TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / c0eabdc63657f784dee45167b010534cd3924cfa / . / tests / suites / test_suite_pk.function
blob: 271d71efb5539ed74aafa9fea1af5441c529b5f7 [file] [log] [blame]
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/pk.h"
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]3
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]4/* For error codes */
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]5#include "mbedtls/asn1.h"
6#include "mbedtls/base64.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]7#include "mbedtls/ecp.h"
8#include "mbedtls/rsa.h"
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]9
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]10#include <limits.h>
Andres Amaya Garcia6ff067d2017-06-09 14:26:59 +0100[diff] [blame]11#include <stdint.h>
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]12
Gilles Peskine33b1c692019-12-19 00:09:47 +0100[diff] [blame]13/* Needed only for test case data under #if defined(MBEDTLS_USE_PSA_CRYPTO),
14 * but the test code generator requires test case data to be valid C code
15 * unconditionally (https://github.com/ARMmbed/mbedtls/issues/2023). */
16#include "psa/crypto.h"
17
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]18#define RSA_KEY_SIZE 512
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]19#define RSA_KEY_LEN 64
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]20
Gilles Peskinee48fe552019-11-05 16:42:13 +0100[diff] [blame]21/** Generate a key of the desired type.
22 *
23 * \param pk The PK object to fill. It must have been initialized
24 * with mbedtls_pk_setup().
25 * \param parameter - For RSA keys, the key size in bits.
26 * - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx).
27 *
28 * \return The status from the underlying type-specific key
29 * generation function.
30 * \return -1 if the key type is not recognized.
31 */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]32static int pk_genkey(mbedtls_pk_context *pk, int parameter)
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]33{
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]34 ((void)pk);
35 (void)parameter;
Paul Bakkera5320902013-12-19 17:29:52 +0100[diff] [blame]36
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]37#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]38 if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_RSA)
39 return mbedtls_rsa_gen_key(
40 mbedtls_pk_rsa(*pk), mbedtls_test_rnd_std_rand, NULL, parameter, 3);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]41#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]42#if defined(MBEDTLS_ECP_C)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]43 if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY ||
44 mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY_DH ||
45 mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECDSA) {
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]46 int ret;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]47 if ((ret = mbedtls_ecp_group_load(&mbedtls_pk_ec(*pk)->grp,
48 parameter)) != 0)
49 return ret;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]50
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]51 return mbedtls_ecp_gen_keypair(&mbedtls_pk_ec(*pk)->grp,
52 &mbedtls_pk_ec(*pk)->d,
53 &mbedtls_pk_ec(*pk)->Q,
54 mbedtls_test_rnd_std_rand, NULL);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]55 }
56#endif
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]57 return -1;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]58}
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]59
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]60#if defined(MBEDTLS_RSA_C)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]61int mbedtls_rsa_decrypt_func(void *ctx,
62 size_t *olen,
63 const unsigned char *input,
64 unsigned char *output,
65 size_t output_max_len)
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]66{
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]67 return (mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *)ctx,
68 mbedtls_test_rnd_std_rand, NULL, olen,
69 input, output, output_max_len));
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]70}
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]71int mbedtls_rsa_sign_func(void *ctx,
72 int (*f_rng)(void *, unsigned char *, size_t),
73 void *p_rng,
74 mbedtls_md_type_t md_alg,
75 unsigned int hashlen,
76 const unsigned char *hash,
77 unsigned char *sig)
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]78{
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]79 ((void)f_rng);
80 ((void)p_rng);
81 return (mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *)ctx,
82 mbedtls_test_rnd_std_rand, NULL, md_alg,
83 hashlen, hash, sig));
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]84}
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]85size_t mbedtls_rsa_key_len_func(void *ctx)
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]86{
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]87 return ((const mbedtls_rsa_context *)ctx)->len;
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]88}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]89#endif /* MBEDTLS_RSA_C */
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]90
91#if defined(MBEDTLS_USE_PSA_CRYPTO)
92
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]93/*
Ronald Cron5425a212020-08-04 14:58:35 +0200[diff] [blame]94 * Generate a key using PSA and return the key identifier of that key,
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]95 * or 0 if the key generation failed.
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]96 * The key uses NIST P-256 and is usable for signing with SHA-256.
