TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 875b5fb7faaecfc9a9d516fae1b0f8e61a80a909 / . / tests / suites / test_suite_ecp.function
blob: 9b8ba8201e6d5ec0cbc85719ee8bfa1e39e2c209 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/ecp.h"
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]3
Gilles Peskine618be2e2021-04-03 21:47:53 +0200[diff] [blame]4#include "ecp_invasive.h"
5
6#if defined(MBEDTLS_TEST_HOOKS) && \
7 ( defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
8 defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
9 defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) )
10#define HAVE_FIX_NEGATIVE
11#endif
12
Manuel Pégourié-Gonnard6c7af4c2015-04-03 16:41:52 +0200[diff] [blame]13#define ECP_PF_UNKNOWN -1
Manuel Pégourié-Gonnard7a28e992018-10-16 11:22:45 +0200[diff] [blame]14
15#define ECP_PT_RESET( x ) \
16 mbedtls_ecp_point_free( x ); \
17 mbedtls_ecp_point_init( x );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]18/* END_HEADER */
Manuel Pégourié-Gonnard4b8c3f22012-11-07 21:39:45 +0100[diff] [blame]19
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]20/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]21 * depends_on:MBEDTLS_ECP_C
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]22 * END_DEPENDENCIES
23 */
Manuel Pégourié-Gonnard4b8c3f22012-11-07 21:39:45 +0100[diff] [blame]24
Hanno Becker57b684f2018-12-18 12:50:02 +0000[diff] [blame]25/* BEGIN_CASE */
26void ecp_valid_param( )
27{
Hanno Becker807c1072018-12-18 23:45:14 +0000[diff] [blame]28 TEST_VALID_PARAM( mbedtls_ecp_group_free( NULL ) );
Hanno Becker57b684f2018-12-18 12:50:02 +0000[diff] [blame]29 TEST_VALID_PARAM( mbedtls_ecp_keypair_free( NULL ) );
30 TEST_VALID_PARAM( mbedtls_ecp_point_free( NULL ) );
31
32#if defined(MBEDTLS_ECP_RESTARTABLE)
33 TEST_VALID_PARAM( mbedtls_ecp_restart_free( NULL ) );
34#endif /* MBEDTLS_ECP_RESTARTABLE */
35
36exit:
37 return;
38}
39/* END_CASE */
40
Hanno Becker12dff032018-12-14 15:08:13 +0000[diff] [blame]41/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
42void ecp_invalid_param( )
43{
44 mbedtls_ecp_group grp;
Hanno Becker12dff032018-12-14 15:08:13 +0000[diff] [blame]45 mbedtls_ecp_point P;
Hanno Becker12dff032018-12-14 15:08:13 +0000[diff] [blame]46 int invalid_fmt = 42;
47 size_t olen;
48 unsigned char buf[42] = { 0 };
Hanno Becker12dff032018-12-14 15:08:13 +0000[diff] [blame]49
Ronald Cron875b5fb2021-05-21 08:50:00 +0200[diff] [blame^]50 TEST_EQUAL( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
Hanno Becker12dff032018-12-14 15:08:13 +0000[diff] [blame]51 mbedtls_ecp_point_write_binary( &grp, &P,
52 invalid_fmt,
53 &olen,
54 buf, sizeof( buf ) ) );
Ronald Cron875b5fb2021-05-21 08:50:00 +0200[diff] [blame^]55 TEST_EQUAL( MBEDTLS_ERR_ECP_BAD_INPUT_DATA,
Hanno Becker12dff032018-12-14 15:08:13 +0000[diff] [blame]56 mbedtls_ecp_tls_write_point( &grp, &P,
57 invalid_fmt,
58 &olen,
59 buf,
60 sizeof( buf ) ) );
Hanno Becker12dff032018-12-14 15:08:13 +0000[diff] [blame]61
62exit:
63 return;
64}
65/* END_CASE */
66
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]67/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]68void mbedtls_ecp_curve_info( int id, int tls_id, int size, char * name )
Manuel Pégourié-Gonnard0267e3d2013-11-30 15:10:14 +0100[diff] [blame]69{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]70 const mbedtls_ecp_curve_info *by_id, *by_tls, *by_name;
