Blame - tests/suites/test_suite_random.function - mirror/mbed-tls

blob: 147f5440c81639c44aa713fea776d6ba6b2303ac [file] [log] [blame]

Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	1	/* BEGIN_HEADER */
				2
				3	/* Test random generation as a whole. */
				4
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	5	#include "mbedtls/bignum.h"
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	6	#include "mbedtls/ctr_drbg.h"
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	7	#include "mbedtls/ecdsa.h"
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	8	#include "mbedtls/entropy.h"
				9	#include "mbedtls/hmac_drbg.h"
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	10	#include "mbedtls/psa_util.h"
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	11	#include "psa/crypto.h"
				12
				13	/* How many bytes to generate in each test case for repeated generation.
				14	* This must be high enough that the probability of generating the same
				15	* output twice is infinitesimal, but low enough that random generators
				16	* are willing to deliver that much. */
				17	#define OUTPUT_SIZE 32
				18
				19	/* END_HEADER */
				20
Mateusz Starzyk	72f60df	2021-04-30 13:28:22 +0200	[diff] [blame]	21	/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	22	void random_twice_with_ctr_drbg()
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	23	{
				24	mbedtls_entropy_context entropy;
				25	mbedtls_ctr_drbg_context drbg;
				26	unsigned char output1[OUTPUT_SIZE];
				27	unsigned char output2[OUTPUT_SIZE];
				28
Manuel Pégourié-Gonnard	e931977	2023-03-21 18:09:40 +0100	[diff] [blame]	29	MD_PSA_INIT();
				30
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	31	/* First round */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	32	mbedtls_entropy_init(&entropy);
				33	mbedtls_ctr_drbg_init(&drbg);
				34	TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg,
				35	mbedtls_entropy_func, &entropy,
				36	NULL, 0));
				37	TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg,
				38	output1, sizeof(output1)));
				39	mbedtls_ctr_drbg_free(&drbg);
				40	mbedtls_entropy_free(&entropy);
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	41
				42	/* Second round */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	43	mbedtls_entropy_init(&entropy);
				44	mbedtls_ctr_drbg_init(&drbg);
				45	TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg,
				46	mbedtls_entropy_func, &entropy,
				47	NULL, 0));
				48	TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg,
				49	output2, sizeof(output2)));
				50	mbedtls_ctr_drbg_free(&drbg);
				51	mbedtls_entropy_free(&entropy);
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	52
				53	/* The two rounds must generate different random data. */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	54	TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	55
				56	exit:
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	57	mbedtls_ctr_drbg_free(&drbg);
				58	mbedtls_entropy_free(&entropy);
Manuel Pégourié-Gonnard	e931977	2023-03-21 18:09:40 +0100	[diff] [blame]	59	MD_PSA_DONE();
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	60	}
				61	/* END_CASE */
				62
Mateusz Starzyk	72f60df	2021-04-30 13:28:22 +0200	[diff] [blame]	63	/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_HMAC_DRBG_C */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	64	void random_twice_with_hmac_drbg(int md_type)
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	65	{
				66	mbedtls_entropy_context entropy;
				67	mbedtls_hmac_drbg_context drbg;
				68	unsigned char output1[OUTPUT_SIZE];
				69	unsigned char output2[OUTPUT_SIZE];
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	70	const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	71
Manuel Pégourié-Gonnard	e931977	2023-03-21 18:09:40 +0100	[diff] [blame]	72	MD_PSA_INIT();
				73
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	74	/* First round */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	75	mbedtls_entropy_init(&entropy);
				76	mbedtls_hmac_drbg_init(&drbg);
				77	TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info,
				78	mbedtls_entropy_func, &entropy,
				79	NULL, 0));
				80	TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg,
				81	output1, sizeof(output1)));
				82	mbedtls_hmac_drbg_free(&drbg);
				83	mbedtls_entropy_free(&entropy);
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	84
				85	/* Second round */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	86	mbedtls_entropy_init(&entropy);
				87	mbedtls_hmac_drbg_init(&drbg);
				88	TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info,
				89	mbedtls_entropy_func, &entropy,
				90	NULL, 0));
				91	TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg,
				92	output2, sizeof(output2)));
				93	mbedtls_hmac_drbg_free(&drbg);
				94	mbedtls_entropy_free(&entropy);
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	95
				96	/* The two rounds must generate different random data. */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	97	TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	98
				99	exit:
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	100	mbedtls_hmac_drbg_free(&drbg);
				101	mbedtls_entropy_free(&entropy);