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]97 */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]98mbedtls_svc_key_id_t pk_psa_genkey(void)
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]99{
Ronald Cron5425a212020-08-04 14:58:35 +0200[diff] [blame]100 mbedtls_svc_key_id_t key;
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]101 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
Gilles Peskine89177e82019-12-03 21:19:09 +0100[diff] [blame]102 const psa_key_type_t type =
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]103 PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1);
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]104 const size_t bits = 256;
105
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]106 psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH);
107 psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256));
108 psa_set_key_type(&attributes, type);
109 psa_set_key_bits(&attributes, bits);
110 PSA_ASSERT(psa_generate_key(&attributes, &key));
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]111
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]112exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]113 return key;
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]114}
115#endif /* MBEDTLS_USE_PSA_CRYPTO */
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]116/* END_HEADER */
117
118/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]119 * depends_on:MBEDTLS_PK_C
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]120 * END_DEPENDENCIES
121 */
122
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]123/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]124void pk_psa_utils()
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]125{
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]126 mbedtls_pk_context pk, pk2;
Ronald Cron5425a212020-08-04 14:58:35 +0200[diff] [blame]127 mbedtls_svc_key_id_t key;
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]128 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]129
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]130 const char *const name = "Opaque";
Manuel Pégourié-Gonnard0184b3c2018-10-31 10:36:51 +0100[diff] [blame]131 const size_t bitlen = 256; /* harcoded in genkey() */
132
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]133 mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
134 unsigned char b1[1], b2[1];
135 size_t len;
136 mbedtls_pk_debug_item dbg;
137
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]138 PSA_ASSERT(psa_crypto_init());
Jaeden Amero3ea26872019-02-13 11:30:22 +0000[diff] [blame]139
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]140 mbedtls_pk_init(&pk);
141 mbedtls_pk_init(&pk2);
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]142
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]143 TEST_ASSERT(psa_crypto_init() == PSA_SUCCESS);
Gilles Peskine69c0ea22019-06-07 15:38:59 +0200[diff] [blame]144
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]145 TEST_ASSERT(mbedtls_pk_setup_opaque(&pk, MBEDTLS_SVC_KEY_ID_INIT) ==
146 MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Manuel Pégourié-Gonnard920c0632018-10-31 10:57:29 +0100[diff] [blame]147
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]148 mbedtls_pk_free(&pk);
149 mbedtls_pk_init(&pk);
Manuel Pégourié-Gonnard920c0632018-10-31 10:57:29 +0100[diff] [blame]150
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]151 key = pk_psa_genkey();
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]152 if (mbedtls_svc_key_id_is_null(key))
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]153 goto exit;
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]154
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]155 TEST_ASSERT(mbedtls_pk_setup_opaque(&pk, key) == 0);
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]156
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]157 TEST_ASSERT(mbedtls_pk_get_type(&pk) == MBEDTLS_PK_OPAQUE);
158 TEST_ASSERT(strcmp(mbedtls_pk_get_name(&pk), name) == 0);
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]159
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]160 TEST_ASSERT(mbedtls_pk_get_bitlen(&pk) == bitlen);
161 TEST_ASSERT(mbedtls_pk_get_len(&pk) == bitlen / 8);
Manuel Pégourié-Gonnard0184b3c2018-10-31 10:36:51 +0100[diff] [blame]162
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]163 TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECKEY) == 1);
164 TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECDSA) == 1);
165 TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_RSA) == 0);
Manuel Pégourié-Gonnard920c0632018-10-31 10:57:29 +0100[diff] [blame]166
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]167 /* unsupported operations: verify, decrypt, encrypt */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]168 TEST_ASSERT(mbedtls_pk_verify(&pk, md_alg, b1, sizeof(b1), b2,
169 sizeof(b2)) == MBEDTLS_ERR_PK_TYPE_MISMATCH);
170 TEST_ASSERT(mbedtls_pk_decrypt(&pk, b1, sizeof(b1), b2, &len, sizeof(b2),
171 NULL, NULL) == MBEDTLS_ERR_PK_TYPE_MISMATCH);
172 TEST_ASSERT(mbedtls_pk_encrypt(&pk, b1, sizeof(b1), b2, &len, sizeof(b2),
173 NULL, NULL) == MBEDTLS_ERR_PK_TYPE_MISMATCH);
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]174
175 /* unsupported functions: check_pair, debug */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]176 TEST_ASSERT(mbedtls_pk_setup(
177 &pk2, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)) == 0);
178 TEST_ASSERT(mbedtls_pk_check_pair(&pk, &pk2, mbedtls_test_rnd_std_rand,
179 NULL) == MBEDTLS_ERR_PK_TYPE_MISMATCH);
180 TEST_ASSERT(mbedtls_pk_debug(&pk, &dbg) == MBEDTLS_ERR_PK_TYPE_MISMATCH);
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]181
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]182 /* test that freeing the context does not destroy the key */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]183 mbedtls_pk_free(&pk);
184 TEST_ASSERT(PSA_SUCCESS == psa_get_key_attributes(key, &attributes));
185 TEST_ASSERT(PSA_SUCCESS == psa_destroy_key(key));
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]186
187exit:
Ronald Cron3a4f0e32020-11-19 17:55:23 +0100[diff] [blame]188 /*
189 * Key attributes may have been returned by psa_get_key_attributes()
190 * thus reset them as required.
191 */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]192 psa_reset_key_attributes(&attributes);
Ronald Cron3a4f0e32020-11-19 17:55:23 +0100[diff] [blame]193
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]194 mbedtls_pk_free(&pk); /* redundant except upon error */
195 mbedtls_pk_free(&pk2);
196 USE_PSA_DONE();
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]197}
198/* END_CASE */
199
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]200/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]201void valid_parameters()
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]202{
203 mbedtls_pk_context pk;
204 unsigned char buf[1];
205 size_t len;
206 void *options = NULL;
207
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]208 mbedtls_pk_init(&pk);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]209
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]210 TEST_ASSERT(mbedtls_pk_setup(&pk, NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]211
212 /* In informational functions, we accept NULL where a context pointer
213 * is expected because that's what the library has done forever.