Manuel Pégourié-Gonnard0267e3d2013-11-30 15:10:14 +0100[diff] [blame]71
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]72 by_id = mbedtls_ecp_curve_info_from_grp_id( id );
73 by_tls = mbedtls_ecp_curve_info_from_tls_id( tls_id );
74 by_name = mbedtls_ecp_curve_info_from_name( name );
Paul Bakker94b916c2014-04-17 16:07:20 +0200[diff] [blame]75 TEST_ASSERT( by_id != NULL );
76 TEST_ASSERT( by_tls != NULL );
77 TEST_ASSERT( by_name != NULL );
Manuel Pégourié-Gonnard0267e3d2013-11-30 15:10:14 +0100[diff] [blame]78
79 TEST_ASSERT( by_id == by_tls );
80 TEST_ASSERT( by_id == by_name );
81
Manuel Pégourié-Gonnard797f48a2015-06-18 15:45:05 +0200[diff] [blame]82 TEST_ASSERT( by_id->bit_size == size );
Manuel Pégourié-Gonnard0267e3d2013-11-30 15:10:14 +0100[diff] [blame]83}
84/* END_CASE */
85
86/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]87void ecp_check_pub( int grp_id, char * x_hex, char * y_hex, char * z_hex,
88 int ret )
Manuel Pégourié-Gonnard312d2e82013-12-04 11:08:01 +0100[diff] [blame]89{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]90 mbedtls_ecp_group grp;
91 mbedtls_ecp_point P;
Manuel Pégourié-Gonnard312d2e82013-12-04 11:08:01 +0100[diff] [blame]92
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]93 mbedtls_ecp_group_init( &grp );
94 mbedtls_ecp_point_init( &P );
Manuel Pégourié-Gonnard312d2e82013-12-04 11:08:01 +0100[diff] [blame]95
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]96 TEST_ASSERT( mbedtls_ecp_group_load( &grp, grp_id ) == 0 );
Manuel Pégourié-Gonnard312d2e82013-12-04 11:08:01 +0100[diff] [blame]97
Janos Follath28fff142017-01-27 15:51:14 +0000[diff] [blame]98 TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x_hex ) == 0 );
99 TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y_hex ) == 0 );
100 TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z_hex ) == 0 );
Manuel Pégourié-Gonnard312d2e82013-12-04 11:08:01 +0100[diff] [blame]101
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]102 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &P ) == ret );
Manuel Pégourié-Gonnard312d2e82013-12-04 11:08:01 +0100[diff] [blame]103
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]104exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]105 mbedtls_ecp_group_free( &grp );
106 mbedtls_ecp_point_free( &P );
Manuel Pégourié-Gonnard312d2e82013-12-04 11:08:01 +0100[diff] [blame]107}
108/* END_CASE */
109
Manuel Pégourié-Gonnard4b9c51e2017-04-20 15:50:26 +0200[diff] [blame]110/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]111void ecp_test_vect_restart( int id,
112 char *dA_str, char *xA_str, char *yA_str,
113 char *dB_str, char *xZ_str, char *yZ_str,
114 int max_ops, int min_restarts, int max_restarts )
115{
116 /*
117 * Test for early restart. Based on test vectors like ecp_test_vect(),
118 * but for the sake of simplicity only does half of each side. It's
119 * important to test both base point and random point, though, as memory
120 * management is different in each case.
121 *
122 * Don't try using too precise bounds for restarts as the exact number
123 * will depend on settings such as MBEDTLS_ECP_FIXED_POINT_OPTIM and
124 * MBEDTLS_ECP_WINDOW_SIZE, as well as implementation details that may
125 * change in the future. A factor 2 is a minimum safety margin.
