
465 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
466 mbedtls_pk_parse_public_key( &pk,
467 NULL, sizeof( buf ) ) );
468#endif /* MBEDTLS_PK_PARSE_C */
469
470#if defined(MBEDTLS_PK_WRITE_C)
471 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
472 mbedtls_pk_write_pubkey( NULL, p, &pk ) );
473 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
474 mbedtls_pk_write_pubkey( &null_buf, p, &pk ) );
475 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
476 mbedtls_pk_write_pubkey( &p, NULL, &pk ) );
477 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
478 mbedtls_pk_write_pubkey( &p, p, NULL ) );
479
480 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
481 mbedtls_pk_write_pubkey_der( NULL,
482 buf, sizeof( buf ) ) );
483 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
484 mbedtls_pk_write_pubkey_der( &pk,
485 NULL, sizeof( buf ) ) );
486
487 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
488 mbedtls_pk_write_key_der( NULL,
489 buf, sizeof( buf ) ) );
490 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
491 mbedtls_pk_write_key_der( &pk,
492 NULL, sizeof( buf ) ) );
493
494#if defined(MBEDTLS_PEM_WRITE_C)
495 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
496 mbedtls_pk_write_pubkey_pem( NULL,
497 buf, sizeof( buf ) ) );
498 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
499 mbedtls_pk_write_pubkey_pem( &pk,
500 NULL, sizeof( buf ) ) );
501
502 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
503 mbedtls_pk_write_key_pem( NULL,
504 buf, sizeof( buf ) ) );
505 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
506 mbedtls_pk_write_key_pem( &pk,
507 NULL, sizeof( buf ) ) );
508#endif /* MBEDTLS_PEM_WRITE_C */
509
510#endif /* MBEDTLS_PK_WRITE_C */
511}
512/* END_CASE */
513
514/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]515void pk_utils( int type, int size, int len, char * name )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]516{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]517 mbedtls_pk_context pk;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]518
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]519 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]520
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]521 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]522 TEST_ASSERT( pk_genkey( &pk ) == 0 );
523
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]524 TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type );
525 TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) );
Manuel Pégourié-Gonnard097c7bb2015-06-18 16:43:38 +0200[diff] [blame]526 TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == (unsigned) size );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]527 TEST_ASSERT( mbedtls_pk_get_len( &pk ) == (unsigned) len );
528 TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]529
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]530exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]531 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]532}
533/* END_CASE */
534
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]535/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_FS_IO */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]536void mbedtls_pk_check_pair( char * pub_file, char * prv_file, int ret )
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]537{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]538 mbedtls_pk_context pub, prv, alt;
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]539
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]540 mbedtls_pk_init( &pub );
541 mbedtls_pk_init( &prv );
542 mbedtls_pk_init( &alt );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]543
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]544 TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &pub, pub_file ) == 0 );
545 TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL ) == 0 );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]546
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]547 TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv ) == ret );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]548
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]549#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
550 if( mbedtls_pk_get_type( &prv ) == MBEDTLS_PK_RSA )
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]551 {
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]552 TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, mbedtls_pk_rsa( prv ),
Hanno Becker6ac972d2017-09-07 10:57:48 +0100[diff] [blame]553 mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func,
554 mbedtls_rsa_key_len_func ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]555 TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt ) == ret );
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]556 }
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]557#endif
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]558
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]559 mbedtls_pk_free( &pub );
560 mbedtls_pk_free( &prv );
561 mbedtls_pk_free( &alt );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]562}
563/* END_CASE */
564
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]565/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]566void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]567 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]568 char * input_E, data_t * result_str,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]569 int result )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]570{
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]571 unsigned char hash_result[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]572 mbedtls_rsa_context *rsa;
573 mbedtls_pk_context pk;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]574 mbedtls_pk_restart_ctx *rs_ctx = NULL;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]575#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]576 mbedtls_pk_restart_ctx ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]577
578 rs_ctx = &ctx;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]579 mbedtls_pk_restart_init( rs_ctx );
Manuel Pégourié-Gonnard4edb9cb2018-07-02 12:23:23 +0200[diff] [blame]580 // this setting would ensure restart would happen if ECC was used
581 mbedtls_ecp_set_max_ops( 1 );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]582#endif
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]583
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]584 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]585
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]586 memset( hash_result, 0x00, 1000 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]587
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]588 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]589 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]590
Paul Bakker42099c32014-01-27 11:45:49 +0100[diff] [blame]591 rsa->len = mod / 8;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]592 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
593 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]594
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]595
