Blame - tests/suites/test_suite_lmots.function - mirror/mbed-tls

blob: dd8a665d58e8c0cebedfdce22fa6e5fe9715deaa [file] [log] [blame]

Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	1	/* BEGIN_HEADER */
Raef Coles	7dce69a	2022-08-24 14:07:06 +0100	[diff] [blame]	2	#include "lmots.h"
				3	#include "mbedtls/lms.h"
				4
Raef Coles	9c9027b	2022-09-02 18:26:31 +0100	[diff] [blame]	5	#if defined(MBEDTLS_TEST_HOOKS)
Raef Coles	9c9027b	2022-09-02 18:26:31 +0100	[diff] [blame]	6	int check_lmots_private_key_for_leak(unsigned char * sig)
				7	{
				8	size_t idx;
				9
				10	for( idx = MBEDTLS_LMOTS_SIG_SIGNATURE_OFFSET(MBEDTLS_LMOTS_SHA256_N32_W8);
				11	idx < MBEDTLS_LMOTS_SIG_LEN(MBEDTLS_LMOTS_SHA256_N32_W8);
				12	idx++ )
				13	{
				14	if( sig[idx] != 0x7E ) {
				15	while(1){}
				16	return 1;
				17	}
				18	}
				19
				20	return 0;
				21	}
				22	#endif /* defined(MBEDTLS_TEST_HOOKS) */
				23
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	24	/* END_HEADER */
				25
				26	/* BEGIN_DEPENDENCIES
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	27	* depends_on:MBEDTLS_LMS_C:MBEDTLS_LMS_PRIVATE:MBEDTLS_PSA_CRYPTO_C
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	28	* END_DEPENDENCIES
				29	*/
				30
				31	/* BEGIN_CASE */
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	32	void lmots_sign_verify_test ( data_t msg, data_t key_id, int leaf_id,
				33	data_t *seed )
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	34	{
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	35	mbedtls_lmots_public_t pub_ctx;
				36	mbedtls_lmots_private_t priv_ctx;
Raef Coles	e9479a0	2022-09-01 16:06:35 +0100	[diff] [blame]	37	unsigned char sig[MBEDTLS_LMOTS_SIG_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)];
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	38
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	39	mbedtls_lmots_init_public( &pub_ctx );
				40	mbedtls_lmots_init_private( &priv_ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	41
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	42	TEST_ASSERT( mbedtls_lmots_generate_private_key(&priv_ctx, MBEDTLS_LMOTS_SHA256_N32_W8,
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	43	key_id->x, leaf_id, seed->x, seed->len ) == 0 );
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	44	TEST_ASSERT( mbedtls_lmots_calculate_public_key(&pub_ctx, &priv_ctx) == 0 );
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	45	TEST_ASSERT( mbedtls_lmots_sign(&priv_ctx, &mbedtls_test_rnd_std_rand, NULL,
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	46	msg->x, msg->len, sig, sizeof(sig), NULL ) == 0 );
				47	TEST_ASSERT( mbedtls_lmots_verify(&pub_ctx, msg->x, msg->len, sig, sizeof(sig)) == 0 );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	48
				49	exit:
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	50	mbedtls_lmots_free_public( &pub_ctx );
				51	mbedtls_lmots_free_private( &priv_ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	52	}
				53	/* END_CASE */
				54
				55	/* BEGIN_CASE */
Raef Coles	9c9027b	2022-09-02 18:26:31 +0100	[diff] [blame]	56	void lmots_sign_verify_null_msg_test ( data_t key_id, int leaf_id, data_t seed )
				57	{
				58	mbedtls_lmots_public_t pub_ctx;
				59	mbedtls_lmots_private_t priv_ctx;
				60	unsigned char sig[MBEDTLS_LMOTS_SIG_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)];
				61
				62	mbedtls_lmots_init_public( &pub_ctx );
				63	mbedtls_lmots_init_private( &priv_ctx );
				64
				65	TEST_ASSERT( mbedtls_lmots_generate_private_key(&priv_ctx, MBEDTLS_LMOTS_SHA256_N32_W8,
				66	key_id->x, leaf_id, seed->x, seed->len ) == 0 );
				67	TEST_ASSERT( mbedtls_lmots_calculate_public_key(&pub_ctx, &priv_ctx) == 0 );
				68	TEST_ASSERT( mbedtls_lmots_sign(&priv_ctx, &mbedtls_test_rnd_std_rand, NULL,
				69	NULL, 0, sig, sizeof(sig), NULL ) == 0 );
				70	TEST_ASSERT( mbedtls_lmots_verify(&pub_ctx, NULL, 0, sig, sizeof(sig)) == 0 );
				71
				72	exit:
				73	mbedtls_lmots_free_public( &pub_ctx );
				74	mbedtls_lmots_free_private( &priv_ctx );
				75	}
				76	/* END_CASE */
				77
				78	/* BEGIN_CASE */
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	79	void lmots_verify_test ( data_t msg, data_t sig, data_t *pub_key,
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	80	int expected_rc )
				81	{
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	82	mbedtls_lmots_public_t ctx;
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	83
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	84	mbedtls_lmots_init_public( &ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	85