126 *
127 * For reference, with mbed TLS 2.4 and default settings, for P-256:
Manuel Pégourié-Gonnard9c5c78f2017-03-20 14:13:07 +0100[diff] [blame]128 * - Random point mult: ~3250M
129 * - Cold base point mult: ~3300M
130 * - Hot base point mult: ~1100M
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]131 * With MBEDTLS_ECP_WINDOW_SIZE set to 2 (minimum):
Manuel Pégourié-Gonnard9c5c78f2017-03-20 14:13:07 +0100[diff] [blame]132 * - Random point mult: ~3850M
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]133 */
Manuel Pégourié-Gonnardb739a712017-04-19 10:11:56 +0200[diff] [blame]134 mbedtls_ecp_restart_ctx ctx;
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]135 mbedtls_ecp_group grp;
Manuel Pégourié-Gonnard7a28e992018-10-16 11:22:45 +0200[diff] [blame]136 mbedtls_ecp_point R, P;
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]137 mbedtls_mpi dA, xA, yA, dB, xZ, yZ;
138 int cnt_restarts;
139 int ret;
140
Manuel Pégourié-Gonnardb739a712017-04-19 10:11:56 +0200[diff] [blame]141 mbedtls_ecp_restart_init( &ctx );
Manuel Pégourié-Gonnard7a28e992018-10-16 11:22:45 +0200[diff] [blame]142 mbedtls_ecp_group_init( &grp );
143 mbedtls_ecp_point_init( &R ); mbedtls_ecp_point_init( &P );
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]144 mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA );
145 mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ );
146
147 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
148
149 TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
150 TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
151 TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
152
153 TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
154 TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
155 TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
156
157 mbedtls_ecp_set_max_ops( (unsigned) max_ops );
158
159 /* Base point case */
160 cnt_restarts = 0;
161 do {
Manuel Pégourié-Gonnard7a28e992018-10-16 11:22:45 +0200[diff] [blame]162 ECP_PT_RESET( &R );
Manuel Pégourié-Gonnardb739a712017-04-19 10:11:56 +0200[diff] [blame]163 ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G, NULL, NULL, &ctx );
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]164 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]165
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]166 TEST_ASSERT( ret == 0 );
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]167 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
168 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 );
169
170 TEST_ASSERT( cnt_restarts >= min_restarts );
171 TEST_ASSERT( cnt_restarts <= max_restarts );
172
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]173 /* Non-base point case */
Manuel Pégourié-Gonnard7a28e992018-10-16 11:22:45 +0200[diff] [blame]174 mbedtls_ecp_copy( &P, &R );
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]175 cnt_restarts = 0;
176 do {
Manuel Pégourié-Gonnard7a28e992018-10-16 11:22:45 +0200[diff] [blame]177 ECP_PT_RESET( &R );
178 ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx );
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]179 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]180
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]181 TEST_ASSERT( ret == 0 );
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]182 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
183 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
184
185 TEST_ASSERT( cnt_restarts >= min_restarts );
186 TEST_ASSERT( cnt_restarts <= max_restarts );
187
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]188 /* Do we leak memory when aborting an operation?