Hanno Beckera5cedbc2019-07-17 11:21:02 +0100[diff] [blame]596 if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]597 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]598
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]599 TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]600 result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]601
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]602 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, digest, hash_result, 0,
Manuel Pégourié-Gonnard125af942018-09-11 11:08:12 +0200[diff] [blame]603 result_str->x, mbedtls_pk_get_len( &pk ), rs_ctx ) == result );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]604
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]605exit:
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]606#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]607 mbedtls_pk_restart_free( rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]608#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]609 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]610}
611/* END_CASE */
612
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]613/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]614void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]615 int mod, int radix_N, char * input_N,
616 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]617 data_t * result_str, int pk_type,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]618 int mgf1_hash_id, int salt_len, int result )
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]619{
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]620 unsigned char hash_result[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]621 mbedtls_rsa_context *rsa;
622 mbedtls_pk_context pk;
623 mbedtls_pk_rsassa_pss_options pss_opts;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]624 void *options;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]625 size_t hash_len;
626
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]627 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]628
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]629 memset( hash_result, 0x00, 1000 );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]630
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]631 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]632 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]633
634 rsa->len = mod / 8;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]635 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
636 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]637
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]638
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]639 if( digest != MBEDTLS_MD_NONE )
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]640 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]641 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ),
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]642 message_str->x, message_str->len, hash_result ) == 0 );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]643 hash_len = 0;
644 }
645 else
646 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]647 memcpy( hash_result, message_str->x, message_str->len );
648 hash_len = message_str->len;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]649 }
650
651 if( mgf1_hash_id < 0 )
652 {
653 options = NULL;
654 }
655 else
656 {
657 options = &pss_opts;
658
659 pss_opts.mgf1_hash_id = mgf1_hash_id;
660 pss_opts.expected_salt_len = salt_len;
661 }
662
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]663 TEST_ASSERT( mbedtls_pk_verify_ext( pk_type, options, &pk,
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]664 digest, hash_result, hash_len,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]665 result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]666
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]667exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]668 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]669}
670/* END_CASE */
671
Hanno Beckerc10c9bf2019-08-21 13:40:36 +0100[diff] [blame]672/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:!MBEDTLS_USE_TINYCRYPT */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]673void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash,
674 data_t * sig, int ret )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]675{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]676 mbedtls_pk_context pk;
677 mbedtls_ecp_keypair *eckey;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]678
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]679 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]680
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]681
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]682 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]683
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]684 TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) );
685 eckey = mbedtls_pk_ec( pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]686
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]687 TEST_ASSERT( mbedtls_ecp_group_load( &eckey->grp, id ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]688 TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]689 key->x, key->len ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]690
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]691 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]692 hash->x, hash->len, sig->x, sig->len ) == ret );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]693
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]694exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]695 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]696}
697/* END_CASE */
698
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]699/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */
700void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
701 char *QX_str, char *QY_str,
702 int md_alg, char *msg, char *sig_str,
703 int max_ops, int min_restart, int max_restart )
704{
705 int ret, cnt_restart;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]706 mbedtls_pk_restart_ctx rs_ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]707 mbedtls_pk_context prv, pub;
708 unsigned char hash[MBEDTLS_MD_MAX_SIZE];
709 unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
710 unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
711 size_t hlen, slen, slen_check;
Hanno Beckera5cedbc2019-07-17 11:21:02 +0100[diff] [blame]712 mbedtls_md_handle_t md_info;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]713
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]714 mbedtls_pk_restart_init( &rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]715 mbedtls_pk_init( &prv );
716 mbedtls_pk_init( &pub );
717 memset( hash, 0, sizeof( hash ) );
718 memset( sig, 0, sizeof( sig ) );
719 memset( sig_check, 0, sizeof( sig_check ) );
720
721 TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
722 TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 );
723 TEST_ASSERT( mbedtls_mpi_read_string( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 );
724
725 TEST_ASSERT( mbedtls_pk_setup( &pub, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
726 TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 );
727 TEST_ASSERT( mbedtls_ecp_point_read_string( &mbedtls_pk_ec( pub )->Q, 16, QX_str, QY_str ) == 0 );
