TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / HEAD / . / tests / suites / test_suite_pkparse.function
blob: 942dae388a0a69aedb2e5c03a727655f13649204 [file] [log] [blame]
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/pk.h"
3#include "mbedtls/pem.h"
4#include "mbedtls/oid.h"
Valerio Settifa49a8e2023-01-26 10:00:55 +0100[diff] [blame]5#include "mbedtls/ecp.h"
Valerio Settiaed87992023-07-04 19:58:43 +0200[diff] [blame]6#include "mbedtls/psa_util.h"
Valerio Setti77a75682023-05-15 11:18:46 +0200[diff] [blame]7#include "pk_internal.h"
Waleed Elmelegy38202a22023-09-21 15:21:10 +0100[diff] [blame]8
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]9#if defined(MBEDTLS_PSA_CRYPTO_C)
10#include "test/psa_exercise_key.h"
11#endif
12
Waleed Elmelegy38202a22023-09-21 15:21:10 +0100[diff] [blame]13#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
14#define HAVE_mbedtls_pk_parse_key_pkcs8_encrypted_der
15#endif
16
Gilles Peskine1d338762024-02-12 14:18:26 +0100[diff] [blame]17#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_FS_IO)
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]18static int test_psa_bridge(const mbedtls_pk_context *ctx,
19 psa_key_usage_t usage_flag)
20{
21 switch (usage_flag) {
22 case PSA_KEY_USAGE_SIGN_HASH:
23 mbedtls_test_set_step(0);
24 break;
25 case PSA_KEY_USAGE_SIGN_MESSAGE:
26 mbedtls_test_set_step(1);
27 break;
28 case PSA_KEY_USAGE_DECRYPT:
29 mbedtls_test_set_step(2);
30 break;
31 case PSA_KEY_USAGE_DERIVE:
32 mbedtls_test_set_step(3);
33 break;
34 case PSA_KEY_USAGE_VERIFY_HASH:
35 mbedtls_test_set_step(4);
36 break;
37 case PSA_KEY_USAGE_VERIFY_MESSAGE:
38 mbedtls_test_set_step(5);
39 break;
40 case PSA_KEY_USAGE_ENCRYPT:
41 mbedtls_test_set_step(6);
42 break;
43 }
44
45 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
46 mbedtls_svc_key_id_t psa_key = MBEDTLS_SVC_KEY_ID_INIT;
47 int ok = 0;
48
49 TEST_EQUAL(mbedtls_pk_get_psa_attributes(ctx, usage_flag, &attributes), 0);
Gilles Peskinee6b6c142024-04-22 17:18:13 +0200[diff] [blame]50 int ret = mbedtls_pk_import_into_psa(ctx, &attributes, &psa_key);
51 if (mbedtls_pk_get_type(ctx) == MBEDTLS_PK_RSA &&
52 mbedtls_pk_get_bitlen(ctx) % 8 != 0 &&
53 ret == MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) {
54 /* There is a historical limitation with support for RSA keys in PSA:
55 * only byte-aligned sizes are supported.
56 * https://github.com/Mbed-TLS/mbedtls/issues/9048
57 * For now, for such keys, treat not-supported from PSA as a success.
58 */
59 ok = 1;
60 goto exit;
61 }
62 TEST_EQUAL(ret, 0);
Gilles Peskine2ec141a2024-02-15 17:22:37 +0100[diff] [blame]63 if (!mbedtls_test_key_consistency_psa_pk(psa_key, ctx)) {
64 goto exit;
65 }
Gilles Peskine34955672024-02-12 14:19:24 +0100[diff] [blame]66
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]67 psa_algorithm_t exercise_usage = psa_get_key_usage_flags(&attributes);
68 psa_algorithm_t exercise_alg = psa_get_key_algorithm(&attributes);
Gilles Peskine34955672024-02-12 14:19:24 +0100[diff] [blame]69 if (mbedtls_test_can_exercise_psa_algorithm(exercise_alg)) {
70 TEST_ASSERT(mbedtls_test_psa_exercise_key(psa_key,
71 exercise_usage,
Ryan Everett0a271fd2024-03-12 16:34:02 +0000[diff] [blame]72 exercise_alg, 0));
Gilles Peskine34955672024-02-12 14:19:24 +0100[diff] [blame]73 }
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]74
75 mbedtls_test_set_step((unsigned long) -1);
76 ok = 1;
77
78exit:
79 psa_destroy_key(psa_key);
80 psa_reset_key_attributes(&attributes);
81 return ok;
82}
83
Gilles Peskine1d338762024-02-12 14:18:26 +0100[diff] [blame]84#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]85/* Whether a pk key can do ECDSA. Opaque keys are not supported since this
86 * test suite does not create opaque keys. */
87static int pk_can_ecdsa(const mbedtls_pk_context *ctx)
88{
89 /* Check whether we have an EC key. Unfortunately this also accepts
90 * keys on Montgomery curves, which can only do ECDH, so we'll have
91 * to dig further. */
92 if (!mbedtls_pk_can_do(ctx, MBEDTLS_PK_ECDSA)) {
93 return 0;
94 }
95#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
96 return ctx->ec_family != PSA_ECC_FAMILY_MONTGOMERY;
97#elif defined(MBEDTLS_ECDSA_C)
98 return mbedtls_ecdsa_can_do(mbedtls_pk_ec_ro(*ctx)->grp.id);
99#else
100 return 0;
101#endif
102}
Gilles Peskine1d338762024-02-12 14:18:26 +0100[diff] [blame]103#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
104#endif /* MBEDTLS_PSA_CRYPTO_C && && MBEDTLS_FS_IO */
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]105
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]106/* END_HEADER */
107
108/* BEGIN_DEPENDENCIES
Valerio Settic5d85e52023-07-26 18:12:23 +0200[diff] [blame]109 * depends_on:MBEDTLS_PK_PARSE_C
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]110 * END_DEPENDENCIES
111 */
112
