Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 1 | /* BEGIN_HEADER */ |
| 2 | #include "mbedtls/pkcs12.h" |
Paul Elliott | 6e7deb1 | 2021-12-03 18:55:31 +0000 | [diff] [blame] | 3 | #include "common.h" |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 4 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 5 | typedef enum { |
| 6 | USE_NULL_INPUT = 0, |
| 7 | USE_GIVEN_INPUT = 1, |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 8 | } input_usage_method_t; |
| 9 | |
| 10 | /* END_HEADER */ |
| 11 | |
| 12 | /* BEGIN_DEPENDENCIES |
Paul Elliott | 3584ae4 | 2021-11-30 16:21:27 +0000 | [diff] [blame] | 13 | * depends_on:MBEDTLS_PKCS12_C |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 14 | * END_DEPENDENCIES |
| 15 | */ |
| 16 | |
Waleed Elmelegy | 8317e91 | 2023-09-07 15:46:58 +0100 | [diff] [blame] | 17 | /* BEGIN_CASE */ |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 18 | void pkcs12_derive_key(int md_type, int key_size_arg, |
| 19 | data_t *password_arg, int password_usage, |
| 20 | data_t *salt_arg, int salt_usage, |
| 21 | int iterations, |
| 22 | data_t *expected_output, int expected_status) |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 23 | |
| 24 | { |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 25 | unsigned char *output_data = NULL; |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 26 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 27 | unsigned char *password = NULL; |
| 28 | size_t password_len = 0; |
| 29 | unsigned char *salt = NULL; |
| 30 | size_t salt_len = 0; |
| 31 | size_t key_size = key_size_arg; |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 32 | |
Manuel Pégourié-Gonnard | be97afe | 2023-03-16 10:00:54 +0100 | [diff] [blame] | 33 | MD_PSA_INIT(); |
| 34 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 35 | if (password_usage == USE_GIVEN_INPUT) { |
| 36 | password = password_arg->x; |
| 37 | } |
Paul Elliott | 4768a30 | 2021-11-30 16:39:51 +0000 | [diff] [blame] | 38 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 39 | password_len = password_arg->len; |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 40 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 41 | if (salt_usage == USE_GIVEN_INPUT) { |
| 42 | salt = salt_arg->x; |
| 43 | } |
Paul Elliott | 4768a30 | 2021-11-30 16:39:51 +0000 | [diff] [blame] | 44 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 45 | salt_len = salt_arg->len; |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 46 | |
Waleed Elmelegy | 8317e91 | 2023-09-07 15:46:58 +0100 | [diff] [blame] | 47 | TEST_CALLOC(output_data, key_size); |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 48 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 49 | int ret = mbedtls_pkcs12_derivation(output_data, |
Gilles Peskine | a844b4b | 2022-09-15 21:05:04 +0200 | [diff] [blame] | 50 | key_size, |
| 51 | password, |
| 52 | password_len, |
| 53 | salt, |
| 54 | salt_len, |
| 55 | md_type, |
| 56 | MBEDTLS_PKCS12_DERIVE_KEY, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 57 | iterations); |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 58 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 59 | TEST_EQUAL(ret, expected_status); |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 60 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 61 | if (expected_status == 0) { |
Waleed Elmelegy | 75b9eb3 | 2023-09-07 17:02:37 +0100 | [diff] [blame] | 62 | TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, |
Waleed Elmelegy | 0960170 | 2023-09-07 17:48:40 +0100 | [diff] [blame] | 63 | output_data, key_size); |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 64 | } |
Paul Elliott | 6e7deb1 | 2021-12-03 18:55:31 +0000 | [diff] [blame] | 65 | |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 66 | exit: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 67 | mbedtls_free(output_data); |
Manuel Pégourié-Gonnard | be97afe | 2023-03-16 10:00:54 +0100 | [diff] [blame] | 68 | MD_PSA_DONE(); |
Paul Elliott | d663543 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 69 | } |
| 70 | /* END_CASE */ |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 71 | |
Waleed Elmelegy | 1f59ee0 | 2023-09-07 17:59:35 +0100 | [diff] [blame] | 72 | /* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 73 | void pkcs12_pbe_encrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw, |
| 74 | data_t *data, int outsize, int ref_ret, data_t *ref_out) |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 75 | { |
| 76 | int my_ret; |
Waleed Elmelegy | 15de809 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 77 | mbedtls_asn1_buf pbe_params; |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 78 | unsigned char *my_out = NULL; |
Waleed Elmelegy | 15de809 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 79 | mbedtls_cipher_type_t cipher_alg = (mbedtls_cipher_type_t) cipher; |
