TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 1838e821905bf571844e865131856103462e201b / . / tests / suites / test_suite_pk.function
blob: 3d38535e32902cd838187e639774616f371c87e5 [file] [log] [blame]
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/pk.h"
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]3
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]4/* For error codes */
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]5#include "mbedtls/asn1.h"
6#include "mbedtls/base64.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]7#include "mbedtls/ecp.h"
8#include "mbedtls/rsa.h"
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]9
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]10#include <limits.h>
Andres Amaya Garcia6ff067d2017-06-09 14:26:59 +0100[diff] [blame]11#include <stdint.h>
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]12
Gilles Peskine952f4092019-05-23 20:25:48 +0200[diff] [blame]13#if defined(MBEDTLS_USE_PSA_CRYPTO)
14#include "mbedtls/psa_util.h"
Gilles Peskine1838e822019-06-20 12:40:56 +0200[diff] [blame^]15#include "psa_crypto_helpers.h"
Gilles Peskine952f4092019-05-23 20:25:48 +0200[diff] [blame]16#endif
17
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]18static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
19
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]20#define RSA_KEY_SIZE 512
21#define RSA_KEY_LEN 64
22
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]23static int pk_genkey( mbedtls_pk_context *pk )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]24{
Paul Bakkera5320902013-12-19 17:29:52 +0100[diff] [blame]25 ((void) pk);
26
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]27#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
28 if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA )
29 return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), rnd_std_rand, NULL, RSA_KEY_SIZE, 3 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]30#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]31#if defined(MBEDTLS_ECP_C)
32 if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY ||
33 mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY_DH ||
34 mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]35 {
36 int ret;
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]37 if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]38 MBEDTLS_ECP_DP_SECP192R1 ) ) != 0 )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]39 return( ret );
40
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]41 return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, &mbedtls_pk_ec( *pk )->d,
42 &mbedtls_pk_ec( *pk )->Q, rnd_std_rand, NULL );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]43 }
44#endif
45 return( -1 );
46}
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]47
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]48#if defined(MBEDTLS_RSA_C)
49int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]50 const unsigned char *input, unsigned char *output,
51 size_t output_max_len )
52{
Hanno Becker6ac972d2017-09-07 10:57:48 +0100[diff] [blame]53 return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx,
54 rnd_std_rand, NULL, mode, olen,
55 input, output, output_max_len ) );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]56}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]57int mbedtls_rsa_sign_func( void *ctx,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]58 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]59 int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]60 const unsigned char *hash, unsigned char *sig )
61{
Hanno Beckera5400682017-05-03 16:43:15 +0100[diff] [blame]62 ((void) f_rng);
63 ((void) p_rng);
64 return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, rnd_std_rand, NULL, mode,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]65 md_alg, hashlen, hash, sig ) );
66}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]67size_t mbedtls_rsa_key_len_func( void *ctx )
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]68{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]69 return( ((const mbedtls_rsa_context *) ctx)->len );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]70}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]71#endif /* MBEDTLS_RSA_C */
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]72
73#if defined(MBEDTLS_USE_PSA_CRYPTO)
74
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]75/*
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]76 * Generate a key using PSA and return a handle to that key,
77 * or 0 if the key generation failed.
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]78 * The key uses NIST P-256 and is usable for signing with SHA-256.
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]79 */
Andrzej Kurek2349c4d2019-01-08 09:36:01 -0500[diff] [blame]80psa_key_handle_t pk_psa_genkey( void )
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]81{
Andrzej Kurek2349c4d2019-01-08 09:36:01 -0500[diff] [blame]82 psa_key_handle_t key;
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]83 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]84 const int curve = PSA_ECC_CURVE_SECP256R1;
Gilles Peskinec93b80c2019-05-16 19:39:54 +0200[diff] [blame]85 const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve);
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]86 const size_t bits = 256;
87
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]88 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN );
89 psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256) );
90 psa_set_key_type( &attributes, type );
91 psa_set_key_bits( &attributes, bits );
92 PSA_ASSERT( psa_generate_key( &attributes, &key ) );
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]93
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]94exit:
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]95 return( key );
96}
97#endif /* MBEDTLS_USE_PSA_CRYPTO */
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]98/* END_HEADER */
99
100/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]101 * depends_on:MBEDTLS_PK_C
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]102 * END_DEPENDENCIES
103 */
104
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]105/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]106void pk_psa_utils( )
107{
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]108 mbedtls_pk_context pk, pk2;
Andrzej Kurek2349c4d2019-01-08 09:36:01 -0500[diff] [blame]109 psa_key_handle_t key;
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]110 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]111
Manuel Pégourié-Gonnard69baf702018-11-06 09:34:30 +0100[diff] [blame]112 const char * const name = "Opaque";
Manuel Pégourié-Gonnard0184b3c2018-10-31 10:36:51 +0100[diff] [blame]113 const size_t bitlen = 256; /* harcoded in genkey() */
114
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]115 mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