214 * We do not document that NULL is accepted, so we may wish to change
215 * the behavior in a future version. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]216 TEST_ASSERT(mbedtls_pk_get_bitlen(NULL) == 0);
217 TEST_ASSERT(mbedtls_pk_get_len(NULL) == 0);
218 TEST_ASSERT(mbedtls_pk_can_do(NULL, MBEDTLS_PK_NONE) == 0);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]219
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]220 TEST_ASSERT(mbedtls_pk_sign_restartable(
221 &pk, MBEDTLS_MD_NONE, NULL, 0, buf, sizeof(buf), &len,
222 mbedtls_test_rnd_std_rand, NULL,
223 NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]224
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]225 TEST_ASSERT(mbedtls_pk_sign_restartable(
226 &pk, MBEDTLS_MD_NONE, NULL, 0, buf, sizeof(buf), &len,
227 mbedtls_test_rnd_std_rand, NULL,
228 NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]229
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]230 TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, NULL, 0, buf, sizeof(buf),
231 &len, mbedtls_test_rnd_std_rand,
232 NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]233
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]234 TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, MBEDTLS_MD_NONE, NULL, 0,
235 buf, sizeof(buf), NULL) ==
236 MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]237
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]238 TEST_ASSERT(
239 mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, NULL, 0, buf, sizeof(buf)) ==
240 MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]241
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]242 TEST_ASSERT(mbedtls_pk_verify_ext(
243 MBEDTLS_PK_NONE, options, &pk, MBEDTLS_MD_NONE, NULL, 0,
244 buf, sizeof(buf)) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]245
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]246 TEST_ASSERT(mbedtls_pk_encrypt(&pk, NULL, 0, NULL, &len, 0,
247 mbedtls_test_rnd_std_rand,
248 NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]249
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]250 TEST_ASSERT(mbedtls_pk_decrypt(&pk, NULL, 0, NULL, &len, 0,
251 mbedtls_test_rnd_std_rand,
252 NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]253
254#if defined(MBEDTLS_PK_PARSE_C)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]255 TEST_ASSERT(mbedtls_pk_parse_key(&pk, NULL, 0, NULL, 1,
256 mbedtls_test_rnd_std_rand, NULL) ==
257 MBEDTLS_ERR_PK_KEY_INVALID_FORMAT);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]258
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]259 TEST_ASSERT(mbedtls_pk_parse_public_key(&pk, NULL, 0) ==
260 MBEDTLS_ERR_PK_KEY_INVALID_FORMAT);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]261#endif /* MBEDTLS_PK_PARSE_C */
262}
263/* END_CASE */
264
265/* BEGIN_CASE depends_on:MBEDTLS_PK_WRITE_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]266void valid_parameters_pkwrite(data_t *key_data)
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]267{
268 mbedtls_pk_context pk;
269
270 /* For the write tests to be effective, we need a valid key pair. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]271 mbedtls_pk_init(&pk);
272 TEST_ASSERT(mbedtls_pk_parse_key(&pk, key_data->x, key_data->len, NULL, 0,
273 mbedtls_test_rnd_std_rand, NULL) == 0);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]274
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]275 TEST_ASSERT(mbedtls_pk_write_key_der(&pk, NULL, 0) ==
276 MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]277
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]278 TEST_ASSERT(mbedtls_pk_write_pubkey_der(&pk, NULL, 0) ==
279 MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]280
281#if defined(MBEDTLS_PEM_WRITE_C)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]282 TEST_ASSERT(mbedtls_pk_write_key_pem(&pk, NULL, 0) ==
283 MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]284
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]285 TEST_ASSERT(mbedtls_pk_write_pubkey_pem(&pk, NULL, 0) ==
286 MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]287#endif /* MBEDTLS_PEM_WRITE_C */
288
289exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]290 mbedtls_pk_free(&pk);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]291}
292/* END_CASE */
293
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]294/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]295void pk_utils(int type, int parameter, int bitlen, int len, char *name)
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]296{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]297 mbedtls_pk_context pk;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]298
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]299 mbedtls_pk_init(&pk);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]300
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]301 TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
302 TEST_ASSERT(pk_genkey(&pk, parameter) == 0);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]303
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]304 TEST_ASSERT((int)mbedtls_pk_get_type(&pk) == type);
305 TEST_ASSERT(mbedtls_pk_can_do(&pk, type));
306 TEST_ASSERT(mbedtls_pk_get_bitlen(&pk) == (unsigned)bitlen);
307 TEST_ASSERT(mbedtls_pk_get_len(&pk) == (unsigned)len);
308 TEST_ASSERT(strcmp(mbedtls_pk_get_name(&pk), name) == 0);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]309
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]310exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]311 mbedtls_pk_free(&pk);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]312}
313/* END_CASE */
314
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]315/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_FS_IO */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]316void mbedtls_pk_check_pair(char *pub_file, char *prv_file, int ret)
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]317{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]318 mbedtls_pk_context pub, prv, alt;
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]319
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]320 mbedtls_pk_init(&pub);
321 mbedtls_pk_init(&prv);
322 mbedtls_pk_init(&alt);
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]323
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]324 TEST_ASSERT(mbedtls_pk_parse_public_keyfile(&pub, pub_file) == 0);
325 TEST_ASSERT(mbedtls_pk_parse_keyfile(&prv, prv_file, NULL,
326 mbedtls_test_rnd_std_rand, NULL) == 0);
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]327
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]328 TEST_ASSERT(mbedtls_pk_check_pair(&pub, &prv, mbedtls_test_rnd_std_rand,
329 NULL) == ret);
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]330
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]331#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]332 if (mbedtls_pk_get_type(&prv) == MBEDTLS_PK_RSA) {
333 TEST_ASSERT(mbedtls_pk_setup_rsa_alt(
334 &alt, mbedtls_pk_rsa(prv), mbedtls_rsa_decrypt_func,
335 mbedtls_rsa_sign_func, mbedtls_rsa_key_len_func) == 0);
336 TEST_ASSERT(mbedtls_pk_check_pair(&pub, &alt, mbedtls_test_rnd_std_rand,
337 NULL) == ret);
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]338 }
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]339#endif
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]340
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]341 mbedtls_pk_free(&pub);
342 mbedtls_pk_free(&prv);
343 mbedtls_pk_free(&alt);
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]344}
345/* END_CASE */
346