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]113/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]114void pk_parse_keyfile_rsa(char *key_file, char *password, int result)
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]115{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]116 mbedtls_pk_context ctx;
Gilles Peskine8369b4a2024-11-04 18:21:57 +0100[diff] [blame]117 mbedtls_pk_init(&ctx);
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]118 int res;
119 char *pwd = password;
120
Valerio Setti14bfdbf2023-04-24 13:53:21 +0200[diff] [blame]121 MD_PSA_INIT();
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]122
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]123 if (strcmp(pwd, "NULL") == 0) {
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]124 pwd = NULL;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]125 }
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]126
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]127 res = mbedtls_pk_parse_keyfile(&ctx, key_file, pwd,
128 mbedtls_test_rnd_std_rand, NULL);
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]129
Gilles Peskine799befd2023-11-15 11:04:08 +0100[diff] [blame]130 TEST_EQUAL(res, result);
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]131
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]132 if (res == 0) {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]133 mbedtls_rsa_context *rsa;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]134 TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA));
135 rsa = mbedtls_pk_rsa(ctx);
Gilles Peskine799befd2023-11-15 11:04:08 +0100[diff] [blame]136 TEST_EQUAL(mbedtls_rsa_check_privkey(rsa), 0);
Gilles Peskined0783862024-02-02 13:13:34 +0100[diff] [blame]137
Gilles Peskine92fb6042024-02-01 22:33:06 +0100[diff] [blame]138 size_t bitlen = mbedtls_rsa_get_bitlen(rsa);
139 TEST_EQUAL(mbedtls_pk_get_bitlen(&ctx), bitlen);
140 TEST_EQUAL(mbedtls_pk_get_len(&ctx), (bitlen + 7) / 8);
141
Gilles Peskined0783862024-02-02 13:13:34 +0100[diff] [blame]142#if defined(MBEDTLS_PSA_CRYPTO_C)
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]143 PSA_INIT();
144 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_SIGN_HASH));
145 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_SIGN_MESSAGE));
146 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_DECRYPT));
147 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_HASH));
148 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_MESSAGE));
149 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_ENCRYPT));
Gilles Peskined0783862024-02-02 13:13:34 +0100[diff] [blame]150#endif
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]151 }
152
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]153exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]154 mbedtls_pk_free(&ctx);
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]155 PSA_DONE();
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]156}
Manuel Pégourié-Gonnardfa99afa2023-03-17 11:59:12 +0100[diff] [blame]157
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]158/* END_CASE */
159
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]160/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]161void pk_parse_public_keyfile_rsa(char *key_file, int result)
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]162{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]163 mbedtls_pk_context ctx;
Gilles Peskine8369b4a2024-11-04 18:21:57 +0100[diff] [blame]164 mbedtls_pk_init(&ctx);
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]165 int res;
166
Valerio Setti14bfdbf2023-04-24 13:53:21 +0200[diff] [blame]167 MD_PSA_INIT();
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]168
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]169 res = mbedtls_pk_parse_public_keyfile(&ctx, key_file);
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]170
Gilles Peskine799befd2023-11-15 11:04:08 +0100[diff] [blame]171 TEST_EQUAL(res, result);
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]172
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]173 if (res == 0) {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]174 mbedtls_rsa_context *rsa;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]175 TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA));
176 rsa = mbedtls_pk_rsa(ctx);
Gilles Peskine799befd2023-11-15 11:04:08 +0100[diff] [blame]177 TEST_EQUAL(mbedtls_rsa_check_pubkey(rsa), 0);
Gilles Peskined0783862024-02-02 13:13:34 +0100[diff] [blame]178
Gilles Peskine069cec12024-02-12 16:59:17 +0100[diff] [blame]179 size_t bitlen = mbedtls_rsa_get_bitlen(rsa);
180 TEST_EQUAL(mbedtls_pk_get_bitlen(&ctx), bitlen);
181 TEST_EQUAL(mbedtls_pk_get_len(&ctx), (bitlen + 7) / 8);
182
Gilles Peskined0783862024-02-02 13:13:34 +0100[diff] [blame]183#if defined(MBEDTLS_PSA_CRYPTO_C)