116 unsigned char b1[1], b2[1];
117 size_t len;
118 mbedtls_pk_debug_item dbg;
119
Jaeden Amero3ea26872019-02-13 11:30:22 +0000[diff] [blame]120 TEST_ASSERT( psa_crypto_init() == 0 );
121
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]122 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]123 mbedtls_pk_init( &pk2 );
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]124
Manuel Pégourié-Gonnard69baf702018-11-06 09:34:30 +0100[diff] [blame]125 TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, 0 ) ==
Manuel Pégourié-Gonnard920c0632018-10-31 10:57:29 +0100[diff] [blame]126 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
127
128 mbedtls_pk_free( &pk );
129 mbedtls_pk_init( &pk );
130
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]131 key = pk_psa_genkey();
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]132 if( key == 0 )
133 goto exit;
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]134
Manuel Pégourié-Gonnard69baf702018-11-06 09:34:30 +0100[diff] [blame]135 TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 );
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]136
Manuel Pégourié-Gonnard69baf702018-11-06 09:34:30 +0100[diff] [blame]137 TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE );
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]138 TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
139
Manuel Pégourié-Gonnard0184b3c2018-10-31 10:36:51 +0100[diff] [blame]140 TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen );
141 TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 );
142
Manuel Pégourié-Gonnard920c0632018-10-31 10:57:29 +0100[diff] [blame]143 TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECKEY ) == 1 );
144 TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 );
145 TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 );
146
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]147 /* unsupported operations: verify, decrypt, encrypt */
148 TEST_ASSERT( mbedtls_pk_verify( &pk, md_alg,
149 b1, sizeof( b1), b2, sizeof( b2 ) )
150 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
151 TEST_ASSERT( mbedtls_pk_decrypt( &pk, b1, sizeof( b1 ),
152 b2, &len, sizeof( b2 ),
153 NULL, NULL )
154 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
155 TEST_ASSERT( mbedtls_pk_encrypt( &pk, b1, sizeof( b1 ),
156 b2, &len, sizeof( b2 ),
157 NULL, NULL )
158 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
159
160 /* unsupported functions: check_pair, debug */
161 TEST_ASSERT( mbedtls_pk_setup( &pk2,
162 mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
163 TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2 )
164 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
165 TEST_ASSERT( mbedtls_pk_debug( &pk, &dbg )
166 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
167
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]168 /* test that freeing the context does not destroy the key */
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]169 mbedtls_pk_free( &pk );
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]170 TEST_ASSERT( PSA_SUCCESS == psa_get_key_attributes( key, &attributes ) );
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]171 TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );
172
173exit:
174 mbedtls_pk_free( &pk ); /* redundant except upon error */
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]175 mbedtls_pk_free( &pk2 );
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]176}
177/* END_CASE */
178
179
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]180/* BEGIN_CASE */
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]181void valid_parameters( )
182{
183 mbedtls_pk_context pk;
184 unsigned char buf[1];
185 size_t len;
186 void *options = NULL;
187
188 mbedtls_pk_init( &pk );
189
190 TEST_VALID_PARAM( mbedtls_pk_free( NULL ) );
191
192#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
193 TEST_VALID_PARAM( mbedtls_pk_restart_free( NULL ) );
194#endif
195
196 TEST_ASSERT( mbedtls_pk_setup( &pk, NULL ) ==
197 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
198
199 /* In informational functions, we accept NULL where a context pointer
200 * is expected because that's what the library has done forever.
201 * We do not document that NULL is accepted, so we may wish to change
202 * the behavior in a future version. */
203 TEST_ASSERT( mbedtls_pk_get_bitlen( NULL ) == 0 );
204 TEST_ASSERT( mbedtls_pk_get_len( NULL ) == 0 );
205 TEST_ASSERT( mbedtls_pk_can_do( NULL, MBEDTLS_PK_NONE ) == 0 );
206
207 TEST_ASSERT( mbedtls_pk_sign_restartable( &pk,
208 MBEDTLS_MD_NONE,
209 NULL, 0,
210 buf, &len,
211 rnd_std_rand, NULL,
212 NULL ) ==
213 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
214
215 TEST_ASSERT( mbedtls_pk_sign_restartable( &pk,
216 MBEDTLS_MD_NONE,
217 NULL, 0,
218 buf, &len,
219 rnd_std_rand, NULL,
220 NULL ) ==
221 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
222
223 TEST_ASSERT( mbedtls_pk_sign( &pk,
224 MBEDTLS_MD_NONE,
225 NULL, 0,
226 buf, &len,
227 rnd_std_rand, NULL ) ==
228 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
229
230 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk,
231 MBEDTLS_MD_NONE,
232 NULL, 0,
233 buf, sizeof( buf ),
234 NULL ) ==
235 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
236
237 TEST_ASSERT( mbedtls_pk_verify( &pk,
238 MBEDTLS_MD_NONE,
239 NULL, 0,
240 buf, sizeof( buf ) ) ==
241 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
242
243 TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
244 &pk,
245 MBEDTLS_MD_NONE,
246 NULL, 0,
247 buf, sizeof( buf ) ) ==
248 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
249
250 TEST_ASSERT( mbedtls_pk_encrypt( &pk,
251 NULL, 0,
252 NULL, &len, 0,
253 rnd_std_rand, NULL ) ==
254 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
255
256 TEST_ASSERT( mbedtls_pk_decrypt( &pk,
257 NULL, 0,
258 NULL, &len, 0,
259 rnd_std_rand, NULL ) ==
260 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
261
262#if defined(MBEDTLS_PK_PARSE_C)
263 TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1 ) ==
264 MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
265
266 TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, NULL, 0 ) ==
267 MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
268#endif /* MBEDTLS_PK_PARSE_C */
269}
270/* END_CASE */
271
272/* BEGIN_CASE depends_on:MBEDTLS_PK_WRITE_C */
273void valid_parameters_pkwrite( data_t *key_data )
274{
275 mbedtls_pk_context pk;
276
277 /* For the write tests to be effective, we need a valid key pair. */
278 mbedtls_pk_init( &pk );
279 TEST_ASSERT( mbedtls_pk_parse_key( &pk,
280 key_data->x, key_data->len,
281 NULL, 0 ) == 0 );
282
283 TEST_ASSERT( mbedtls_pk_write_key_der( &pk, NULL, 0 ) ==
284 MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
285
286 TEST_ASSERT( mbedtls_pk_write_pubkey_der( &pk, NULL, 0 ) ==
287 MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