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]347/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]348void pk_rsa_verify_test_vec(data_t *message_str,
349 int digest,
350 int mod,
351 int radix_N,
352 char *input_N,
353 int radix_E,
354 char *input_E,
355 data_t *result_str,
356 int result)
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]357{
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]358 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]359 mbedtls_rsa_context *rsa;
360 mbedtls_pk_context pk;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]361 mbedtls_pk_restart_ctx *rs_ctx = NULL;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]362#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]363 mbedtls_pk_restart_ctx ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]364
365 rs_ctx = &ctx;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]366 mbedtls_pk_restart_init(rs_ctx);
Manuel Pégourié-Gonnard4edb9cb2018-07-02 12:23:23 +0200[diff] [blame]367 // this setting would ensure restart would happen if ECC was used
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]368 mbedtls_ecp_set_max_ops(1);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]369#endif
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]370
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]371 mbedtls_pk_init(&pk);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]372
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]373 memset(hash_result, 0x00, MBEDTLS_MD_MAX_SIZE);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]374
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]375 TEST_ASSERT(
376 mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
377 rsa = mbedtls_pk_rsa(pk);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]378
Paul Bakker42099c32014-01-27 11:45:49 +0100[diff] [blame]379 rsa->len = mod / 8;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]380 TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, radix_N, input_N) == 0);
381 TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, radix_E, input_E) == 0);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]382
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]383 if (mbedtls_md_info_from_type(digest) != NULL)
384 TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest),
385 message_str->x, message_str->len,
386 hash_result) == 0);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]387
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]388 TEST_ASSERT(mbedtls_pk_verify(&pk, digest, hash_result, 0, result_str->x,
389 mbedtls_pk_get_len(&pk)) == result);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]390
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]391 TEST_ASSERT(mbedtls_pk_verify_restartable(
392 &pk, digest, hash_result, 0, result_str->x,
393 mbedtls_pk_get_len(&pk), rs_ctx) == result);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]394
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]395exit:
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]396#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]397 mbedtls_pk_restart_free(rs_ctx);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]398#endif
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]399 mbedtls_pk_free(&pk);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]400}
401/* END_CASE */
402
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]403/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]404void pk_rsa_verify_ext_test_vec(data_t *message_str,
405 int digest,
406 int mod,
407 int radix_N,
408 char *input_N,
409 int radix_E,
410 char *input_E,
411 data_t *result_str,
412 int pk_type,
413 int mgf1_hash_id,
414 int salt_len,
415 int result)
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]416{
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]417 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]418 mbedtls_rsa_context *rsa;
419 mbedtls_pk_context pk;
420 mbedtls_pk_rsassa_pss_options pss_opts;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]421 void *options;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]422 size_t hash_len;
423
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]424 mbedtls_pk_init(&pk);
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]425
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]426 memset(hash_result, 0x00, sizeof(hash_result));
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]427
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]428 TEST_ASSERT(
429 mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
430 rsa = mbedtls_pk_rsa(pk);
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]431
432 rsa->len = mod / 8;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]433 TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, radix_N, input_N) == 0);
434 TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, radix_E, input_E) == 0);
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]435
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]436 if (digest != MBEDTLS_MD_NONE) {
437 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(digest);
438 TEST_ASSERT(mbedtls_md(md_info, message_str->x, message_str->len,
439 hash_result) == 0);
440 hash_len = mbedtls_md_get_size(md_info);
441 } else {
442 memcpy(hash_result, message_str->x, message_str->len);
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]443 hash_len = message_str->len;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]444 }
445
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]446 if (mgf1_hash_id < 0) {
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]447 options = NULL;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]448 } else {
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]449 options = &pss_opts;
450
451 pss_opts.mgf1_hash_id = mgf1_hash_id;
452 pss_opts.expected_salt_len = salt_len;
453 }
454
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]455 TEST_ASSERT(mbedtls_pk_verify_ext(pk_type, options, &pk, digest,
456 hash_result, hash_len, result_str->x,
457 mbedtls_pk_get_len(&pk)) == result);
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]458
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]459exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]460 mbedtls_pk_free(&pk);
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]461}
462/* END_CASE */
463
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]464/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]465void pk_ec_test_vec(int type,
466 int id,
467 data_t *key,
468 data_t *hash,
469 data_t *sig,
470 int ret)
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]471{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]472 mbedtls_pk_context pk;
473 mbedtls_ecp_keypair *eckey;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]474
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]475 mbedtls_pk_init(&pk);
476 USE_PSA_INIT();
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]477
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]478 TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]479
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]480 TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECDSA));
481 eckey = mbedtls_pk_ec(pk);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]482
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]483 TEST_ASSERT(mbedtls_ecp_group_load(&eckey->grp, id) == 0);
484 TEST_ASSERT(mbedtls_ecp_point_read_binary(&eckey->grp, &eckey->Q, key->x,
485 key->len) == 0);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]486
John Durkopd4efa8d2020-09-08 05:58:28 -0700[diff] [blame]487 // MBEDTLS_MD_NONE is used since it will be ignored.
