TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 30668d688d0b80c4f070535bcb675aff381d1216 / . / tests / suites / test_suite_pk.function
blob: dc7dee94ee1962935c1ff7c320c7f72c1fda9ffd [file] [log] [blame]
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]1/* BEGIN_HEADER */
2#include <polarssl/pk.h>
3
4static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
5
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]6#define RSA_KEY_SIZE 512
7#define RSA_KEY_LEN 64
8
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]9static int pk_genkey( pk_context *pk )
10{
Paul Bakkera5320902013-12-19 17:29:52 +0100[diff] [blame]11 ((void) pk);
12
13#if defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME)
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]14 if( pk_get_type( pk ) == POLARSSL_PK_RSA )
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]15 return rsa_gen_key( pk_rsa( *pk ), rnd_std_rand, NULL, RSA_KEY_SIZE, 3 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]16#endif
17#if defined(POLARSSL_ECP_C)
18 if( pk_get_type( pk ) == POLARSSL_PK_ECKEY ||
19 pk_get_type( pk ) == POLARSSL_PK_ECKEY_DH ||
20 pk_get_type( pk ) == POLARSSL_PK_ECDSA )
21 {
22 int ret;
23 if( ( ret = ecp_use_known_dp( &pk_ec( *pk )->grp,
24 POLARSSL_ECP_DP_SECP192R1 ) ) != 0 )
25 return( ret );
26
27 return ecp_gen_keypair( &pk_ec( *pk )->grp, &pk_ec( *pk )->d,
28 &pk_ec( *pk )->Q, rnd_std_rand, NULL );
29 }
30#endif
31 return( -1 );
32}
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]33
34#if defined(POLARSSL_RSA_C)
35int rsa_decrypt_func( void *ctx, int mode, size_t *olen,
36 const unsigned char *input, unsigned char *output,
37 size_t output_max_len )
38{
39 return( rsa_pkcs1_decrypt( (rsa_context *) ctx, NULL, NULL, mode, olen,
40 input, output, output_max_len ) );
41}
42int rsa_sign_func( void *ctx,
43 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
44 int mode, md_type_t md_alg, unsigned int hashlen,
45 const unsigned char *hash, unsigned char *sig )
46{
47 return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, mode,
48 md_alg, hashlen, hash, sig ) );
49}
50size_t rsa_key_len_func( void *ctx )
51{
52 return( ((const rsa_context *) ctx)->len );
53}
54#endif /* POLARSSL_RSA_C */
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]55/* END_HEADER */
56
57/* BEGIN_DEPENDENCIES
58 * depends_on:POLARSSL_PK_C
59 * END_DEPENDENCIES
60 */
61
62/* BEGIN_CASE */
63void pk_utils( int type, int size, int len, char *name )
64{
65 pk_context pk;
66
67 pk_init( &pk );
68
69 TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( type ) ) == 0 );
70 TEST_ASSERT( pk_genkey( &pk ) == 0 );
71
72 TEST_ASSERT( (int) pk_get_type( &pk ) == type );
73 TEST_ASSERT( pk_can_do( &pk, type ) );
74 TEST_ASSERT( pk_get_size( &pk ) == (unsigned) size );
75 TEST_ASSERT( pk_get_len( &pk ) == (unsigned) len );
76 TEST_ASSERT( strcmp( pk_get_name( &pk), name ) == 0 );
77
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]78exit:
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]79 pk_free( &pk );
80}
81/* END_CASE */
82
Manuel Pégourié-Gonnarddfab4c12014-01-22 15:45:04 +0100[diff] [blame]83/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
Paul Bakker42099c32014-01-27 11:45:49 +0100[diff] [blame]84void pk_rsa_verify_test_vec( char *message_hex_string, int digest,
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]85 int mod, int radix_N, char *input_N, int radix_E,
86 char *input_E, char *result_hex_str, int result )
87{
88 unsigned char message_str[1000];
89 unsigned char hash_result[1000];
90 unsigned char result_str[1000];
Paul Bakker42099c32014-01-27 11:45:49 +0100[diff] [blame]91 rsa_context *rsa;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]92 pk_context pk;
93 int msg_len;
94
95 pk_init( &pk );
96
97 memset( message_str, 0x00, 1000 );
98 memset( hash_result, 0x00, 1000 );
99 memset( result_str, 0x00, 1000 );
100
101 TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 );
Paul Bakker42099c32014-01-27 11:45:49 +0100[diff] [blame]102 rsa = pk_rsa( pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]103
Paul Bakker42099c32014-01-27 11:45:49 +0100[diff] [blame]104 rsa->len = mod / 8;
105 TEST_ASSERT( mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
106 TEST_ASSERT( mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]107
108 msg_len = unhexify( message_str, message_hex_string );
109 unhexify( result_str, result_hex_str );
110
111 if( md_info_from_type( digest ) != NULL )
112 TEST_ASSERT( md( md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
113