288
289#if defined(MBEDTLS_PEM_WRITE_C)
290 TEST_ASSERT( mbedtls_pk_write_key_pem( &pk, NULL, 0 ) ==
291 MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
292
293 TEST_ASSERT( mbedtls_pk_write_pubkey_pem( &pk, NULL, 0 ) ==
294 MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
295#endif /* MBEDTLS_PEM_WRITE_C */
296
297exit:
298 mbedtls_pk_free( &pk );
299}
300/* END_CASE */
301
302/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
303void invalid_parameters( )
304{
305 size_t len;
306 unsigned char *null_buf = NULL;
307 unsigned char buf[1];
308 unsigned char *p = buf;
309 char str[1] = {0};
310 mbedtls_pk_context pk;
311 mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
312 void *options = buf;
313
314 (void) null_buf;
315 (void) p;
316 (void) str;
317
318 mbedtls_pk_init( &pk );
319
320 TEST_INVALID_PARAM( mbedtls_pk_init( NULL ) );
321
322#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
323 TEST_INVALID_PARAM( mbedtls_pk_restart_init( NULL ) );
324#endif
325
326 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
327 mbedtls_pk_setup( NULL, NULL ) );
328
329#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
330 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
331 mbedtls_pk_setup_rsa_alt( NULL, buf,
332 NULL, NULL, NULL ) );
333#endif
334
335 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
336 mbedtls_pk_verify_restartable( NULL,
337 MBEDTLS_MD_NONE,
338 buf, sizeof( buf ),
339 buf, sizeof( buf ),
340 NULL ) );
341 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
342 mbedtls_pk_verify_restartable( &pk,
343 MBEDTLS_MD_NONE,
344 NULL, sizeof( buf ),
345 buf, sizeof( buf ),
346 NULL ) );
347 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
348 mbedtls_pk_verify_restartable( &pk,
349 valid_md,
350 NULL, 0,
351 buf, sizeof( buf ),
352 NULL ) );
353 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
354 mbedtls_pk_verify_restartable( &pk,
355 MBEDTLS_MD_NONE,
356 buf, sizeof( buf ),
357 NULL, sizeof( buf ),
358 NULL ) );
359
360 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
361 mbedtls_pk_verify( NULL,
362 MBEDTLS_MD_NONE,
363 buf, sizeof( buf ),
364 buf, sizeof( buf ) ) );
365 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
366 mbedtls_pk_verify( &pk,
367 MBEDTLS_MD_NONE,
368 NULL, sizeof( buf ),
369 buf, sizeof( buf ) ) );
370 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
371 mbedtls_pk_verify( &pk,
372 valid_md,
373 NULL, 0,
374 buf, sizeof( buf ) ) );
375 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
376 mbedtls_pk_verify( &pk,
377 MBEDTLS_MD_NONE,
378 buf, sizeof( buf ),
379 NULL, sizeof( buf ) ) );
380
381 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
382 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
383 NULL,
384 MBEDTLS_MD_NONE,
385 buf, sizeof( buf ),
386 buf, sizeof( buf ) ) );
387 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
388 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
389 &pk,
390 MBEDTLS_MD_NONE,
391 NULL, sizeof( buf ),
392 buf, sizeof( buf ) ) );
393 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
394 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
395 &pk,
396 valid_md,
397 NULL, 0,
398 buf, sizeof( buf ) ) );
399 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
400 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
401 &pk,
402 MBEDTLS_MD_NONE,
403 buf, sizeof( buf ),
404 NULL, sizeof( buf ) ) );
405
406 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
407 mbedtls_pk_sign_restartable( NULL,
408 MBEDTLS_MD_NONE,
409 buf, sizeof( buf ),
410 buf, &len,
411 rnd_std_rand, NULL,
412 NULL ) );
413 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
414 mbedtls_pk_sign_restartable( &pk,
415 MBEDTLS_MD_NONE,
416 NULL, sizeof( buf ),
417 buf, &len,
418 rnd_std_rand, NULL,
419 NULL ) );
420 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
421 mbedtls_pk_sign_restartable( &pk,
422 valid_md,
423 NULL, 0,
424 buf, &len,
425 rnd_std_rand, NULL,
426 NULL ) );
427 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
428 mbedtls_pk_sign_restartable( &pk,
429 MBEDTLS_MD_NONE,
430 buf, sizeof( buf ),
431 NULL, &len,
432 rnd_std_rand, NULL,
433 NULL ) );
434
435 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
436 mbedtls_pk_sign( NULL,
437 MBEDTLS_MD_NONE,
438 buf, sizeof( buf ),
439 buf, &len,
440 rnd_std_rand, NULL ) );
441 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
442 mbedtls_pk_sign( &pk,
443 MBEDTLS_MD_NONE,
444 NULL, sizeof( buf ),
445 buf, &len,
446 rnd_std_rand, NULL ) );
447 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
448 mbedtls_pk_sign( &pk,
449 valid_md,
450 NULL, 0,
451 buf, &len,
452 rnd_std_rand, NULL ) );
453 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
454 mbedtls_pk_sign( &pk,
455 MBEDTLS_MD_NONE,
456 buf, sizeof( buf ),
457 NULL, &len,
458 rnd_std_rand, NULL ) );
459
460 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
461 mbedtls_pk_decrypt( NULL,
462 buf, sizeof( buf ),
463 buf, &len, sizeof( buf ),
464 rnd_std_rand, NULL ) );
465 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
466 mbedtls_pk_decrypt( &pk,
467 NULL, sizeof( buf ),
468 buf, &len, sizeof( buf ),
469 rnd_std_rand, NULL ) );
470 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
471 mbedtls_pk_decrypt( &pk,
472 buf, sizeof( buf ),
473 NULL, &len, sizeof( buf ),
474 rnd_std_rand, NULL ) );
475 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
476 mbedtls_pk_decrypt( &pk,
477 buf, sizeof( buf ),
478 buf, NULL, sizeof( buf ),
479 rnd_std_rand, NULL ) );
480
481 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
482 mbedtls_pk_encrypt( NULL,
483 buf, sizeof( buf ),
484 buf, &len, sizeof( buf ),
485 rnd_std_rand, NULL ) );
486 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
487 mbedtls_pk_encrypt( &pk,
488 NULL, sizeof( buf ),
489 buf, &len, sizeof( buf ),
490 rnd_std_rand, NULL ) );
491 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
492 mbedtls_pk_encrypt( &pk,
493 buf, sizeof( buf ),
494 NULL, &len, sizeof( buf ),
495 rnd_std_rand, NULL ) );
496 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
497 mbedtls_pk_encrypt( &pk,
498 buf, sizeof( buf ),
499 buf, NULL, sizeof( buf ),
500 rnd_std_rand, NULL ) );
501
502 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
503 mbedtls_pk_check_pair( NULL, &pk ) );
504 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
505 mbedtls_pk_check_pair( &pk, NULL ) );
506
507 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
508 mbedtls_pk_debug( NULL, NULL ) );
509
510#if defined(MBEDTLS_PK_PARSE_C)
511#if defined(MBEDTLS_FS_IO)
512 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
513 mbedtls_pk_load_file( NULL, &p, &len ) );
514 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
515 mbedtls_pk_load_file( str, NULL, &len ) );
516 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
517 mbedtls_pk_load_file( str, &p, NULL ) );
518
519 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