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]488 TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash->x, hash->len,
489 sig->x, sig->len) == ret);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]490
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]491exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]492 mbedtls_pk_free(&pk);
493 USE_PSA_DONE();
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]494}
495/* END_CASE */
496
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]497/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]498void pk_sign_verify_restart(int pk_type,
499 int grp_id,
500 char *d_str,
501 char *QX_str,
502 char *QY_str,
503 int md_alg,
504 char *msg,
505 data_t *sig_check,
506 int max_ops,
507 int min_restart,
508 int max_restart)
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]509{
510 int ret, cnt_restart;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]511 mbedtls_pk_restart_ctx rs_ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]512 mbedtls_pk_context prv, pub;
513 unsigned char hash[MBEDTLS_MD_MAX_SIZE];
514 unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]515 size_t hlen, slen;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]516 const mbedtls_md_info_t *md_info;
517
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]518 mbedtls_pk_restart_init(&rs_ctx);
519 mbedtls_pk_init(&prv);
520 mbedtls_pk_init(&pub);
521 memset(hash, 0, sizeof(hash));
522 memset(sig, 0, sizeof(sig));
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]523
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]524 TEST_ASSERT(mbedtls_pk_setup(&prv, mbedtls_pk_info_from_type(pk_type)) ==
525 0);
526 TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec(prv)->grp, grp_id) == 0);
527 TEST_ASSERT(mbedtls_test_read_mpi(&mbedtls_pk_ec(prv)->d, 16, d_str) == 0);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]528
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]529 TEST_ASSERT(mbedtls_pk_setup(&pub, mbedtls_pk_info_from_type(pk_type)) ==
530 0);
531 TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec(pub)->grp, grp_id) == 0);
532 TEST_ASSERT(mbedtls_ecp_point_read_string(&mbedtls_pk_ec(pub)->Q, 16,
533 QX_str, QY_str) == 0);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]534
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]535 md_info = mbedtls_md_info_from_type(md_alg);
536 TEST_ASSERT(md_info != NULL);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]537
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]538 hlen = mbedtls_md_get_size(md_info);
539 TEST_ASSERT(mbedtls_md(md_info, (const unsigned char *)msg, strlen(msg),
540 hash) == 0);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]541
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]542 mbedtls_ecp_set_max_ops(max_ops);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]543
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]544 slen = sizeof(sig);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]545 cnt_restart = 0;
546 do {
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]547 ret = mbedtls_pk_sign_restartable(&prv, md_alg, hash, hlen, sig,
548 sizeof(sig), &slen,
549 mbedtls_test_rnd_std_rand, NULL,
550 &rs_ctx);
551 } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]552
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]553 TEST_ASSERT(ret == 0);
554 TEST_ASSERT(slen == sig_check->len);
555 TEST_ASSERT(memcmp(sig, sig_check->x, slen) == 0);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]556
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]557 TEST_ASSERT(cnt_restart >= min_restart);
558 TEST_ASSERT(cnt_restart <= max_restart);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]559
560 cnt_restart = 0;
561 do {
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]562 ret = mbedtls_pk_verify_restartable(&pub, md_alg, hash, hlen, sig, slen,
563 &rs_ctx);
564 } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]565
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]566 TEST_ASSERT(ret == 0);
567 TEST_ASSERT(cnt_restart >= min_restart);
568 TEST_ASSERT(cnt_restart <= max_restart);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]569
570 hash[0]++;
571 do {
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]572 ret = mbedtls_pk_verify_restartable(&pub, md_alg, hash, hlen, sig, slen,
573 &rs_ctx);
574 } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
575 TEST_ASSERT(ret != 0);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]576 hash[0]--;
577
578 sig[0]++;
579 do {
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]580 ret = mbedtls_pk_verify_restartable(&pub, md_alg, hash, hlen, sig, slen,
581 &rs_ctx);
582 } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
583 TEST_ASSERT(ret != 0);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]584 sig[0]--;
585
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]586 /* Do we leak memory when aborting? try verify then sign
587 * This test only makes sense when we actually restart */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]588 if (min_restart > 0) {
589 ret = mbedtls_pk_verify_restartable(&pub, md_alg, hash, hlen, sig, slen,
590 &rs_ctx);
591 TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
592 mbedtls_pk_restart_free(&rs_ctx);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]593
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]594 slen = sizeof(sig);
595 ret = mbedtls_pk_sign_restartable(&prv, md_alg, hash, hlen, sig,
596 sizeof(sig), &slen,
597 mbedtls_test_rnd_std_rand, NULL,
598 &rs_ctx);
599 TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS);
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]600 }
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]601
602exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]603 mbedtls_pk_restart_free(&rs_ctx);
604 mbedtls_pk_free(&prv);
605 mbedtls_pk_free(&pub);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]606}
607/* END_CASE */
608
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]609/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]610void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret)
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]611{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]612 mbedtls_pk_context pk;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]613 size_t sig_len;
Gilles Peskine6e3187b2021-06-22 18:39:53 +0200[diff] [blame]614 unsigned char hash[32]; // Hard-coded for SHA256
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]615 size_t hash_len = sizeof(hash);
Gilles Peskineeba088a2019-11-05 16:32:32 +0100[diff] [blame]616 unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]617 void *rs_ctx = NULL;
618#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]619 mbedtls_pk_restart_ctx ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]620
621 rs_ctx = &ctx;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]622 mbedtls_pk_restart_init(rs_ctx);
Manuel Pégourié-Gonnard4edb9cb2018-07-02 12:23:23 +0200[diff] [blame]623 /* This value is large enough that the operation will complete in one run.