114 TEST_ASSERT( pk_verify( &pk, digest, hash_result, 0,
115 result_str, pk_get_len( &pk ) ) == result );
116
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]117exit:
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]118 pk_free( &pk );
119}
120/* END_CASE */
121
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]122/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
123void pk_rsa_verify_ext_test_vec( char *message_hex_string, int digest,
124 int mod, int radix_N, char *input_N, int radix_E,
125 char *input_E, char *result_hex_str,
126 int pk_type, int mgf1_hash_id, int salt_len,
127 int result )
128{
129 unsigned char message_str[1000];
130 unsigned char hash_result[1000];
131 unsigned char result_str[1000];
132 rsa_context *rsa;
133 pk_context pk;
134 pk_rsassa_pss_options pss_opts;
135 void *options;
136 int msg_len;
137 size_t hash_len;
138
139 pk_init( &pk );
140
141 memset( message_str, 0x00, 1000 );
142 memset( hash_result, 0x00, 1000 );
143 memset( result_str, 0x00, 1000 );
144
145 TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 );
146 rsa = pk_rsa( pk );
147
148 rsa->len = mod / 8;
149 TEST_ASSERT( mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
150 TEST_ASSERT( mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
151
152 msg_len = unhexify( message_str, message_hex_string );
153 unhexify( result_str, result_hex_str );
154
155 if( digest != POLARSSL_MD_NONE )
156 {
157 TEST_ASSERT( md( md_info_from_type( digest ),
158 message_str, msg_len, hash_result ) == 0 );
159 hash_len = 0;
160 }
161 else
162 {
163 memcpy( hash_result, message_str, msg_len );
164 hash_len = msg_len;
165 }
166
167 if( mgf1_hash_id < 0 )
168 {
169 options = NULL;
170 }
171 else
172 {
173 options = &pss_opts;
174
175 pss_opts.mgf1_hash_id = mgf1_hash_id;
176 pss_opts.expected_salt_len = salt_len;
177 }
178
179 TEST_ASSERT( pk_verify_ext( pk_type, options, &pk,
180 digest, hash_result, hash_len,
181 result_str, pk_get_len( &pk ) ) == result );
182
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]183exit:
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]184 pk_free( &pk );
185}
186/* END_CASE */
187
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]188/* BEGIN_CASE depends_on:POLARSSL_ECDSA_C */
189void pk_ec_test_vec( int type, int id, char *key_str,
190 char *hash_str, char * sig_str, int ret )
191{
192 pk_context pk;
193 ecp_keypair *eckey;
194 unsigned char hash[100], sig[500], key[500];
195 size_t hash_len, sig_len, key_len;
196
197 pk_init( &pk );
198
199 memset( hash, 0, sizeof( hash ) ); hash_len = unhexify(hash, hash_str);
200 memset( sig, 0, sizeof( sig ) ); sig_len = unhexify(sig, sig_str);
201 memset( key, 0, sizeof( key ) ); key_len = unhexify(key, key_str);
202
203 TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( type ) ) == 0 );
204
205 TEST_ASSERT( pk_can_do( &pk, POLARSSL_PK_ECDSA ) );
206 eckey = pk_ec( pk );
207
208 TEST_ASSERT( ecp_use_known_dp( &eckey->grp, id ) == 0 );
209 TEST_ASSERT( ecp_point_read_binary( &eckey->grp, &eckey->Q,
210 key, key_len ) == 0 );
211
212 TEST_ASSERT( pk_verify( &pk, POLARSSL_MD_NONE,
213 hash, hash_len, sig, sig_len ) == ret );
214
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]215exit:
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]216 pk_free( &pk );
217}
218/* END_CASE */
219
220/* BEGIN_CASE */
221void pk_sign_verify( int type, int sign_ret, int verify_ret )
222{
223 pk_context pk;
224 unsigned char hash[50], sig[5000];
225 size_t sig_len;
226
227 pk_init( &pk );
228
229 memset( hash, 0x2a, sizeof hash );
230 memset( sig, 0, sizeof sig );
231
232 TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( type ) ) == 0 );
233 TEST_ASSERT( pk_genkey( &pk ) == 0 );
234
235 TEST_ASSERT( pk_sign( &pk, POLARSSL_MD_NONE, hash, sizeof hash,
236 sig, &sig_len, rnd_std_rand, NULL ) == sign_ret );
237
238 TEST_ASSERT( pk_verify( &pk, POLARSSL_MD_NONE,
239 hash, sizeof hash, sig, sig_len ) == verify_ret );
240
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]241exit:
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]242 pk_free( &pk );
243}
244/* END_CASE */
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]245
246/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
247void pk_rsa_encrypt_test_vec( char *message_hex, int mod,
248 int radix_N, char *input_N,
249 int radix_E, char *input_E,
250 char *result_hex, int ret )
251{
252 unsigned char message[1000];
253 unsigned char output[1000];
254 unsigned char result[1000];
255 size_t msg_len, olen, res_len;
256 rnd_pseudo_info rnd_info;
257 rsa_context *rsa;
258 pk_context pk;