520 mbedtls_pk_parse_keyfile( NULL, str, NULL ) );
521 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
522 mbedtls_pk_parse_keyfile( &pk, NULL, NULL ) );
523
524 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
525 mbedtls_pk_parse_public_keyfile( NULL, str ) );
526 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
527 mbedtls_pk_parse_public_keyfile( &pk, NULL ) );
528#endif
529
530 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
531 mbedtls_pk_parse_subpubkey( NULL, buf, &pk ) );
532 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
533 mbedtls_pk_parse_subpubkey( &null_buf, buf, &pk ) );
534 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
535 mbedtls_pk_parse_subpubkey( &p, NULL, &pk ) );
536 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
537 mbedtls_pk_parse_subpubkey( &p, buf, NULL ) );
538
539 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
540 mbedtls_pk_parse_key( NULL,
541 buf, sizeof( buf ),
542 buf, sizeof( buf ) ) );
543 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
544 mbedtls_pk_parse_key( &pk,
545 NULL, sizeof( buf ),
546 buf, sizeof( buf ) ) );
547
548 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
549 mbedtls_pk_parse_public_key( NULL,
550 buf, sizeof( buf ) ) );
551 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
552 mbedtls_pk_parse_public_key( &pk,
553 NULL, sizeof( buf ) ) );
554#endif /* MBEDTLS_PK_PARSE_C */
555
556#if defined(MBEDTLS_PK_WRITE_C)
557 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
558 mbedtls_pk_write_pubkey( NULL, p, &pk ) );
559 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
560 mbedtls_pk_write_pubkey( &null_buf, p, &pk ) );
561 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
562 mbedtls_pk_write_pubkey( &p, NULL, &pk ) );
563 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
564 mbedtls_pk_write_pubkey( &p, p, NULL ) );
565
566 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
567 mbedtls_pk_write_pubkey_der( NULL,
568 buf, sizeof( buf ) ) );
569 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
570 mbedtls_pk_write_pubkey_der( &pk,
571 NULL, sizeof( buf ) ) );
572
573 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
574 mbedtls_pk_write_key_der( NULL,
575 buf, sizeof( buf ) ) );
576 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
577 mbedtls_pk_write_key_der( &pk,
578 NULL, sizeof( buf ) ) );
579
580#if defined(MBEDTLS_PEM_WRITE_C)
581 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
582 mbedtls_pk_write_pubkey_pem( NULL,
583 buf, sizeof( buf ) ) );
584 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
585 mbedtls_pk_write_pubkey_pem( &pk,
586 NULL, sizeof( buf ) ) );
587
588 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
589 mbedtls_pk_write_key_pem( NULL,
590 buf, sizeof( buf ) ) );
591 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
592 mbedtls_pk_write_key_pem( &pk,
593 NULL, sizeof( buf ) ) );
594#endif /* MBEDTLS_PEM_WRITE_C */
595
596#endif /* MBEDTLS_PK_WRITE_C */
597}
598/* END_CASE */
599
600/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]601void pk_utils( int type, int size, int len, char * name )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]602{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]603 mbedtls_pk_context pk;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]604
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]605 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]606
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]607 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]608 TEST_ASSERT( pk_genkey( &pk ) == 0 );
609
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]610 TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type );
611 TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) );
Manuel Pégourié-Gonnard097c7bb2015-06-18 16:43:38 +0200[diff] [blame]612 TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == (unsigned) size );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]613 TEST_ASSERT( mbedtls_pk_get_len( &pk ) == (unsigned) len );
614 TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]615
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]616exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]617 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]618}
619/* END_CASE */
620
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]621/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_FS_IO */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]622void mbedtls_pk_check_pair( char * pub_file, char * prv_file, int ret )
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]623{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]624 mbedtls_pk_context pub, prv, alt;
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]625
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]626 mbedtls_pk_init( &pub );
627 mbedtls_pk_init( &prv );
628 mbedtls_pk_init( &alt );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]629
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]630 TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &pub, pub_file ) == 0 );
631 TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL ) == 0 );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]632
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]633 TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv ) == ret );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]634
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]635#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
636 if( mbedtls_pk_get_type( &prv ) == MBEDTLS_PK_RSA )
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]637 {
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]638 TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, mbedtls_pk_rsa( prv ),
Hanno Becker6ac972d2017-09-07 10:57:48 +0100[diff] [blame]639 mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func,
640 mbedtls_rsa_key_len_func ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]641 TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt ) == ret );
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]642 }
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]643#endif
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]644
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]645 mbedtls_pk_free( &pub );
646 mbedtls_pk_free( &prv );
647 mbedtls_pk_free( &alt );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]648}
649/* END_CASE */
650
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]651/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]652void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]653 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]654 char * input_E, data_t * result_str,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]655 int result )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]656{
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]657 unsigned char hash_result[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]658 mbedtls_rsa_context *rsa;