624 * See comments at the top of ecp_test_vect_restart in
625 * test_suite_ecp.function for estimates of operation counts. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]626 mbedtls_ecp_set_max_ops(42000);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]627#endif
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]628
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]629 mbedtls_pk_init(&pk);
630 USE_PSA_INIT();
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]631
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]632 memset(hash, 0x2a, sizeof(hash));
633 memset(sig, 0, sizeof(sig));
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]634
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]635 TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
636 TEST_ASSERT(pk_genkey(&pk, parameter) == 0);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]637
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]638 TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_SHA256, hash,
639 hash_len, sig, sizeof(sig),
640 &sig_len, mbedtls_test_rnd_std_rand,
641 NULL, rs_ctx) == sign_ret);
642 if (sign_ret == 0)
643 TEST_ASSERT(sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE);
Gilles Peskineeba088a2019-11-05 16:32:32 +0100[diff] [blame]644 else
Gilles Peskinef85e4e62019-11-12 11:08:23 +0100[diff] [blame]645 sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]646
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]647 TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, hash_len, sig,
648 sig_len) == verify_ret);
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]649
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]650 if (verify_ret == 0) {
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]651 hash[0]++;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]652 TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, hash_len,
653 sig, sig_len) != 0);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]654 hash[0]--;
655
656 sig[0]++;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]657 TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, hash_len,
658 sig, sig_len) != 0);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]659 sig[0]--;
660 }
661
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]662 TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, hash_len, sig,
663 sizeof(sig), &sig_len,
664 mbedtls_test_rnd_std_rand, NULL) == sign_ret);
665 if (sign_ret == 0)
666 TEST_ASSERT(sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE);
Gilles Peskineeba088a2019-11-05 16:32:32 +0100[diff] [blame]667 else
Gilles Peskinef85e4e62019-11-12 11:08:23 +0100[diff] [blame]668 sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]669
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]670 TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, MBEDTLS_MD_SHA256, hash,
671 hash_len, sig, sig_len,
672 rs_ctx) == verify_ret);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]673
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]674 if (verify_ret == 0) {
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]675 hash[0]++;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]676 TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, MBEDTLS_MD_SHA256, hash,
677 sizeof(hash), sig, sig_len,
678 rs_ctx) != 0);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]679 hash[0]--;
680
681 sig[0]++;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]682 TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, MBEDTLS_MD_SHA256, hash,
683 sizeof(hash), sig, sig_len,
684 rs_ctx) != 0);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]685 sig[0]--;
686 }
687
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]688exit:
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]689#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]690 mbedtls_pk_restart_free(rs_ctx);
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]691#endif
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]692 mbedtls_pk_free(&pk);
693 USE_PSA_DONE();
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]694}
695/* END_CASE */
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]696
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]697/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]698void pk_rsa_encrypt_test_vec(data_t *message,
699 int mod,
700 int radix_N,
701 char *input_N,
702 int radix_E,
703 char *input_E,
704 data_t *result,
705 int ret)
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]706{
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]707 unsigned char output[300];
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]708 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]709 mbedtls_rsa_context *rsa;
710 mbedtls_pk_context pk;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]711 size_t olen;
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]712
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]713 memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
714 memset(output, 0, sizeof(output));
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]715
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]716 mbedtls_pk_init(&pk);
717 TEST_ASSERT(
718 mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
719 rsa = mbedtls_pk_rsa(pk);
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]720
721 rsa->len = mod / 8;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]722 TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, radix_N, input_N) == 0);
723 TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, radix_E, input_E) == 0);
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]724
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]725 TEST_ASSERT(mbedtls_pk_encrypt(&pk, message->x, message->len, output, &olen,
726 sizeof(output), mbedtls_test_rnd_pseudo_rand,
727 &rnd_info) == ret);
728 TEST_ASSERT(olen == result->len);
729 TEST_ASSERT(memcmp(output, result->x, olen) == 0);
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]730
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]731exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]732 mbedtls_pk_free(&pk);
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]733}
734/* END_CASE */
735
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]736/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]737void pk_rsa_decrypt_test_vec(data_t *cipher,
738 int mod,
739 int radix_P,
740 char *input_P,
741 int radix_Q,
742 char *input_Q,
743 int radix_N,
744 char *input_N,
745 int radix_E,
746 char *input_E,
747 data_t *clear,
748 int ret)
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]749{
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]750 unsigned char output[256];
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]751 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]752 mbedtls_mpi N, P, Q, E;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]753 mbedtls_rsa_context *rsa;
754 mbedtls_pk_context pk;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]755 size_t olen;
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]756
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]757 mbedtls_pk_init(&pk);
758 mbedtls_mpi_init(&N);
759 mbedtls_mpi_init(&P);
760 mbedtls_mpi_init(&Q);
761 mbedtls_mpi_init(&E);
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]762
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]763 memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]764
765 /* init pk-rsa context */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]766 TEST_ASSERT(
767 mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
768 rsa = mbedtls_pk_rsa(pk);
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]769
770 /* load public key */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]771 TEST_ASSERT(mbedtls_test_read_mpi(&N, radix_N, input_N) == 0);
772 TEST_ASSERT(mbedtls_test_read_mpi(&E, radix_E, input_E) == 0);