259
260 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
261 memset( message, 0, sizeof( message ) );
262 memset( output, 0, sizeof( output ) );
263 memset( result, 0, sizeof( result ) );
264
265 msg_len = unhexify( message, message_hex );
266 res_len = unhexify( result, result_hex );
267
268 pk_init( &pk );
269 TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 );
270 rsa = pk_rsa( pk );
271
272 rsa->len = mod / 8;
273 TEST_ASSERT( mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
274 TEST_ASSERT( mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
275
276 TEST_ASSERT( pk_encrypt( &pk, message, msg_len,
277 output, &olen, sizeof( output ),
278 rnd_pseudo_rand, &rnd_info ) == ret );
279 TEST_ASSERT( olen == res_len );
280 TEST_ASSERT( memcmp( output, result, olen ) == 0 );
281
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]282exit:
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]283 pk_free( &pk );
284}
285/* END_CASE */
286
287/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
288void pk_rsa_decrypt_test_vec( char *cipher_hex, int mod,
289 int radix_P, char *input_P,
290 int radix_Q, char *input_Q,
291 int radix_N, char *input_N,
292 int radix_E, char *input_E,
293 char *clear_hex, int ret )
294{
295 unsigned char clear[1000];
296 unsigned char output[1000];
297 unsigned char cipher[1000];
298 size_t clear_len, olen, cipher_len;
299 rnd_pseudo_info rnd_info;
300 mpi P1, Q1, H, G;
301 rsa_context *rsa;
302 pk_context pk;
303
304 pk_init( &pk );
305 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
306
307 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
308 memset( clear, 0, sizeof( clear ) );
309 memset( cipher, 0, sizeof( cipher ) );
310
311 clear_len = unhexify( clear, clear_hex );
312 cipher_len = unhexify( cipher, cipher_hex );
313
314 /* init pk-rsa context */
315 TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 );
316 rsa = pk_rsa( pk );
317
318 /* load public key */
319 rsa->len = mod / 8;
320 TEST_ASSERT( mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
321 TEST_ASSERT( mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
322
323 /* load private key */
324 TEST_ASSERT( mpi_read_string( &rsa->P, radix_P, input_P ) == 0 );
325 TEST_ASSERT( mpi_read_string( &rsa->Q, radix_Q, input_Q ) == 0 );
326 TEST_ASSERT( mpi_sub_int( &P1, &rsa->P, 1 ) == 0 );
327 TEST_ASSERT( mpi_sub_int( &Q1, &rsa->Q, 1 ) == 0 );
328 TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
329 TEST_ASSERT( mpi_gcd( &G, &rsa->E, &H ) == 0 );
330 TEST_ASSERT( mpi_inv_mod( &rsa->D , &rsa->E, &H ) == 0 );
331 TEST_ASSERT( mpi_mod_mpi( &rsa->DP, &rsa->D, &P1 ) == 0 );
332 TEST_ASSERT( mpi_mod_mpi( &rsa->DQ, &rsa->D, &Q1 ) == 0 );
333 TEST_ASSERT( mpi_inv_mod( &rsa->QP, &rsa->Q, &rsa->P ) == 0 );
334
335 /* decryption test */
336 memset( output, 0, sizeof( output ) );
337 olen = 0;
338 TEST_ASSERT( pk_decrypt( &pk, cipher, cipher_len,
339 output, &olen, sizeof( output ),
340 rnd_pseudo_rand, &rnd_info ) == ret );
341 if( ret == 0 )
342 {
343 TEST_ASSERT( olen == clear_len );
344 TEST_ASSERT( memcmp( output, clear, olen ) == 0 );
345 }
346
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]347exit:
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]348 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
349 pk_free( &pk );
350}
351/* END_CASE */
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]352
353/* BEGIN_CASE */
354void pk_ec_nocrypt( int type )
355{
356 pk_context pk;
357 unsigned char output[100];
358 unsigned char input[100];
359 rnd_pseudo_info rnd_info;
360 size_t olen = 0;
361 int ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
362
363 pk_init( &pk );
364
365 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
366 memset( output, 0, sizeof( output ) );
367 memset( input, 0, sizeof( input ) );
368
369 TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( type ) ) == 0 );
370
371 TEST_ASSERT( pk_encrypt( &pk, input, sizeof( input ),
372 output, &olen, sizeof( output ),
373 rnd_pseudo_rand, &rnd_info ) == ret );
374
375 TEST_ASSERT( pk_decrypt( &pk, input, sizeof( input ),
376 output, &olen, sizeof( output ),
377 rnd_pseudo_rand, &rnd_info ) == ret );
378
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]379exit:
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]380 pk_free( &pk );
381}
382/* END_CASE */
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]383
384/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
385void pk_rsa_alt( )
386{
387 /*
388 * An rsa_alt context can only do private operations (decrypt, sign).