728
729 slen_check = unhexify( sig_check, sig_str );
730
731 md_info = mbedtls_md_info_from_type( md_alg );
Hanno Beckera5cedbc2019-07-17 11:21:02 +0100[diff] [blame]732 TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]733
734 hlen = mbedtls_md_get_size( md_info );
735 mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash );
736
737 mbedtls_ecp_set_max_ops( max_ops );
738
739 slen = sizeof( sig );
740 cnt_restart = 0;
741 do {
742 ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
743 sig, &slen, NULL, NULL, &rs_ctx );
744 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
745
746 TEST_ASSERT( ret == 0 );
747 TEST_ASSERT( slen == slen_check );
748 TEST_ASSERT( memcmp( sig, sig_check, slen ) == 0 );
749
750 TEST_ASSERT( cnt_restart >= min_restart );
751 TEST_ASSERT( cnt_restart <= max_restart );
752
753 cnt_restart = 0;
754 do {
755 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
756 hash, hlen, sig, slen, &rs_ctx );
757 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
758
759 TEST_ASSERT( ret == 0 );
760 TEST_ASSERT( cnt_restart >= min_restart );
761 TEST_ASSERT( cnt_restart <= max_restart );
762
763 hash[0]++;
764 do {
765 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
766 hash, hlen, sig, slen, &rs_ctx );
767 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
768 TEST_ASSERT( ret != 0 );
769 hash[0]--;
770
771 sig[0]++;
772 do {
773 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
774 hash, hlen, sig, slen, &rs_ctx );
775 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
776 TEST_ASSERT( ret != 0 );
777 sig[0]--;
778
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]779 /* Do we leak memory when aborting? try verify then sign
780 * This test only makes sense when we actually restart */
781 if( min_restart > 0 )
782 {
783 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
784 hash, hlen, sig, slen, &rs_ctx );
785 TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
786 mbedtls_pk_restart_free( &rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]787
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]788 slen = sizeof( sig );
789 ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
790 sig, &slen, NULL, NULL, &rs_ctx );
791 TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
792 }
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]793
794exit:
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]795 mbedtls_pk_restart_free( &rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]796 mbedtls_pk_free( &prv );
797 mbedtls_pk_free( &pub );
798}
799/* END_CASE */
800
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]801/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]802void pk_sign_verify( int type, int sign_ret, int verify_ret )
803{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]804 mbedtls_pk_context pk;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]805 unsigned char hash[50], sig[5000];
806 size_t sig_len;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]807 void *rs_ctx = NULL;
808#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]809 mbedtls_pk_restart_ctx ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]810
811 rs_ctx = &ctx;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]812 mbedtls_pk_restart_init( rs_ctx );
Manuel Pégourié-Gonnard4edb9cb2018-07-02 12:23:23 +0200[diff] [blame]813 /* This value is large enough that the operation will complete in one run.
814 * See comments at the top of ecp_test_vect_restart in
815 * test_suite_ecp.function for estimates of operation counts. */
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]816 mbedtls_ecp_set_max_ops( 42000 );
817#endif
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]818
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]819 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]820
821 memset( hash, 0x2a, sizeof hash );
822 memset( sig, 0, sizeof sig );
823
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]824 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]825 TEST_ASSERT( pk_genkey( &pk ) == 0 );
826
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]827 TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256,
828 hash, sizeof hash, sig, &sig_len,
829 rnd_std_rand, NULL, rs_ctx ) == sign_ret );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]830
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]831 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]832 hash, sizeof hash, sig, sig_len ) == verify_ret );
833
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]834 if( verify_ret == 0 )
835 {
836 hash[0]++;
837 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
838 hash, sizeof hash, sig, sig_len ) != 0 );
839 hash[0]--;
840
841 sig[0]++;
842 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
843 hash, sizeof hash, sig, sig_len ) != 0 );
844 sig[0]--;
845 }
846
847 TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
848 sig, &sig_len, rnd_std_rand, NULL ) == sign_ret );
849
850 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
851 hash, sizeof hash, sig, sig_len, rs_ctx ) == verify_ret );
852
853 if( verify_ret == 0 )
854 {
855 hash[0]++;
856 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
857 hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
858 hash[0]--;
859
860 sig[0]++;
861 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
862 hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
863 sig[0]--;
864 }
865
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]866exit:
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]867#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]868 mbedtls_pk_restart_free( rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]869#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]870 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]871}
872/* END_CASE */
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]873
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]874/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]875void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]876 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]877 data_t * result, int ret )
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]878{
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]879 unsigned char output[1000];
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]880 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]881 mbedtls_rsa_context *rsa;
882 mbedtls_pk_context pk;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]883 size_t olen;
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]884
885 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]886 memset( output, 0, sizeof( output ) );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]887
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]888
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]889 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]890 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]891 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]892
893 rsa->len = mod / 8;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]894 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
895 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]896