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]773
774 /* load private key */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]775 TEST_ASSERT(mbedtls_test_read_mpi(&P, radix_P, input_P) == 0);
776 TEST_ASSERT(mbedtls_test_read_mpi(&Q, radix_Q, input_Q) == 0);
777 TEST_ASSERT(mbedtls_rsa_import(rsa, &N, &P, &Q, NULL, &E) == 0);
778 TEST_ASSERT(mbedtls_rsa_get_len(rsa) == (size_t)(mod / 8));
779 TEST_ASSERT(mbedtls_rsa_complete(rsa) == 0);
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]780
781 /* decryption test */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]782 memset(output, 0, sizeof(output));
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]783 olen = 0;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]784 TEST_ASSERT(mbedtls_pk_decrypt(&pk, cipher->x, cipher->len, output, &olen,
785 sizeof(output), mbedtls_test_rnd_pseudo_rand,
786 &rnd_info) == ret);
787 if (ret == 0) {
788 TEST_ASSERT(olen == clear->len);
789 TEST_ASSERT(memcmp(output, clear->x, olen) == 0);
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]790 }
791
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]792exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]793 mbedtls_mpi_free(&N);
794 mbedtls_mpi_free(&P);
795 mbedtls_mpi_free(&Q);
796 mbedtls_mpi_free(&E);
797 mbedtls_pk_free(&pk);
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]798}
799/* END_CASE */
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]800
801/* BEGIN_CASE */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]802void pk_ec_nocrypt(int type)
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]803{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]804 mbedtls_pk_context pk;
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]805 unsigned char output[100];
806 unsigned char input[100];
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]807 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]808 size_t olen = 0;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]809 int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]810
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]811 mbedtls_pk_init(&pk);
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]812
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]813 memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info));
814 memset(output, 0, sizeof(output));
815 memset(input, 0, sizeof(input));
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]816
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]817 TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]818
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]819 TEST_ASSERT(mbedtls_pk_encrypt(&pk, input, sizeof(input), output, &olen,
820 sizeof(output), mbedtls_test_rnd_pseudo_rand,
821 &rnd_info) == ret);
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]822
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]823 TEST_ASSERT(mbedtls_pk_decrypt(&pk, input, sizeof(input), output, &olen,
824 sizeof(output), mbedtls_test_rnd_pseudo_rand,
825 &rnd_info) == ret);
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]826
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]827exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]828 mbedtls_pk_free(&pk);
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]829}
830/* END_CASE */
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]831
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]832/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]833void pk_rsa_overflow()
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]834{
835 mbedtls_pk_context pk;
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]836 size_t hash_len = SIZE_MAX, sig_len = SIZE_MAX;
837 unsigned char hash[50], sig[100];
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]838
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]839 if (SIZE_MAX <= UINT_MAX)
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]840 return;
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]841
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]842 memset(hash, 0x2a, sizeof(hash));
843 memset(sig, 0, sizeof(sig));
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]844
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]845 mbedtls_pk_init(&pk);
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]846
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]847 TEST_ASSERT(
848 mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]849
850#if defined(MBEDTLS_PKCS1_V21)
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]851 TEST_ASSERT(mbedtls_pk_verify_ext(
852 MBEDTLS_PK_RSASSA_PSS, NULL, &pk, MBEDTLS_MD_NONE, hash,
853 hash_len, sig, sig_len) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]854#endif /* MBEDTLS_PKCS1_V21 */
855
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]856 TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len, sig,
857 sig_len) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]858
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]859 TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len, sig,
860 sizeof(sig), &sig_len,
861 mbedtls_test_rnd_std_rand,
862 NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]863
864exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]865 mbedtls_pk_free(&pk);
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]866}
867/* END_CASE */
868
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]869/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]870void pk_rsa_alt()
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]871{
872 /*
873 * An rsa_alt context can only do private operations (decrypt, sign).
874 * Test it against the public operations (encrypt, verify) of a
875 * corresponding rsa context.
876 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]877 mbedtls_rsa_context raw;
878 mbedtls_pk_context rsa, alt;
879 mbedtls_pk_debug_item dbg_items[10];
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]880 unsigned char hash[50], sig[64];
881 unsigned char msg[50], ciph[64], test[50];
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]882 size_t sig_len, ciph_len, test_len;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]883 int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]884
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]885 mbedtls_rsa_init(&raw);
886 mbedtls_pk_init(&rsa);
887 mbedtls_pk_init(&alt);
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]888
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]889 memset(hash, 0x2a, sizeof(hash));
890 memset(sig, 0, sizeof(sig));
891 memset(msg, 0x2a, sizeof(msg));
892 memset(ciph, 0, sizeof(ciph));
893 memset(test, 0, sizeof(test));
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]894
895 /* Initiliaze PK RSA context with random key */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]896 TEST_ASSERT(
897 mbedtls_pk_setup(&rsa, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
898 TEST_ASSERT(pk_genkey(&rsa, RSA_KEY_SIZE) == 0);
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]899
900 /* Extract key to the raw rsa context */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]901 TEST_ASSERT(mbedtls_rsa_copy(&raw, mbedtls_pk_rsa(rsa)) == 0);
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]902
903 /* Initialize PK RSA_ALT context */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]904 TEST_ASSERT(mbedtls_pk_setup_rsa_alt(
905 &alt, (void *)&raw, mbedtls_rsa_decrypt_func,
906 mbedtls_rsa_sign_func, mbedtls_rsa_key_len_func) == 0);
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]907
908 /* Test administrative functions */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]909 TEST_ASSERT(mbedtls_pk_can_do(&alt, MBEDTLS_PK_RSA));
910 TEST_ASSERT(mbedtls_pk_get_bitlen(&alt) == RSA_KEY_SIZE);
911 TEST_ASSERT(mbedtls_pk_get_len(&alt) == RSA_KEY_LEN);