189 * This test only makes sense when we actually restart */
190 if( min_restarts > 0 )
191 {
Manuel Pégourié-Gonnard7a28e992018-10-16 11:22:45 +0200[diff] [blame]192 ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx );
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]193 TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
194 }
Manuel Pégourié-Gonnard77af79a2017-03-14 10:58:00 +0100[diff] [blame]195
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]196exit:
Manuel Pégourié-Gonnardb739a712017-04-19 10:11:56 +0200[diff] [blame]197 mbedtls_ecp_restart_free( &ctx );
Manuel Pégourié-Gonnard7a28e992018-10-16 11:22:45 +0200[diff] [blame]198 mbedtls_ecp_group_free( &grp );
199 mbedtls_ecp_point_free( &R ); mbedtls_ecp_point_free( &P );
Manuel Pégourié-Gonnard510d5ca2017-03-08 11:41:47 +0100[diff] [blame]200 mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); mbedtls_mpi_free( &yA );
201 mbedtls_mpi_free( &dB ); mbedtls_mpi_free( &xZ ); mbedtls_mpi_free( &yZ );
202}
203/* END_CASE */
204
Manuel Pégourié-Gonnard4b9c51e2017-04-20 15:50:26 +0200[diff] [blame]205/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
Manuel Pégourié-Gonnard54dd6522017-04-20 13:36:18 +0200[diff] [blame]206void ecp_muladd_restart( int id, char *xR_str, char *yR_str,
207 char *u1_str, char *u2_str,
208 char *xQ_str, char *yQ_str,
209 int max_ops, int min_restarts, int max_restarts )
210{
211 /*
212 * Compute R = u1 * G + u2 * Q
213 * (test vectors mostly taken from ECDSA intermediate results)
214 *
215 * See comments at the top of ecp_test_vect_restart()
216 */
217 mbedtls_ecp_restart_ctx ctx;
218 mbedtls_ecp_group grp;
219 mbedtls_ecp_point R, Q;
220 mbedtls_mpi u1, u2, xR, yR;
221 int cnt_restarts;
222 int ret;
223
224 mbedtls_ecp_restart_init( &ctx );
225 mbedtls_ecp_group_init( &grp );
226 mbedtls_ecp_point_init( &R );
227 mbedtls_ecp_point_init( &Q );
228 mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 );
229 mbedtls_mpi_init( &xR ); mbedtls_mpi_init( &yR );
230
231 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
232
233 TEST_ASSERT( mbedtls_mpi_read_string( &u1, 16, u1_str ) == 0 );
234 TEST_ASSERT( mbedtls_mpi_read_string( &u2, 16, u2_str ) == 0 );
235 TEST_ASSERT( mbedtls_mpi_read_string( &xR, 16, xR_str ) == 0 );
236 TEST_ASSERT( mbedtls_mpi_read_string( &yR, 16, yR_str ) == 0 );
237
238 TEST_ASSERT( mbedtls_mpi_read_string( &Q.X, 16, xQ_str ) == 0 );
239 TEST_ASSERT( mbedtls_mpi_read_string( &Q.Y, 16, yQ_str ) == 0 );
240 TEST_ASSERT( mbedtls_mpi_lset( &Q.Z, 1 ) == 0 );
241
242 mbedtls_ecp_set_max_ops( (unsigned) max_ops );
243
244 cnt_restarts = 0;
245 do {
Manuel Pégourié-Gonnard7a28e992018-10-16 11:22:45 +0200[diff] [blame]246 ECP_PT_RESET( &R );
Manuel Pégourié-Gonnard54dd6522017-04-20 13:36:18 +0200[diff] [blame]247 ret = mbedtls_ecp_muladd_restartable( &grp, &R,
248 &u1, &grp.G, &u2, &Q, &ctx );
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]249 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
Manuel Pégourié-Gonnard54dd6522017-04-20 13:36:18 +0200[diff] [blame]250
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]251 TEST_ASSERT( ret == 0 );
Manuel Pégourié-Gonnard54dd6522017-04-20 13:36:18 +0200[diff] [blame]252 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xR ) == 0 );
253 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yR ) == 0 );
254
255 TEST_ASSERT( cnt_restarts >= min_restarts );
256 TEST_ASSERT( cnt_restarts <= max_restarts );
257
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]258 /* Do we leak memory when aborting an operation?