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]897 TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len,
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]898 output, &olen, sizeof( output ),
899 rnd_pseudo_rand, &rnd_info ) == ret );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]900 TEST_ASSERT( olen == result->len );
901 TEST_ASSERT( memcmp( output, result->x, olen ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]902
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]903exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]904 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]905}
906/* END_CASE */
907
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]908/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]909void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]910 char * input_P, int radix_Q, char * input_Q,
911 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]912 char * input_E, data_t * clear, int ret )
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]913{
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]914 unsigned char output[1000];
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]915 rnd_pseudo_info rnd_info;
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]916 mbedtls_mpi N, P, Q, E;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]917 mbedtls_rsa_context *rsa;
918 mbedtls_pk_context pk;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]919 size_t olen;
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]920
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]921 mbedtls_pk_init( &pk );
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]922 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
923 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]924
925 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]926
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]927
928 /* init pk-rsa context */
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]929 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]930 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]931
932 /* load public key */
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]933 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
934 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]935
936 /* load private key */
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]937 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
938 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
939 TEST_ASSERT( mbedtls_rsa_import( rsa, &N, &P, &Q, NULL, &E ) == 0 );
940 TEST_ASSERT( mbedtls_rsa_get_len( rsa ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]941 TEST_ASSERT( mbedtls_rsa_complete( rsa ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]942
943 /* decryption test */
944 memset( output, 0, sizeof( output ) );
945 olen = 0;
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]946 TEST_ASSERT( mbedtls_pk_decrypt( &pk, cipher->x, cipher->len,
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]947 output, &olen, sizeof( output ),
948 rnd_pseudo_rand, &rnd_info ) == ret );
949 if( ret == 0 )
950 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]951 TEST_ASSERT( olen == clear->len );
952 TEST_ASSERT( memcmp( output, clear->x, olen ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]953 }
954
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]955exit:
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]956 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
957 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]958 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]959}
960/* END_CASE */
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]961
962/* BEGIN_CASE */
963void pk_ec_nocrypt( int type )
964{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]965 mbedtls_pk_context pk;
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]966 unsigned char output[100];
967 unsigned char input[100];
968 rnd_pseudo_info rnd_info;
969 size_t olen = 0;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]970 int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]971
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]972 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]973
974 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
975 memset( output, 0, sizeof( output ) );
976 memset( input, 0, sizeof( input ) );
977
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]978 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]979
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]980 TEST_ASSERT( mbedtls_pk_encrypt( &pk, input, sizeof( input ),
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]981 output, &olen, sizeof( output ),
982 rnd_pseudo_rand, &rnd_info ) == ret );
983
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]984 TEST_ASSERT( mbedtls_pk_decrypt( &pk, input, sizeof( input ),
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]985 output, &olen, sizeof( output ),
986 rnd_pseudo_rand, &rnd_info ) == ret );
987
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]988exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]989 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]990}
991/* END_CASE */
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]992
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]993/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]994void pk_rsa_overflow( )
995{
996 mbedtls_pk_context pk;
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]997 size_t hash_len = SIZE_MAX, sig_len = SIZE_MAX;
998 unsigned char hash[50], sig[100];
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]999
1000 if( SIZE_MAX <= UINT_MAX )
1001 return;
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1002
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1003 memset( hash, 0x2a, sizeof hash );
1004 memset( sig, 0, sizeof sig );
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1005
1006 mbedtls_pk_init( &pk );
1007
1008 TEST_ASSERT( mbedtls_pk_setup( &pk,
1009 mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
1010
1011#if defined(MBEDTLS_PKCS1_V21)
1012 TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, NULL, &pk,
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1013 MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len ) ==
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1014 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
1015#endif /* MBEDTLS_PKCS1_V21 */
1016
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1017 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE, hash, hash_len,
1018 sig, sig_len ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA );
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1019
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1020 TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, hash, hash_len, sig, &sig_len,
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1021 rnd_std_rand, NULL ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA );
1022
1023exit:
1024 mbedtls_pk_free( &pk );
1025}
1026/* END_CASE */
1027
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1028/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1029void pk_rsa_alt( )
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1030{
1031 /*
1032 * An rsa_alt context can only do private operations (decrypt, sign).