912 TEST_ASSERT(mbedtls_pk_get_type(&alt) == MBEDTLS_PK_RSA_ALT);
913 TEST_ASSERT(strcmp(mbedtls_pk_get_name(&alt), "RSA-alt") == 0);
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]914
915 /* Test signature */
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]916#if SIZE_MAX > UINT_MAX
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]917 TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, SIZE_MAX, sig,
918 sizeof(sig), &sig_len,
919 mbedtls_test_rnd_std_rand,
920 NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]921#endif /* SIZE_MAX > UINT_MAX */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]922 TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, sizeof(hash), sig,
923 sizeof(sig), &sig_len,
924 mbedtls_test_rnd_std_rand, NULL) == 0);
925 TEST_ASSERT(sig_len == RSA_KEY_LEN);
926 TEST_ASSERT(mbedtls_pk_verify(&rsa, MBEDTLS_MD_NONE, hash, sizeof(hash),
927 sig, sig_len) == 0);
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]928
929 /* Test decrypt */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]930 TEST_ASSERT(mbedtls_pk_encrypt(&rsa, msg, sizeof(msg), ciph, &ciph_len,
931 sizeof(ciph), mbedtls_test_rnd_std_rand,
932 NULL) == 0);
933 TEST_ASSERT(mbedtls_pk_decrypt(&alt, ciph, ciph_len, test, &test_len,
934 sizeof(test), mbedtls_test_rnd_std_rand,
935 NULL) == 0);
936 TEST_ASSERT(test_len == sizeof(msg));
937 TEST_ASSERT(memcmp(test, msg, test_len) == 0);
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]938
939 /* Test forbidden operations */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]940 TEST_ASSERT(mbedtls_pk_encrypt(&alt, msg, sizeof(msg), ciph, &ciph_len,
941 sizeof(ciph), mbedtls_test_rnd_std_rand,
942 NULL) == ret);
943 TEST_ASSERT(mbedtls_pk_verify(&alt, MBEDTLS_MD_NONE, hash, sizeof(hash),
944 sig, sig_len) == ret);
945 TEST_ASSERT(mbedtls_pk_debug(&alt, dbg_items) == ret);
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]946
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]947exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]948 mbedtls_rsa_free(&raw);
949 mbedtls_pk_free(&rsa);
950 mbedtls_pk_free(&alt);
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]951}
952/* END_CASE */
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]953
Gilles Peskine33b1c692019-12-19 00:09:47 +0100[diff] [blame]954/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]955void pk_psa_sign(int grpid_arg, int psa_curve_arg, int expected_bits_arg)
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]956{
Gilles Peskine33b1c692019-12-19 00:09:47 +0100[diff] [blame]957 mbedtls_ecp_group_id grpid = grpid_arg;
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]958 mbedtls_pk_context pk;
Gilles Peskine33b1c692019-12-19 00:09:47 +0100[diff] [blame]959 unsigned char hash[32];
960 unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
961 unsigned char pkey_legacy[200];
962 unsigned char pkey_psa[200];
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]963 unsigned char *pkey_legacy_start, *pkey_psa_start;
964 size_t sig_len, klen_legacy, klen_psa;
965 int ret;
Ronald Cron5425a212020-08-04 14:58:35 +0200[diff] [blame]966 mbedtls_svc_key_id_t key_id;
Gilles Peskine85f47c92019-12-18 20:44:15 +0100[diff] [blame]967 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]968 psa_key_type_t expected_type = PSA_KEY_TYPE_ECC_KEY_PAIR(psa_curve_arg);
Gilles Peskine33b1c692019-12-19 00:09:47 +0100[diff] [blame]969 size_t expected_bits = expected_bits_arg;
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]970
971 /*
972 * This tests making signatures with a wrapped PSA key:
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]973 * - generate a fresh ECP legacy PK context
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]974 * - wrap it in a PK context and make a signature this way
975 * - extract the public key
976 * - parse it to a PK context and verify the signature this way
977 */
978
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]979 PSA_ASSERT(psa_crypto_init());
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]980
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]981 /* Create legacy EC public/private key in PK context. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]982 mbedtls_pk_init(&pk);
983 TEST_ASSERT(mbedtls_pk_setup(
984 &pk, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)) == 0);
985 TEST_ASSERT(mbedtls_ecp_gen_key(grpid, (mbedtls_ecp_keypair *)pk.pk_ctx,
986 mbedtls_test_rnd_std_rand, NULL) == 0);
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]987
988 /* Export underlying public key for re-importing in a legacy context. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]989 ret = mbedtls_pk_write_pubkey_der(&pk, pkey_legacy, sizeof(pkey_legacy));
990 TEST_ASSERT(ret >= 0);
991 klen_legacy = (size_t)ret;
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]992 /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]993 pkey_legacy_start = pkey_legacy + sizeof(pkey_legacy) - klen_legacy;
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]994
995 /* Turn PK context into an opaque one. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]996 TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&pk, &key_id, PSA_ALG_SHA_256) == 0);
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]997
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]998 PSA_ASSERT(psa_get_key_attributes(key_id, &attributes));
999 TEST_EQUAL(psa_get_key_type(&attributes), expected_type);
1000 TEST_EQUAL(psa_get_key_bits(&attributes), expected_bits);
1001 TEST_EQUAL(psa_get_key_lifetime(&attributes), PSA_KEY_LIFETIME_VOLATILE);
Gilles Peskine85f47c92019-12-18 20:44:15 +0100[diff] [blame]1002
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1003 memset(hash, 0x2a, sizeof(hash));
1004 memset(sig, 0, sizeof(sig));
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1005
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1006 TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, sizeof(hash), sig,
1007 sizeof(sig), &sig_len, NULL, NULL) == 0);
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1008
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1009 /* Export underlying public key for re-importing in a psa context. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1010 ret = mbedtls_pk_write_pubkey_der(&pk, pkey_psa, sizeof(pkey_psa));
1011 TEST_ASSERT(ret >= 0);
1012 klen_psa = (size_t)ret;
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1013 /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1014 pkey_psa_start = pkey_psa + sizeof(pkey_psa) - klen_psa;
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1015
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1016 TEST_ASSERT(klen_psa == klen_legacy);
1017 TEST_ASSERT(memcmp(pkey_psa_start, pkey_legacy_start, klen_psa) == 0);
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1018
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1019 mbedtls_pk_free(&pk);
1020 TEST_ASSERT(PSA_SUCCESS == psa_destroy_key(key_id));
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1021
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1022 mbedtls_pk_init(&pk);
1023 TEST_ASSERT(
1024 mbedtls_pk_parse_public_key(&pk, pkey_legacy_start, klen_legacy) == 0);
1025 TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, sizeof(hash),
1026 sig, sig_len) == 0);
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1027
1028exit:
Ronald Cron3a4f0e32020-11-19 17:55:23 +0100[diff] [blame]1029 /*
1030 * Key attributes may have been returned by psa_get_key_attributes()
1031 * thus reset them as required.
1032 */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1033 psa_reset_key_attributes(&attributes);
Ronald Cron3a4f0e32020-11-19 17:55:23 +0100[diff] [blame]1034
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]1035 mbedtls_pk_free(&pk);
1036 USE_PSA_DONE();
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1037}
1038/* END_CASE */