259 * This test only makes sense when we actually restart */
260 if( min_restarts > 0 )
261 {
262 ret = mbedtls_ecp_muladd_restartable( &grp, &R,
263 &u1, &grp.G, &u2, &Q, &ctx );
264 TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
265 }
Manuel Pégourié-Gonnard54dd6522017-04-20 13:36:18 +0200[diff] [blame]266
267exit:
268 mbedtls_ecp_restart_free( &ctx );
269 mbedtls_ecp_group_free( &grp );
270 mbedtls_ecp_point_free( &R );
271 mbedtls_ecp_point_free( &Q );
272 mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 );
273 mbedtls_mpi_free( &xR ); mbedtls_mpi_free( &yR );
274}
275/* END_CASE */
276
Manuel Pégourié-Gonnard312d2e82013-12-04 11:08:01 +0100[diff] [blame]277/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]278void ecp_test_vect( int id, char * dA_str, char * xA_str, char * yA_str,
279 char * dB_str, char * xB_str, char * yB_str,
280 char * xZ_str, char * yZ_str )
Manuel Pégourié-Gonnard4b8c3f22012-11-07 21:39:45 +0100[diff] [blame]281{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]282 mbedtls_ecp_group grp;
283 mbedtls_ecp_point R;
284 mbedtls_mpi dA, xA, yA, dB, xB, yB, xZ, yZ;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]285 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard4b8c3f22012-11-07 21:39:45 +0100[diff] [blame]286
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]287 mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R );
288 mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA ); mbedtls_mpi_init( &dB );
289 mbedtls_mpi_init( &xB ); mbedtls_mpi_init( &yB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]290 memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
Manuel Pégourié-Gonnard4b8c3f22012-11-07 21:39:45 +0100[diff] [blame]291
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]292 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
Manuel Pégourié-Gonnard4b8c3f22012-11-07 21:39:45 +0100[diff] [blame]293
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]294 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
Manuel Pégourié-Gonnard1c330572012-11-24 12:05:44 +0100[diff] [blame]295
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]296 TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
297 TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
298 TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
299 TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
300 TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_str ) == 0 );
301 TEST_ASSERT( mbedtls_mpi_read_string( &yB, 16, yB_str ) == 0 );
302 TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
303 TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
Manuel Pégourié-Gonnarde739f012012-11-07 12:24:22 +0100[diff] [blame]304
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]305 TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]306 &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]307 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
308 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 );
309 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
310 TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R, NULL, NULL ) == 0 );
311 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
312 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
313 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
Manuel Pégourié-Gonnarde739f012012-11-07 12:24:22 +0100[diff] [blame]314
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]315 TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 );
316 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 );
317 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yB ) == 0 );
318 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
319 TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R,
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]320 &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]321 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
322 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
323 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
Manuel Pégourié-Gonnarde739f012012-11-07 12:24:22 +0100[diff] [blame]324
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]325exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]326 mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R );
327 mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); mbedtls_mpi_free( &yA ); mbedtls_mpi_free( &dB );
328 mbedtls_mpi_free( &xB ); mbedtls_mpi_free( &yB ); mbedtls_mpi_free( &xZ ); mbedtls_mpi_free( &yZ );
Manuel Pégourié-Gonnard4b8c3f22012-11-07 21:39:45 +0100[diff] [blame]329}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]330/* END_CASE */
Manuel Pégourié-Gonnard84338242012-11-11 20:45:18 +0100[diff] [blame]331