1033 * Test it against the public operations (encrypt, verify) of a
1034 * corresponding rsa context.
1035 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1036 mbedtls_rsa_context raw;
1037 mbedtls_pk_context rsa, alt;
1038 mbedtls_pk_debug_item dbg_items[10];
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1039 unsigned char hash[50], sig[1000];
1040 unsigned char msg[50], ciph[1000], test[1000];
1041 size_t sig_len, ciph_len, test_len;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1042 int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1043
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1044 mbedtls_rsa_init( &raw, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
1045 mbedtls_pk_init( &rsa ); mbedtls_pk_init( &alt );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1046
1047 memset( hash, 0x2a, sizeof hash );
1048 memset( sig, 0, sizeof sig );
1049 memset( msg, 0x2a, sizeof msg );
1050 memset( ciph, 0, sizeof ciph );
1051 memset( test, 0, sizeof test );
1052
1053 /* Initiliaze PK RSA context with random key */
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]1054 TEST_ASSERT( mbedtls_pk_setup( &rsa,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1055 mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1056 TEST_ASSERT( pk_genkey( &rsa ) == 0 );
1057
1058 /* Extract key to the raw rsa context */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1059 TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1060
1061 /* Initialize PK RSA_ALT context */
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]1062 TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, (void *) &raw,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1063 mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, mbedtls_rsa_key_len_func ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1064
1065 /* Test administrative functions */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1066 TEST_ASSERT( mbedtls_pk_can_do( &alt, MBEDTLS_PK_RSA ) );
Manuel Pégourié-Gonnard097c7bb2015-06-18 16:43:38 +0200[diff] [blame]1067 TEST_ASSERT( mbedtls_pk_get_bitlen( &alt ) == RSA_KEY_SIZE );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1068 TEST_ASSERT( mbedtls_pk_get_len( &alt ) == RSA_KEY_LEN );
1069 TEST_ASSERT( mbedtls_pk_get_type( &alt ) == MBEDTLS_PK_RSA_ALT );
1070 TEST_ASSERT( strcmp( mbedtls_pk_get_name( &alt ), "RSA-alt" ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1071
1072 /* Test signature */
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]1073#if SIZE_MAX > UINT_MAX
1074 TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, SIZE_MAX,
1075 sig, &sig_len, rnd_std_rand, NULL ) ==
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1076 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]1077#endif /* SIZE_MAX > UINT_MAX */
1078 TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, sizeof hash,
1079 sig, &sig_len, rnd_std_rand, NULL ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1080 TEST_ASSERT( sig_len == RSA_KEY_LEN );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1081 TEST_ASSERT( mbedtls_pk_verify( &rsa, MBEDTLS_MD_NONE,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1082 hash, sizeof hash, sig, sig_len ) == 0 );
1083
1084 /* Test decrypt */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1085 TEST_ASSERT( mbedtls_pk_encrypt( &rsa, msg, sizeof msg,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1086 ciph, &ciph_len, sizeof ciph,
1087 rnd_std_rand, NULL ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1088 TEST_ASSERT( mbedtls_pk_decrypt( &alt, ciph, ciph_len,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1089 test, &test_len, sizeof test,
1090 rnd_std_rand, NULL ) == 0 );
1091 TEST_ASSERT( test_len == sizeof msg );
1092 TEST_ASSERT( memcmp( test, msg, test_len ) == 0 );
1093
1094 /* Test forbidden operations */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1095 TEST_ASSERT( mbedtls_pk_encrypt( &alt, msg, sizeof msg,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1096 ciph, &ciph_len, sizeof ciph,
1097 rnd_std_rand, NULL ) == ret );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1098 TEST_ASSERT( mbedtls_pk_verify( &alt, MBEDTLS_MD_NONE,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1099 hash, sizeof hash, sig, sig_len ) == ret );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1100 TEST_ASSERT( mbedtls_pk_debug( &alt, dbg_items ) == ret );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1101
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1102exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1103 mbedtls_rsa_free( &raw );
1104 mbedtls_pk_free( &rsa ); mbedtls_pk_free( &alt );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1105}
1106/* END_CASE */