659 mbedtls_pk_context pk;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]660 mbedtls_pk_restart_ctx *rs_ctx = NULL;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]661#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]662 mbedtls_pk_restart_ctx ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]663
664 rs_ctx = &ctx;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]665 mbedtls_pk_restart_init( rs_ctx );
Manuel Pégourié-Gonnard4edb9cb2018-07-02 12:23:23 +0200[diff] [blame]666 // this setting would ensure restart would happen if ECC was used
667 mbedtls_ecp_set_max_ops( 1 );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]668#endif
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]669
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]670 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]671
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]672 memset( hash_result, 0x00, 1000 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]673
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]674 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]675 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]676
Paul Bakker42099c32014-01-27 11:45:49 +0100[diff] [blame]677 rsa->len = mod / 8;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]678 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
679 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]680
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]681
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]682 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]683 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]684
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685 TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]686 result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]687
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]688 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, digest, hash_result, 0,
Manuel Pégourié-Gonnard125af942018-09-11 11:08:12 +0200[diff] [blame]689 result_str->x, mbedtls_pk_get_len( &pk ), rs_ctx ) == result );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]690
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]691exit:
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]692#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]693 mbedtls_pk_restart_free( rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]694#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]695 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]696}
697/* END_CASE */
698
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]699/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]700void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]701 int mod, int radix_N, char * input_N,
702 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]703 data_t * result_str, int pk_type,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]704 int mgf1_hash_id, int salt_len, int result )
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]705{
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]706 unsigned char hash_result[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]707 mbedtls_rsa_context *rsa;
708 mbedtls_pk_context pk;
709 mbedtls_pk_rsassa_pss_options pss_opts;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]710 void *options;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]711 size_t hash_len;
712
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]713 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]714
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]715 memset( hash_result, 0x00, 1000 );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]716
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]717 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]718 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]719
720 rsa->len = mod / 8;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]721 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
722 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]723
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]724
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]725 if( digest != MBEDTLS_MD_NONE )
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]726 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]727 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ),
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]728 message_str->x, message_str->len, hash_result ) == 0 );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]729 hash_len = 0;
730 }
731 else
732 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]733 memcpy( hash_result, message_str->x, message_str->len );
734 hash_len = message_str->len;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]735 }
736
737 if( mgf1_hash_id < 0 )
738 {
739 options = NULL;
740 }
741 else
742 {
743 options = &pss_opts;
744
745 pss_opts.mgf1_hash_id = mgf1_hash_id;
746 pss_opts.expected_salt_len = salt_len;
747 }
748
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]749 TEST_ASSERT( mbedtls_pk_verify_ext( pk_type, options, &pk,
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]750 digest, hash_result, hash_len,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]751 result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]752
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]753exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]754 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]755}
756/* END_CASE */
757
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]758/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]759void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash,
760 data_t * sig, int ret )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]761{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]762 mbedtls_pk_context pk;
763 mbedtls_ecp_keypair *eckey;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]764
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]765 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]766
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]767
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]768 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]769
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]770 TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) );
771 eckey = mbedtls_pk_ec( pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]772
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]773 TEST_ASSERT( mbedtls_ecp_group_load( &eckey->grp, id ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]774 TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]775 key->x, key->len ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]776
Andrzej Kurekc05ec9f2018-11-08 05:04:53 -0500[diff] [blame]777 // MBEDTLS_MD_SHA1 is a dummy - it is ignored, but has to be other than MBEDTLS_MD_NONE.