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]332/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]333void ecp_test_vec_x( int id, char * dA_hex, char * xA_hex, char * dB_hex,
334 char * xB_hex, char * xS_hex )
Manuel Pégourié-Gonnarda0179b82013-12-04 11:49:20 +0100[diff] [blame]335{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]336 mbedtls_ecp_group grp;
337 mbedtls_ecp_point R;
338 mbedtls_mpi dA, xA, dB, xB, xS;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]339 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnarda0179b82013-12-04 11:49:20 +0100[diff] [blame]340
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]341 mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R );
342 mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA );
343 mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xB );
344 mbedtls_mpi_init( &xS );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]345 memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
Manuel Pégourié-Gonnarda0179b82013-12-04 11:49:20 +0100[diff] [blame]346
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]347 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
Manuel Pégourié-Gonnarda0179b82013-12-04 11:49:20 +0100[diff] [blame]348
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]349 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
Manuel Pégourié-Gonnarda0179b82013-12-04 11:49:20 +0100[diff] [blame]350
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]351 TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_hex ) == 0 );
352 TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_hex ) == 0 );
353 TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_hex ) == 0 );
354 TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_hex ) == 0 );
355 TEST_ASSERT( mbedtls_mpi_read_string( &xS, 16, xS_hex ) == 0 );
Manuel Pégourié-Gonnarda0179b82013-12-04 11:49:20 +0100[diff] [blame]356
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]357 TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]358 &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]359 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
360 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
Manuel Pégourié-Gonnarda0179b82013-12-04 11:49:20 +0100[diff] [blame]361
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]362 TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R,
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]363 &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]364 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
365 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 );
Manuel Pégourié-Gonnarda0179b82013-12-04 11:49:20 +0100[diff] [blame]366
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]367 TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 );
368 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
369 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 );
Manuel Pégourié-Gonnarda0179b82013-12-04 11:49:20 +0100[diff] [blame]370
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]371 TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R, NULL, NULL ) == 0 );
372 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
373 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 );
Manuel Pégourié-Gonnarda0179b82013-12-04 11:49:20 +0100[diff] [blame]374
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]375exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]376 mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R );
377 mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA );
378 mbedtls_mpi_free( &dB ); mbedtls_mpi_free( &xB );
379 mbedtls_mpi_free( &xS );
Manuel Pégourié-Gonnarda0179b82013-12-04 11:49:20 +0100[diff] [blame]380}
381/* END_CASE */
382
383/* BEGIN_CASE */
Janos Follath182b0b92019-04-26 14:28:19 +0100[diff] [blame]384void ecp_test_mul( int id, data_t * n_hex,
385 data_t * Px_hex, data_t * Py_hex, data_t * Pz_hex,
386 data_t * nPx_hex, data_t * nPy_hex, data_t * nPz_hex,
387 int expected_ret )
388{
389 mbedtls_ecp_group grp;
390 mbedtls_ecp_point P, nP, R;
391 mbedtls_mpi n;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]392 mbedtls_test_rnd_pseudo_info rnd_info;
Janos Follath182b0b92019-04-26 14:28:19 +0100[diff] [blame]393
394 mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R );
395 mbedtls_ecp_point_init( &P ); mbedtls_ecp_point_init( &nP );
396 mbedtls_mpi_init( &n );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]397 memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
Janos Follath182b0b92019-04-26 14:28:19 +0100[diff] [blame]398
399 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
400
401 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
402
403 TEST_ASSERT( mbedtls_mpi_read_binary( &n, n_hex->x, n_hex->len ) == 0 );