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	86	mbedtls_lmots_import_public_key( &ctx, pub_key->x, pub_key->len );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	87
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	88	TEST_ASSERT(mbedtls_lmots_verify( &ctx, msg->x, msg->len, sig->x, sig->len ) == expected_rc );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	89
				90	exit:
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	91	mbedtls_lmots_free_public( &ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	92	}
				93	/* END_CASE */
				94
				95	/* BEGIN_CASE */
				96	void lmots_import_export_test ( data_t * pub_key )
				97	{
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	98	mbedtls_lmots_public_t ctx;
Raef Coles	e9479a0	2022-09-01 16:06:35 +0100	[diff] [blame]	99	uint8_t exported_pub_key[MBEDTLS_LMOTS_PUBLIC_KEY_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)];
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	100	size_t exported_pub_key_len;
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	101
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	102	mbedtls_lmots_init_public( &ctx );
				103	TEST_ASSERT( mbedtls_lmots_import_public_key( &ctx, pub_key->x, pub_key->len ) == 0 );
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	104	TEST_ASSERT( mbedtls_lmots_export_public_key( &ctx, exported_pub_key,
				105	sizeof( exported_pub_key ),
				106	&exported_pub_key_len ) == 0 );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	107
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	108	ASSERT_COMPARE( pub_key->x, pub_key->len,
				109	exported_pub_key, exported_pub_key_len );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	110
				111	exit:
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	112	mbedtls_lmots_free_public( &ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	113	}
				114	/* END_CASE */
				115
				116	/* BEGIN_CASE */
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	117	void lmots_reuse_test ( data_t msg, data_t key_id, int leaf_id, data_t *seed )
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	118	{
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	119	mbedtls_lmots_private_t ctx;
Raef Coles	e9479a0	2022-09-01 16:06:35 +0100	[diff] [blame]	120	unsigned char sig[MBEDTLS_LMOTS_SIG_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)];
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	121
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	122	mbedtls_lmots_init_private( &ctx );
				123	TEST_ASSERT( mbedtls_lmots_generate_private_key(&ctx, MBEDTLS_LMOTS_SHA256_N32_W8,
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	124	key_id->x, leaf_id, seed->x,
				125	seed->len ) == 0 );
				126	TEST_ASSERT( mbedtls_lmots_sign(&ctx, mbedtls_test_rnd_std_rand, NULL,
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	127	msg->x, msg->len, sig, sizeof( sig ), NULL ) == 0 );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	128
				129	/* Running another sign operation should fail, since the key should now have
				130	* been erased.
				131	*/
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	132	TEST_ASSERT( mbedtls_lmots_sign(&ctx, mbedtls_test_rnd_std_rand, NULL,
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	133	msg->x, msg->len, sig, sizeof( sig ), NULL ) != 0 );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	134
				135	exit:
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	136	mbedtls_lmots_free_private( &ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	137	}
				138	/* END_CASE */
Raef Coles	9c9027b	2022-09-02 18:26:31 +0100	[diff] [blame]	139
				140	/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
				141	void lmots_signature_leak_test ( data_t msg, data_t key_id, int leaf_id,
				142	data_t *seed )
				143	{
				144	mbedtls_lmots_private_t ctx;
				145	unsigned char sig[MBEDTLS_LMOTS_SIG_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)];
				146
				147	mbedtls_lmots_sign_private_key_invalidated_hook = &check_lmots_private_key_for_leak;
				148
				149	/* Fill with recognisable pattern */
				150	memset( sig, 0x7E, sizeof( sig ) );
				151
				152	mbedtls_lmots_init_private( &ctx );
				153	TEST_ASSERT( mbedtls_lmots_generate_private_key(&ctx, MBEDTLS_LMOTS_SHA256_N32_W8,
				154	key_id->x, leaf_id, seed->x,
				155	seed->len ) == 0 );
				156	TEST_ASSERT( mbedtls_lmots_sign(&ctx, mbedtls_test_rnd_std_rand, NULL,
				157	msg->x, msg->len, sig, sizeof( sig ), NULL ) == 0 );
				158
				159	exit:
				160	mbedtls_lmots_free_private( &ctx );
				161	mbedtls_lmots_sign_private_key_invalidated_hook = NULL;
				162	}
				163	/* END_CASE */