Manuel Pégourié-Gonnard	e931977	2023-03-21 18:09:40 +0100	[diff] [blame]	102	MD_PSA_DONE();
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	103	}
				104	/* END_CASE */
				105
Mateusz Starzyk	72f60df	2021-04-30 13:28:22 +0200	[diff] [blame]	106	/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	107	void random_twice_with_psa_from_classic()
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	108	{
				109	unsigned char output1[OUTPUT_SIZE];
				110	unsigned char output2[OUTPUT_SIZE];
				111
				112	/* First round */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	113	PSA_ASSERT(psa_crypto_init());
				114	TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
				115	output1, sizeof(output1)));
				116	PSA_DONE();
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	117
				118	/* Second round */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	119	PSA_ASSERT(psa_crypto_init());
				120	TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
				121	output2, sizeof(output2)));
				122	PSA_DONE();
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	123
				124	/* The two rounds must generate different random data. */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	125	TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	126
				127	exit:
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	128	PSA_DONE();
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	129	}
				130	/* END_CASE */
				131
Mateusz Starzyk	72f60df	2021-04-30 13:28:22 +0200	[diff] [blame]	132	/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	133	void random_twice_with_psa_from_psa()
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	134	{
				135	unsigned char output1[OUTPUT_SIZE];
				136	unsigned char output2[OUTPUT_SIZE];
				137
				138	/* First round */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	139	PSA_ASSERT(psa_crypto_init());
				140	PSA_ASSERT(psa_generate_random(output1, sizeof(output1)));
				141	PSA_DONE();
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	142
				143	/* Second round */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	144	PSA_ASSERT(psa_crypto_init());
				145	PSA_ASSERT(psa_generate_random(output2, sizeof(output2)));
				146	PSA_DONE();
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	147
				148	/* The two rounds must generate different random data. */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	149	TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	150
				151	exit:
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	152	PSA_DONE();
Gilles Peskine	077599a	2021-02-03 18:55:39 +0100	[diff] [blame]	153	}
				154	/* END_CASE */
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	155
				156	/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	157	void mbedtls_psa_get_random_no_init()
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	158	{
				159	unsigned char output[1];
				160
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	161	TEST_ASSERT(mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
				162	output, sizeof(output)) != 0);
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	163	}
				164	/* END_CASE */
				165
				166	/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	167	void mbedtls_psa_get_random_length(int n)
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	168	{
				169	unsigned char *output = NULL;
				170
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	171	PSA_ASSERT(psa_crypto_init());
Tom Cosgrove	f9ffd11	2023-07-20 16:48:18 +0100	[diff] [blame]	172	TEST_CALLOC_OR_FAIL(output, n);
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	173
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	174	TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
				175	output, n));
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	176	exit:
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	177	mbedtls_free(output);
				178	PSA_DONE();
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	179	}
				180	/* END_CASE */
				181
				182	/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ECDSA_C */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	183	void mbedtls_psa_get_random_ecdsa_sign(int curve)
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	184	{
				185	mbedtls_ecp_group grp;
				186	mbedtls_mpi d, r, s;
				187	unsigned char buf[] = "This is not a hash.";
				188
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	189	mbedtls_ecp_group_init(&grp);
				190	mbedtls_mpi_init(&d);
				191	mbedtls_mpi_init(&r);
				192	mbedtls_mpi_init(&s);
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	193
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	194	TEST_EQUAL(0, mbedtls_mpi_lset(&d, 123456789));
				195	TEST_EQUAL(0, mbedtls_ecp_group_load(&grp, curve));
				196	PSA_ASSERT(psa_crypto_init());
				197	TEST_EQUAL(0, mbedtls_ecdsa_sign(&grp, &r, &s, &d,
				198	buf, sizeof(buf),
				199	mbedtls_psa_get_random,
				200	MBEDTLS_PSA_RANDOM_STATE));
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	201	exit:
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	202	mbedtls_mpi_free(&d);
				203	mbedtls_mpi_free(&r);
				204	mbedtls_mpi_free(&s);
				205	mbedtls_ecp_group_free(&grp);
				206	PSA_DONE();
Gilles Peskine	e3ed802	2021-02-03 20:04:08 +0100	[diff] [blame]	207	}
				208	/* END_CASE */