389 * Test it against the public operations (encrypt, verify) of a
390 * corresponding rsa context.
391 */
392 rsa_context raw;
393 pk_context rsa, alt;
394 pk_debug_item dbg_items[10];
395 unsigned char hash[50], sig[1000];
396 unsigned char msg[50], ciph[1000], test[1000];
397 size_t sig_len, ciph_len, test_len;
398 int ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
399
400 rsa_init( &raw, RSA_PKCS_V15, POLARSSL_MD_NONE );
401 pk_init( &rsa ); pk_init( &alt );
402
403 memset( hash, 0x2a, sizeof hash );
404 memset( sig, 0, sizeof sig );
405 memset( msg, 0x2a, sizeof msg );
406 memset( ciph, 0, sizeof ciph );
407 memset( test, 0, sizeof test );
408
409 /* Initiliaze PK RSA context with random key */
410 TEST_ASSERT( pk_init_ctx( &rsa,
411 pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 );
412 TEST_ASSERT( pk_genkey( &rsa ) == 0 );
413
414 /* Extract key to the raw rsa context */
415 TEST_ASSERT( rsa_copy( &raw, pk_rsa( rsa ) ) == 0 );
416
417 /* Initialize PK RSA_ALT context */
418 TEST_ASSERT( pk_init_ctx_rsa_alt( &alt, (void *) &raw,
419 rsa_decrypt_func, rsa_sign_func, rsa_key_len_func ) == 0 );
420
421 /* Test administrative functions */
422 TEST_ASSERT( pk_can_do( &alt, POLARSSL_PK_RSA ) );
423 TEST_ASSERT( pk_get_size( &alt ) == RSA_KEY_SIZE );
424 TEST_ASSERT( pk_get_len( &alt ) == RSA_KEY_LEN );
425 TEST_ASSERT( pk_get_type( &alt ) == POLARSSL_PK_RSA_ALT );
426 TEST_ASSERT( strcmp( pk_get_name( &alt ), "RSA-alt" ) == 0 );
427
428 /* Test signature */
429 TEST_ASSERT( pk_sign( &alt, POLARSSL_MD_NONE, hash, sizeof hash,
430 sig, &sig_len, rnd_std_rand, NULL ) == 0 );
431 TEST_ASSERT( sig_len == RSA_KEY_LEN );
432 TEST_ASSERT( pk_verify( &rsa, POLARSSL_MD_NONE,
433 hash, sizeof hash, sig, sig_len ) == 0 );
434
435 /* Test decrypt */
436 TEST_ASSERT( pk_encrypt( &rsa, msg, sizeof msg,
437 ciph, &ciph_len, sizeof ciph,
438 rnd_std_rand, NULL ) == 0 );
439 TEST_ASSERT( pk_decrypt( &alt, ciph, ciph_len,
440 test, &test_len, sizeof test,
441 rnd_std_rand, NULL ) == 0 );
442 TEST_ASSERT( test_len == sizeof msg );
443 TEST_ASSERT( memcmp( test, msg, test_len ) == 0 );
444
445 /* Test forbidden operations */
446 TEST_ASSERT( pk_encrypt( &alt, msg, sizeof msg,
447 ciph, &ciph_len, sizeof ciph,
448 rnd_std_rand, NULL ) == ret );
449 TEST_ASSERT( pk_verify( &alt, POLARSSL_MD_NONE,
450 hash, sizeof hash, sig, sig_len ) == ret );
451 TEST_ASSERT( pk_debug( &alt, dbg_items ) == ret );
452
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]453exit:
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]454 rsa_free( &raw );
455 pk_free( &rsa ); pk_free( &alt );
456}
457/* END_CASE */