TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / c0eabdc63657f784dee45167b010534cd3924cfa / . / tests / suites / test_suite_random.function
blob: bbaa068b1f18852d3b16d5a3b642ef7729c9e73f [file] [log] [blame]
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]1/* BEGIN_HEADER */
2
3/* Test random generation as a whole. */
4
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]5#include "mbedtls/bignum.h"
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]6#include "mbedtls/ctr_drbg.h"
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]7#include "mbedtls/ecdsa.h"
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]8#include "mbedtls/entropy.h"
9#include "mbedtls/hmac_drbg.h"
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]10#include "mbedtls/psa_util.h"
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]11#include "psa/crypto.h"
12
13/* How many bytes to generate in each test case for repeated generation.
14 * This must be high enough that the probability of generating the same
15 * output twice is infinitesimal, but low enough that random generators
16 * are willing to deliver that much. */
17#define OUTPUT_SIZE 32
18
19/* END_HEADER */
20
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]21/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]22void random_twice_with_ctr_drbg()
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]23{
24 mbedtls_entropy_context entropy;
25 mbedtls_ctr_drbg_context drbg;
26 unsigned char output1[OUTPUT_SIZE];
27 unsigned char output2[OUTPUT_SIZE];
28
29 /* First round */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]30 mbedtls_entropy_init(&entropy);
31 mbedtls_ctr_drbg_init(&drbg);
32 TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg, mbedtls_entropy_func, &entropy,
33 NULL, 0));
34 TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg, output1, sizeof(output1)));
35 mbedtls_ctr_drbg_free(&drbg);
36 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]37
38 /* Second round */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]39 mbedtls_entropy_init(&entropy);
40 mbedtls_ctr_drbg_init(&drbg);
41 TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg, mbedtls_entropy_func, &entropy,
42 NULL, 0));
43 TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg, output2, sizeof(output2)));
44 mbedtls_ctr_drbg_free(&drbg);
45 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]46
47 /* The two rounds must generate different random data. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]48 TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]49
50exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]51 mbedtls_ctr_drbg_free(&drbg);
52 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]53}
54/* END_CASE */
55
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]56/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_HMAC_DRBG_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]57void random_twice_with_hmac_drbg(int md_type)
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]58{
59 mbedtls_entropy_context entropy;
60 mbedtls_hmac_drbg_context drbg;
61 unsigned char output1[OUTPUT_SIZE];
62 unsigned char output2[OUTPUT_SIZE];
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]63 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]64
65 /* First round */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]66 mbedtls_entropy_init(&entropy);
67 mbedtls_hmac_drbg_init(&drbg);
68 TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info, mbedtls_entropy_func,
69 &entropy, NULL, 0));
70 TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg, output1, sizeof(output1)));
71 mbedtls_hmac_drbg_free(&drbg);
72 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]73
74 /* Second round */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]75 mbedtls_entropy_init(&entropy);
76 mbedtls_hmac_drbg_init(&drbg);
77 TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info, mbedtls_entropy_func,
78 &entropy, NULL, 0));
79 TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg, output2, sizeof(output2)));
80 mbedtls_hmac_drbg_free(&drbg);
81 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]82
83 /* The two rounds must generate different random data. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]84 TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]85
86exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]87 mbedtls_hmac_drbg_free(&drbg);
88 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]89}
90/* END_CASE */
91
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]92/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]93void random_twice_with_psa_from_classic()
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]94{
95 unsigned char output1[OUTPUT_SIZE];
96 unsigned char output2[OUTPUT_SIZE];
97
98 /* First round */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]99 PSA_ASSERT(psa_crypto_init());
100 TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, output1,
101 sizeof(output1)));
102 PSA_DONE();
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]103
104 /* Second round */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]105 PSA_ASSERT(psa_crypto_init());
106 TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, output2,
107 sizeof(output2)));
108 PSA_DONE();
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]109
110 /* The two rounds must generate different random data. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]111 TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]112
113exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]114 PSA_DONE();
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]115}
116/* END_CASE */
117
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]118/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]119void random_twice_with_psa_from_psa()
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]120{
121 unsigned char output1[OUTPUT_SIZE];
122 unsigned char output2[OUTPUT_SIZE];
123
124 /* First round */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]125 PSA_ASSERT(psa_crypto_init());
126 PSA_ASSERT(psa_generate_random(output1, sizeof(output1)));
127 PSA_DONE();
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]128
129 /* Second round */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]130 PSA_ASSERT(psa_crypto_init());
131 PSA_ASSERT(psa_generate_random(output2, sizeof(output2)));
132 PSA_DONE();
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]133
134 /* The two rounds must generate different random data. */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]135 TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]136
137exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]138 PSA_DONE();
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]139}
140/* END_CASE */
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]141
142/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]143void mbedtls_psa_get_random_no_init()
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]144{
145 unsigned char output[1];
146
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]147 TEST_ASSERT(mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, output,
148 sizeof(output)) != 0);
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]149}
150/* END_CASE */
151
152/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]153void mbedtls_psa_get_random_length(int n)
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]154{
155 unsigned char *output = NULL;
156
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]157 PSA_ASSERT(psa_crypto_init());
158 ASSERT_ALLOC(output, n);
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]159
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]160 TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, output, n));
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]161exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]162 mbedtls_free(output);
163 PSA_DONE();
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]164}
165/* END_CASE */
166
167/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ECDSA_C */
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]168void mbedtls_psa_get_random_ecdsa_sign(int curve)
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]169{
170 mbedtls_ecp_group grp;
171 mbedtls_mpi d, r, s;
172 unsigned char buf[] = "This is not a hash.";
173
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]174 mbedtls_ecp_group_init(&grp);
175 mbedtls_mpi_init(&d);
176 mbedtls_mpi_init(&r);
177 mbedtls_mpi_init(&s);
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]178
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]179 TEST_EQUAL(0, mbedtls_mpi_lset(&d, 123456789));
180 TEST_EQUAL(0, mbedtls_ecp_group_load(&grp, curve));
181 PSA_ASSERT(psa_crypto_init());
182 TEST_EQUAL(0, mbedtls_ecdsa_sign(&grp, &r, &s, &d, buf, sizeof(buf),
183 mbedtls_psa_get_random,
184 MBEDTLS_PSA_RANDOM_STATE));
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]185exit:
Mateusz Starzykc0eabdc2021-08-03 14:09:02 +0200[diff] [blame^]186 mbedtls_mpi_free(&d);
187 mbedtls_mpi_free(&r);
188 mbedtls_mpi_free(&s);
189 mbedtls_ecp_group_free(&grp);
190 PSA_DONE();
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]191}
192/* END_CASE */