778 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA1,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]779 hash->x, hash->len, sig->x, sig->len ) == ret );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]780
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]781exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]782 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]783}
784/* END_CASE */
785
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]786/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */
787void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
788 char *QX_str, char *QY_str,
789 int md_alg, char *msg, char *sig_str,
790 int max_ops, int min_restart, int max_restart )
791{
792 int ret, cnt_restart;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]793 mbedtls_pk_restart_ctx rs_ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]794 mbedtls_pk_context prv, pub;
795 unsigned char hash[MBEDTLS_MD_MAX_SIZE];
796 unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
797 unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
798 size_t hlen, slen, slen_check;
799 const mbedtls_md_info_t *md_info;
800
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]801 mbedtls_pk_restart_init( &rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]802 mbedtls_pk_init( &prv );
803 mbedtls_pk_init( &pub );
804 memset( hash, 0, sizeof( hash ) );
805 memset( sig, 0, sizeof( sig ) );
806 memset( sig_check, 0, sizeof( sig_check ) );
807
808 TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
809 TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 );
810 TEST_ASSERT( mbedtls_mpi_read_string( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 );
811
812 TEST_ASSERT( mbedtls_pk_setup( &pub, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
813 TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 );
814 TEST_ASSERT( mbedtls_ecp_point_read_string( &mbedtls_pk_ec( pub )->Q, 16, QX_str, QY_str ) == 0 );
815
816 slen_check = unhexify( sig_check, sig_str );
817
818 md_info = mbedtls_md_info_from_type( md_alg );
819 TEST_ASSERT( md_info != NULL );
820
821 hlen = mbedtls_md_get_size( md_info );
822 mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash );
823
824 mbedtls_ecp_set_max_ops( max_ops );
825
826 slen = sizeof( sig );
827 cnt_restart = 0;
828 do {
829 ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
830 sig, &slen, NULL, NULL, &rs_ctx );
831 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
832
833 TEST_ASSERT( ret == 0 );
834 TEST_ASSERT( slen == slen_check );
835 TEST_ASSERT( memcmp( sig, sig_check, slen ) == 0 );
836
837 TEST_ASSERT( cnt_restart >= min_restart );
838 TEST_ASSERT( cnt_restart <= max_restart );
839
840 cnt_restart = 0;
841 do {
842 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
843 hash, hlen, sig, slen, &rs_ctx );
844 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
845
846 TEST_ASSERT( ret == 0 );
847 TEST_ASSERT( cnt_restart >= min_restart );
848 TEST_ASSERT( cnt_restart <= max_restart );
849
850 hash[0]++;
851 do {
852 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
853 hash, hlen, sig, slen, &rs_ctx );
854 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
855 TEST_ASSERT( ret != 0 );
856 hash[0]--;
857
858 sig[0]++;
859 do {
860 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
861 hash, hlen, sig, slen, &rs_ctx );
862 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
863 TEST_ASSERT( ret != 0 );
864 sig[0]--;
865
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]866 /* Do we leak memory when aborting? try verify then sign
867 * This test only makes sense when we actually restart */
868 if( min_restart > 0 )
869 {
870 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
871 hash, hlen, sig, slen, &rs_ctx );
872 TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
873 mbedtls_pk_restart_free( &rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]874
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]875 slen = sizeof( sig );
876 ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
877 sig, &slen, NULL, NULL, &rs_ctx );
878 TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
879 }
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]880
881exit:
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]882 mbedtls_pk_restart_free( &rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]883 mbedtls_pk_free( &prv );
884 mbedtls_pk_free( &pub );
885}
886/* END_CASE */
887
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]888/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]889void pk_sign_verify( int type, int sign_ret, int verify_ret )
890{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]891 mbedtls_pk_context pk;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]892 unsigned char hash[50], sig[5000];
893 size_t sig_len;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]894 void *rs_ctx = NULL;
895#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]896 mbedtls_pk_restart_ctx ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]897
898 rs_ctx = &ctx;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]899 mbedtls_pk_restart_init( rs_ctx );
Manuel Pégourié-Gonnard4edb9cb2018-07-02 12:23:23 +0200[diff] [blame]900 /* This value is large enough that the operation will complete in one run.
901 * See comments at the top of ecp_test_vect_restart in
902 * test_suite_ecp.function for estimates of operation counts. */
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]903 mbedtls_ecp_set_max_ops( 42000 );
904#endif
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]905
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]906 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]907
908 memset( hash, 0x2a, sizeof hash );
909 memset( sig, 0, sizeof sig );
910
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]911 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]912 TEST_ASSERT( pk_genkey( &pk ) == 0 );
913
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]914 TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256,
915 hash, sizeof hash, sig, &sig_len,
916 rnd_std_rand, NULL, rs_ctx ) == sign_ret );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]917
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]918 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]919 hash, sizeof hash, sig, sig_len ) == verify_ret );
920
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]921 if( verify_ret == 0 )
922 {
923 hash[0]++;
924 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
925 hash, sizeof hash, sig, sig_len ) != 0 );
926 hash[0]--;
927
928 sig[0]++;
929 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
930 hash, sizeof hash, sig, sig_len ) != 0 );
931 sig[0]--;
932 }
933
934 TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
935 sig, &sig_len, rnd_std_rand, NULL ) == sign_ret );
936
937 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
938 hash, sizeof hash, sig, sig_len, rs_ctx ) == verify_ret );
939
940 if( verify_ret == 0 )
941 {
942 hash[0]++;
943 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
944 hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
945 hash[0]--;
946
947 sig[0]++;
948 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
949 hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
950 sig[0]--;
951 }
952
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]953exit:
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]954#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]955 mbedtls_pk_restart_free( rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]956#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]957 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]958}
959/* END_CASE */
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]960
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]961/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]962void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]963 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]964 data_t * result, int ret )
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]965{
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]966 unsigned char output[1000];
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]967 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]968 mbedtls_rsa_context *rsa;