| 80 | mbedtls_md_type_t md_alg = (mbedtls_md_type_t) md; |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 81 | #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) |
| 82 | size_t my_out_len = 0; |
| 83 | #endif |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 84 | |
| 85 | MD_PSA_INIT(); |
| 86 | |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 87 | TEST_CALLOC(my_out, outsize); |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 88 | |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 89 | pbe_params.tag = params_tag; |
| 90 | pbe_params.len = params_hex->len; |
| 91 | pbe_params.p = params_hex->x; |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 92 | |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 93 | if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { |
| 94 | my_ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_ENCRYPT, cipher_alg, |
| 95 | md_alg, pw->x, pw->len, data->x, data->len, my_out); |
| 96 | TEST_EQUAL(my_ret, ref_ret); |
| 97 | } |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 98 | if (ref_ret == 0) { |
| 99 | ASSERT_COMPARE(my_out, ref_out->len, |
| 100 | ref_out->x, ref_out->len); |
| 101 | } |
| 102 | |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 103 | #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) |
Waleed Elmelegy | 57d09b7 | 2023-09-12 14:05:10 +0100 | [diff] [blame^] | 104 | |
| 105 | pbe_params.tag = params_tag; |
| 106 | pbe_params.len = params_hex->len; |
| 107 | pbe_params.p = params_hex->x; |
| 108 | |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 109 | my_ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_ENCRYPT, cipher_alg, |
| 110 | md_alg, pw->x, pw->len, data->x, data->len, my_out, |
| 111 | outsize, &my_out_len); |
| 112 | TEST_EQUAL(my_ret, ref_ret); |
| 113 | if (ref_ret == 0) { |
| 114 | ASSERT_COMPARE(my_out, my_out_len, |
| 115 | ref_out->x, ref_out->len); |
| 116 | } |
| 117 | #endif |
| 118 | |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 119 | exit: |
| 120 | mbedtls_free(my_out); |
| 121 | MD_PSA_DONE(); |
| 122 | } |
| 123 | /* END_CASE */ |
| 124 | |
Waleed Elmelegy | 1f59ee0 | 2023-09-07 17:59:35 +0100 | [diff] [blame] | 125 | /* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 126 | void pkcs12_pbe_decrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw, |
| 127 | data_t *data, int outsize, int ref_ret, data_t *ref_out) |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 128 | { |
| 129 | int my_ret; |
Waleed Elmelegy | 15de809 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 130 | mbedtls_asn1_buf pbe_params; |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 131 | unsigned char *my_out = NULL; |
Waleed Elmelegy | 15de809 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 132 | mbedtls_cipher_type_t cipher_alg = (mbedtls_cipher_type_t) cipher; |
| 133 | mbedtls_md_type_t md_alg = (mbedtls_md_type_t) md; |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 134 | #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) |
| 135 | size_t my_out_len = 0; |
| 136 | #endif |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 137 | |
| 138 | MD_PSA_INIT(); |
| 139 | |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 140 | TEST_CALLOC(my_out, outsize); |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 141 | |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 142 | pbe_params.tag = params_tag; |
| 143 | pbe_params.len = params_hex->len; |
| 144 | pbe_params.p = params_hex->x; |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 145 | |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 146 | if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { |
| 147 | my_ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg, |
| 148 | md_alg, pw->x, pw->len, data->x, data->len, my_out); |
| 149 | TEST_EQUAL(my_ret, ref_ret); |
| 150 | } |
| 151 | |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 152 | if (ref_ret == 0) { |
| 153 | ASSERT_COMPARE(my_out, ref_out->len, |
| 154 | ref_out->x, ref_out->len); |
| 155 | } |
| 156 | |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 157 | #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) |
Waleed Elmelegy | 57d09b7 | 2023-09-12 14:05:10 +0100 | [diff] [blame^] | 158 | |
| 159 | pbe_params.tag = params_tag; |
| 160 | pbe_params.len = params_hex->len; |
| 161 | pbe_params.p = params_hex->x; |
| 162 | |
Waleed Elmelegy | e1cb35b | 2023-09-06 15:48:08 +0100 | [diff] [blame] | 163 | my_ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg, |
| 164 | md_alg, pw->x, pw->len, data->x, data->len, my_out, |
| 165 | outsize, &my_out_len); |
| 166 | TEST_EQUAL(my_ret, ref_ret); |
| 167 | if (ref_ret == 0) { |
| 168 | ASSERT_COMPARE(my_out, my_out_len, |
| 169 | ref_out->x, ref_out->len); |
| 170 | } |
| 171 | #endif |
| 172 | |
Waleed Elmelegy | 255db80 | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 173 | exit: |
| 174 | mbedtls_free(my_out); |
| 175 | MD_PSA_DONE(); |
| 176 | } |
| 177 | /* END_CASE */ |