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]184 PSA_INIT();
185 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_HASH));
186 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_MESSAGE));
187 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_ENCRYPT));
Gilles Peskined0783862024-02-02 13:13:34 +0100[diff] [blame]188#endif
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]189 }
190
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]191exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]192 mbedtls_pk_free(&ctx);
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]193 PSA_DONE();
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]194}
195/* END_CASE */
196
Valerio Setti545a0d62023-06-14 14:56:48 +0200[diff] [blame]197/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_PK_HAVE_ECC_KEYS */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]198void pk_parse_public_keyfile_ec(char *key_file, int result)
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]199{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]200 mbedtls_pk_context ctx;
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]201 int res;
202
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]203 mbedtls_pk_init(&ctx);
Pengyu Lvc5d4c462023-11-15 14:20:07 +0800[diff] [blame]204 MD_OR_USE_PSA_INIT();
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]205
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]206 res = mbedtls_pk_parse_public_keyfile(&ctx, key_file);
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]207
Gilles Peskine799befd2023-11-15 11:04:08 +0100[diff] [blame]208 TEST_EQUAL(res, result);
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]209
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]210 if (res == 0) {
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]211 TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY));
Valerio Setti483738e2023-05-17 15:37:29 +0200[diff] [blame]212#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
213 /* No need to check whether the parsed public point is on the curve or
214 * not because this is already done by the internal "pk_get_ecpubkey()"
215 * function */
216#else
217 const mbedtls_ecp_keypair *eckey;
Valerio Setti77a75682023-05-15 11:18:46 +0200[diff] [blame]218 eckey = mbedtls_pk_ec_ro(ctx);
Gilles Peskine799befd2023-11-15 11:04:08 +0100[diff] [blame]219 TEST_EQUAL(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q), 0);
Valerio Setti483738e2023-05-17 15:37:29 +0200[diff] [blame]220#endif
Gilles Peskined0783862024-02-02 13:13:34 +0100[diff] [blame]221
222#if defined(MBEDTLS_PSA_CRYPTO_C)
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]223 PSA_INIT();
224 if (pk_can_ecdsa(&ctx)) {
225 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_HASH));
226 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_MESSAGE));
227 }
Gilles Peskined0783862024-02-02 13:13:34 +0100[diff] [blame]228#endif
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]229 }
230
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]231exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]232 mbedtls_pk_free(&ctx);
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]233 PSA_DONE();
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]234}
235/* END_CASE */
236
Valerio Setti545a0d62023-06-14 14:56:48 +0200[diff] [blame]237/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_PK_HAVE_ECC_KEYS */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]238void pk_parse_keyfile_ec(char *key_file, char *password, int result)
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]239{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]240 mbedtls_pk_context ctx;
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]241 int res;
242
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]243 mbedtls_pk_init(&ctx);
Pengyu Lvc5d4c462023-11-15 14:20:07 +0800[diff] [blame]244 MD_OR_USE_PSA_INIT();
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]245
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]246 res = mbedtls_pk_parse_keyfile(&ctx, key_file, password,
247 mbedtls_test_rnd_std_rand, NULL);
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]248
Gilles Peskine799befd2023-11-15 11:04:08 +0100[diff] [blame]249 TEST_EQUAL(res, result);
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]250
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]251 if (res == 0) {
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]252 TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY));
Gilles Peskined0783862024-02-02 13:13:34 +0100[diff] [blame]253#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
254 /* PSA keys are already checked on import so nothing to do here. */
255#else
Valerio Setti7237d5f2023-05-18 19:00:22 +0200[diff] [blame]256 const mbedtls_ecp_keypair *eckey = mbedtls_pk_ec_ro(ctx);