969 mbedtls_pk_context pk;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]970 size_t olen;
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]971
972 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]973 memset( output, 0, sizeof( output ) );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]974
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]975
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]976 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]977 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]978 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]979
980 rsa->len = mod / 8;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]981 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
982 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]983
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]984 TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len,
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]985 output, &olen, sizeof( output ),
986 rnd_pseudo_rand, &rnd_info ) == ret );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]987 TEST_ASSERT( olen == result->len );
988 TEST_ASSERT( memcmp( output, result->x, olen ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]989
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]990exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]991 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]992}
993/* END_CASE */
994
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]995/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]996void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]997 char * input_P, int radix_Q, char * input_Q,
998 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]999 char * input_E, data_t * clear, int ret )
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1000{
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1001 unsigned char output[1000];
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1002 rnd_pseudo_info rnd_info;
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]1003 mbedtls_mpi N, P, Q, E;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1004 mbedtls_rsa_context *rsa;
1005 mbedtls_pk_context pk;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1006 size_t olen;
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1007
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1008 mbedtls_pk_init( &pk );
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]1009 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
1010 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1011
1012 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1013
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1014
1015 /* init pk-rsa context */
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]1016 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1017 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1018
1019 /* load public key */
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]1020 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1021 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1022
1023 /* load private key */
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]1024 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1025 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1026 TEST_ASSERT( mbedtls_rsa_import( rsa, &N, &P, &Q, NULL, &E ) == 0 );
1027 TEST_ASSERT( mbedtls_rsa_get_len( rsa ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1028 TEST_ASSERT( mbedtls_rsa_complete( rsa ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1029
1030 /* decryption test */
1031 memset( output, 0, sizeof( output ) );
1032 olen = 0;
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1033 TEST_ASSERT( mbedtls_pk_decrypt( &pk, cipher->x, cipher->len,
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1034 output, &olen, sizeof( output ),
1035 rnd_pseudo_rand, &rnd_info ) == ret );
1036 if( ret == 0 )
1037 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1038 TEST_ASSERT( olen == clear->len );
1039 TEST_ASSERT( memcmp( output, clear->x, olen ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1040 }
1041
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1042exit:
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]1043 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
1044 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1045 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1046}
1047/* END_CASE */
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1048
1049/* BEGIN_CASE */
1050void pk_ec_nocrypt( int type )
1051{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1052 mbedtls_pk_context pk;
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1053 unsigned char output[100];
1054 unsigned char input[100];
1055 rnd_pseudo_info rnd_info;
1056 size_t olen = 0;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1057 int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1058
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1059 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1060
1061 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
1062 memset( output, 0, sizeof( output ) );
1063 memset( input, 0, sizeof( input ) );
1064
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]1065 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1066
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1067 TEST_ASSERT( mbedtls_pk_encrypt( &pk, input, sizeof( input ),
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1068 output, &olen, sizeof( output ),
1069 rnd_pseudo_rand, &rnd_info ) == ret );
1070
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1071 TEST_ASSERT( mbedtls_pk_decrypt( &pk, input, sizeof( input ),
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1072 output, &olen, sizeof( output ),
1073 rnd_pseudo_rand, &rnd_info ) == ret );
1074
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1075exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1076 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1077}
1078/* END_CASE */
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1079
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]1080/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1081void pk_rsa_overflow( )
1082{
1083 mbedtls_pk_context pk;
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1084 size_t hash_len = SIZE_MAX, sig_len = SIZE_MAX;
1085 unsigned char hash[50], sig[100];
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]1086
1087 if( SIZE_MAX <= UINT_MAX )
1088 return;
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1089
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1090 memset( hash, 0x2a, sizeof hash );
1091 memset( sig, 0, sizeof sig );
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1092
1093 mbedtls_pk_init( &pk );
1094
1095 TEST_ASSERT( mbedtls_pk_setup( &pk,
1096 mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
1097
1098#if defined(MBEDTLS_PKCS1_V21)
1099 TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, NULL, &pk,
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1100 MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len ) ==
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1101 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
1102#endif /* MBEDTLS_PKCS1_V21 */
1103
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1104 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE, hash, hash_len,
1105 sig, sig_len ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA );
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1106
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1107 TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, hash, hash_len, sig, &sig_len,
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1108 rnd_std_rand, NULL ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA );
1109
1110exit:
1111 mbedtls_pk_free( &pk );
1112}
1113/* END_CASE */
1114
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1115/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1116void pk_rsa_alt( )
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1117{
1118 /*
1119 * An rsa_alt context can only do private operations (decrypt, sign).
1120 * Test it against the public operations (encrypt, verify) of a
1121 * corresponding rsa context.