Gilles Peskine799befd2023-11-15 11:04:08 +0100[diff] [blame]257 TEST_EQUAL(mbedtls_ecp_check_privkey(&eckey->grp, &eckey->d), 0);
Gilles Peskined0783862024-02-02 13:13:34 +0100[diff] [blame]258#endif
259
260#if defined(MBEDTLS_PSA_CRYPTO_C)
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]261 PSA_INIT();
262 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_DERIVE));
263 if (pk_can_ecdsa(&ctx)) {
264 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_SIGN_HASH));
265 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_SIGN_MESSAGE));
266 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_HASH));
267 TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_MESSAGE));
268 }
Valerio Setti7237d5f2023-05-18 19:00:22 +0200[diff] [blame]269#endif
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]270 }
271
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]272exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]273 mbedtls_pk_free(&ctx);
Gilles Peskine157679c2024-02-09 19:29:44 +0100[diff] [blame]274 PSA_DONE();
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]275}
276/* END_CASE */
277
Manuel Pégourié-Gonnardb65370f2020-02-10 10:50:16 +0100[diff] [blame]278/* BEGIN_CASE */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]279void pk_parse_key(data_t *buf, int result)
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]280{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]281 mbedtls_pk_context pk;
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]282
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]283 mbedtls_pk_init(&pk);
Valerio Setti14bfdbf2023-04-24 13:53:21 +0200[diff] [blame]284 USE_PSA_INIT();
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]285
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]286 TEST_ASSERT(mbedtls_pk_parse_key(&pk, buf->x, buf->len, NULL, 0,
287 mbedtls_test_rnd_std_rand, NULL) == result);
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]288
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]289exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]290 mbedtls_pk_free(&pk);
Valerio Setti14bfdbf2023-04-24 13:53:21 +0200[diff] [blame]291 USE_PSA_DONE();
Paul Bakker1a7550a2013-09-15 13:01:22 +0200[diff] [blame]292}
293/* END_CASE */
Valerio Settiaed87992023-07-04 19:58:43 +0200[diff] [blame]294
Waleed Elmelegy38202a22023-09-21 15:21:10 +0100[diff] [blame]295/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:HAVE_mbedtls_pk_parse_key_pkcs8_encrypted_der */
Waleed Elmelegy1db5cda2023-09-20 18:00:48 +0100[diff] [blame]296void pk_parse_key_encrypted(data_t *buf, data_t *pass, int result)
297{
298 mbedtls_pk_context pk;
299
300 mbedtls_pk_init(&pk);
301 USE_PSA_INIT();
Waleed Elmelegy38202a22023-09-21 15:21:10 +0100[diff] [blame]302
Waleed Elmelegy9d4d8eb2023-09-21 08:27:39 +0100[diff] [blame]303 TEST_EQUAL(mbedtls_pk_parse_key_pkcs8_encrypted_der(&pk, buf->x, buf->len,
Waleed Elmelegy556a0792023-09-21 09:19:56 +0100[diff] [blame]304 pass->x, pass->len,
305 mbedtls_test_rnd_std_rand,
306 NULL), result);
Waleed Elmelegy1db5cda2023-09-20 18:00:48 +0100[diff] [blame]307exit:
308 mbedtls_pk_free(&pk);
309 USE_PSA_DONE();
310}
311/* END_CASE */
312
Valerio Settid476faa2023-07-05 10:33:53 +0200[diff] [blame]313/* BEGIN_CASE depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_WRITE_C */
314void pk_parse_fix_montgomery(data_t *input_key, data_t *exp_output)
Valerio Settiaed87992023-07-04 19:58:43 +0200[diff] [blame]315{
316 /* Montgomery keys have specific bits set to either 0 or 1 depending on
317 * their position. This is enforced during parsing (please see the implementation
318 * of mbedtls_ecp_read_key() for more details). The scope of this function
319 * is to verify this enforcing by feeding the parse algorithm with a x25519
320 * key which does not have those bits set properly. */
321 mbedtls_pk_context pk;
322 unsigned char *output_key = NULL;
323 size_t output_key_len = 0;
324
325 mbedtls_pk_init(&pk);
326 USE_PSA_INIT();
327
328 TEST_EQUAL(mbedtls_pk_parse_key(&pk, input_key->x, input_key->len, NULL, 0,
329 mbedtls_test_rnd_std_rand, NULL), 0);
330
331 output_key_len = input_key->len;
Tom Cosgrove05b2a872023-07-21 11:31:13 +0100[diff] [blame]332 TEST_CALLOC(output_key, output_key_len);
Valerio Settiaed87992023-07-04 19:58:43 +0200[diff] [blame]333 /* output_key_len is updated with the real amount of data written to
334 * output_key buffer. */
335 output_key_len = mbedtls_pk_write_key_der(&pk, output_key, output_key_len);
336 TEST_ASSERT(output_key_len > 0);
337
Tom Cosgrovee4e9e7d2023-07-21 11:40:20 +0100[diff] [blame]338 TEST_MEMORY_COMPARE(exp_output->x, exp_output->len, output_key, output_key_len);
Valerio Settiaed87992023-07-04 19:58:43 +0200[diff] [blame]339
340exit:
341 if (output_key != NULL) {
342 mbedtls_free(output_key);
343 }
344 mbedtls_pk_free(&pk);
345 USE_PSA_DONE();
346}
347/* END_CASE */