1122 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1123 mbedtls_rsa_context raw;
1124 mbedtls_pk_context rsa, alt;
1125 mbedtls_pk_debug_item dbg_items[10];
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1126 unsigned char hash[50], sig[1000];
1127 unsigned char msg[50], ciph[1000], test[1000];
1128 size_t sig_len, ciph_len, test_len;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1129 int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1130
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1131 mbedtls_rsa_init( &raw, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
1132 mbedtls_pk_init( &rsa ); mbedtls_pk_init( &alt );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1133
1134 memset( hash, 0x2a, sizeof hash );
1135 memset( sig, 0, sizeof sig );
1136 memset( msg, 0x2a, sizeof msg );
1137 memset( ciph, 0, sizeof ciph );
1138 memset( test, 0, sizeof test );
1139
1140 /* Initiliaze PK RSA context with random key */
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]1141 TEST_ASSERT( mbedtls_pk_setup( &rsa,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1142 mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1143 TEST_ASSERT( pk_genkey( &rsa ) == 0 );
1144
1145 /* Extract key to the raw rsa context */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1146 TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1147
1148 /* Initialize PK RSA_ALT context */
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]1149 TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, (void *) &raw,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1150 mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, mbedtls_rsa_key_len_func ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1151
1152 /* Test administrative functions */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1153 TEST_ASSERT( mbedtls_pk_can_do( &alt, MBEDTLS_PK_RSA ) );
Manuel Pégourié-Gonnard097c7bb2015-06-18 16:43:38 +0200[diff] [blame]1154 TEST_ASSERT( mbedtls_pk_get_bitlen( &alt ) == RSA_KEY_SIZE );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1155 TEST_ASSERT( mbedtls_pk_get_len( &alt ) == RSA_KEY_LEN );
1156 TEST_ASSERT( mbedtls_pk_get_type( &alt ) == MBEDTLS_PK_RSA_ALT );
1157 TEST_ASSERT( strcmp( mbedtls_pk_get_name( &alt ), "RSA-alt" ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1158
1159 /* Test signature */
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]1160#if SIZE_MAX > UINT_MAX
1161 TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, SIZE_MAX,
1162 sig, &sig_len, rnd_std_rand, NULL ) ==
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1163 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]1164#endif /* SIZE_MAX > UINT_MAX */
1165 TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, sizeof hash,
1166 sig, &sig_len, rnd_std_rand, NULL ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1167 TEST_ASSERT( sig_len == RSA_KEY_LEN );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1168 TEST_ASSERT( mbedtls_pk_verify( &rsa, MBEDTLS_MD_NONE,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1169 hash, sizeof hash, sig, sig_len ) == 0 );
1170
1171 /* Test decrypt */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1172 TEST_ASSERT( mbedtls_pk_encrypt( &rsa, msg, sizeof msg,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1173 ciph, &ciph_len, sizeof ciph,
1174 rnd_std_rand, NULL ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1175 TEST_ASSERT( mbedtls_pk_decrypt( &alt, ciph, ciph_len,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1176 test, &test_len, sizeof test,
1177 rnd_std_rand, NULL ) == 0 );
1178 TEST_ASSERT( test_len == sizeof msg );
1179 TEST_ASSERT( memcmp( test, msg, test_len ) == 0 );
1180
1181 /* Test forbidden operations */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1182 TEST_ASSERT( mbedtls_pk_encrypt( &alt, msg, sizeof msg,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1183 ciph, &ciph_len, sizeof ciph,
1184 rnd_std_rand, NULL ) == ret );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1185 TEST_ASSERT( mbedtls_pk_verify( &alt, MBEDTLS_MD_NONE,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1186 hash, sizeof hash, sig, sig_len ) == ret );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1187 TEST_ASSERT( mbedtls_pk_debug( &alt, dbg_items ) == ret );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1188
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1189exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1190 mbedtls_rsa_free( &raw );
1191 mbedtls_pk_free( &rsa ); mbedtls_pk_free( &alt );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1192}
1193/* END_CASE */
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1194
1195/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
1196void pk_psa_sign( )
1197{
1198 mbedtls_pk_context pk;
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1199 unsigned char hash[50], sig[100], pkey_legacy[100], pkey_psa[100];
1200 unsigned char *pkey_legacy_start, *pkey_psa_start;
1201 size_t sig_len, klen_legacy, klen_psa;
1202 int ret;
1203 psa_key_handle_t handle;
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1204
1205 /*
1206 * This tests making signatures with a wrapped PSA key:
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1207 * - generate a fresh ECP legacy PK context
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1208 * - wrap it in a PK context and make a signature this way
1209 * - extract the public key
1210 * - parse it to a PK context and verify the signature this way
1211 */
1212
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1213 /* Create legacy EC public/private key in PK context. */
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1214 mbedtls_pk_init( &pk );
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1215 TEST_ASSERT( mbedtls_pk_setup( &pk,
1216 mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
1217 TEST_ASSERT( mbedtls_ecp_gen_key( MBEDTLS_ECP_DP_SECP256R1,
1218 (mbedtls_ecp_keypair*) pk.pk_ctx,
1219 rnd_std_rand, NULL ) == 0 );
1220
1221 /* Export underlying public key for re-importing in a legacy context. */
1222 ret = mbedtls_pk_write_pubkey_der( &pk, pkey_legacy,
1223 sizeof( pkey_legacy ) );
1224 TEST_ASSERT( ret >= 0 );
1225 klen_legacy = (size_t) ret;
1226 /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
1227 pkey_legacy_start = pkey_legacy + sizeof( pkey_legacy ) - klen_legacy;
1228
1229 /* Turn PK context into an opaque one. */
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1230 TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &handle,
1231 PSA_ALG_SHA_256 ) == 0 );
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1232
1233 memset( hash, 0x2a, sizeof hash );
1234 memset( sig, 0, sizeof sig );
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1235
1236 TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256,
1237 hash, sizeof hash, sig, &sig_len,
1238 NULL, NULL ) == 0 );
1239
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1240 /* Export underlying public key for re-importing in a psa context. */
1241 ret = mbedtls_pk_write_pubkey_der( &pk, pkey_psa,
1242 sizeof( pkey_psa ) );
1243 TEST_ASSERT( ret >= 0 );
1244 klen_psa = (size_t) ret;
1245 /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
1246 pkey_psa_start = pkey_psa + sizeof( pkey_psa ) - klen_psa;
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1247
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1248 TEST_ASSERT( klen_psa == klen_legacy );
1249 TEST_ASSERT( memcmp( pkey_psa_start, pkey_legacy_start, klen_psa ) == 0 );
1250
1251 mbedtls_pk_free( &pk );
1252 TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( handle ) );
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1253
1254 mbedtls_pk_init( &pk );
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1255 TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey_legacy_start,
1256 klen_legacy ) == 0 );
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1257 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
1258 hash, sizeof hash, sig, sig_len ) == 0 );
1259
1260exit:
1261 mbedtls_pk_free( &pk );
1262}
1263/* END_CASE */