404
405 TEST_ASSERT( mbedtls_mpi_read_binary( &P.X, Px_hex->x, Px_hex->len ) == 0 );
406 TEST_ASSERT( mbedtls_mpi_read_binary( &P.Y, Py_hex->x, Py_hex->len ) == 0 );
407 TEST_ASSERT( mbedtls_mpi_read_binary( &P.Z, Pz_hex->x, Pz_hex->len ) == 0 );
408 TEST_ASSERT( mbedtls_mpi_read_binary( &nP.X, nPx_hex->x, nPx_hex->len )
409 == 0 );
410 TEST_ASSERT( mbedtls_mpi_read_binary( &nP.Y, nPy_hex->x, nPy_hex->len )
411 == 0 );
412 TEST_ASSERT( mbedtls_mpi_read_binary( &nP.Z, nPz_hex->x, nPz_hex->len )
413 == 0 );
414
415 TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &n, &P,
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]416 &mbedtls_test_rnd_pseudo_rand, &rnd_info )
Janos Follath182b0b92019-04-26 14:28:19 +0100[diff] [blame]417 == expected_ret );
418
419 if( expected_ret == 0 )
420 {
421 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.X, &R.X ) == 0 );
422 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.Y, &R.Y ) == 0 );
423 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.Z, &R.Z ) == 0 );
424 }
425
426exit:
427 mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R );
428 mbedtls_ecp_point_free( &P ); mbedtls_ecp_point_free( &nP );
429 mbedtls_mpi_free( &n );
430}
431/* END_CASE */
432
433/* BEGIN_CASE */
Jonas923d5792020-05-13 14:22:45 +0900[diff] [blame]434void ecp_test_mul_rng( int id, data_t * d_hex)
435{
436 mbedtls_ecp_group grp;
437 mbedtls_mpi d;
438 mbedtls_ecp_point Q;
439
440 mbedtls_ecp_group_init( &grp ); mbedtls_mpi_init( &d );
441 mbedtls_ecp_point_init( &Q );
442
443 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
444
445 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
446
447 TEST_ASSERT( mbedtls_mpi_read_binary( &d, d_hex->x, d_hex->len ) == 0 );
448
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]449 TEST_ASSERT( mbedtls_ecp_mul( &grp, &Q, &d, &grp.G,
450 &mbedtls_test_rnd_zero_rand, NULL )
Jonas923d5792020-05-13 14:22:45 +0900[diff] [blame]451 == MBEDTLS_ERR_ECP_RANDOM_FAILED );
452
453exit:
454 mbedtls_ecp_group_free( &grp ); mbedtls_mpi_free( &d );
455 mbedtls_ecp_point_free( &Q );
456}
457/* END_CASE */
458
Gilles Peskineca91ee42021-04-03 18:31:01 +0200[diff] [blame]459/* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
460void ecp_muladd( int id,
461 data_t *u1_bin, data_t *P1_bin,
462 data_t *u2_bin, data_t *P2_bin,
463 data_t *expected_result )
464{
465 /* Compute R = u1 * P1 + u2 * P2 */
466 mbedtls_ecp_group grp;
467 mbedtls_ecp_point P1, P2, R;
468 mbedtls_mpi u1, u2;
469 uint8_t actual_result[MBEDTLS_ECP_MAX_PT_LEN];
470 size_t len;
471
472 mbedtls_ecp_group_init( &grp );
473 mbedtls_ecp_point_init( &P1 );
474 mbedtls_ecp_point_init( &P2 );
475 mbedtls_ecp_point_init( &R );
476 mbedtls_mpi_init( &u1 );
477 mbedtls_mpi_init( &u2 );
478
479 TEST_EQUAL( 0, mbedtls_ecp_group_load( &grp, id ) );
480 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &u1, u1_bin->x, u1_bin->len ) );
481 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &u2, u2_bin->x, u2_bin->len ) );
482 TEST_EQUAL( 0, mbedtls_ecp_point_read_binary( &grp, &P1,
483 P1_bin->x, P1_bin->len ) );
484 TEST_EQUAL( 0, mbedtls_ecp_point_read_binary( &grp, &P2,
485 P2_bin->x, P2_bin->len ) );
486
487 TEST_EQUAL( 0, mbedtls_ecp_muladd( &grp, &R, &u1, &P1, &u2, &P2 ) );
488 TEST_EQUAL( 0, mbedtls_ecp_point_write_binary(
489 &grp, &R, MBEDTLS_ECP_PF_UNCOMPRESSED,
490 &len, actual_result, sizeof( actual_result ) ) );
491
492 ASSERT_COMPARE( expected_result->x, expected_result->len,
493 actual_result, len );
494
495exit:
496 mbedtls_ecp_group_free( &grp );
497 mbedtls_ecp_point_free( &P1 );
498 mbedtls_ecp_point_free( &P2 );
499 mbedtls_ecp_point_free( &R );
500 mbedtls_mpi_free( &u1 );
501 mbedtls_mpi_free( &u2 );
502}
503/* END_CASE */
504
Jonas923d5792020-05-13 14:22:45 +0900[diff] [blame]505/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]506void ecp_fast_mod( int id, char * N_str )
Manuel Pégourié-Gonnard84338242012-11-11 20:45:18 +0100[diff] [blame]507{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]508 mbedtls_ecp_group grp;
509 mbedtls_mpi N, R;
Manuel Pégourié-Gonnard84338242012-11-11 20:45:18 +0100[diff] [blame]510
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]511 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &R );
512 mbedtls_ecp_group_init( &grp );
Manuel Pégourié-Gonnard84338242012-11-11 20:45:18 +0100[diff] [blame]513
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]514 TEST_ASSERT( mbedtls_mpi_read_string( &N, 16, N_str ) == 0 );
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]515 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
Manuel Pégourié-Gonnarde783f062013-10-21 14:52:21 +0200[diff] [blame]516 TEST_ASSERT( grp.modp != NULL );
Manuel Pégourié-Gonnard84338242012-11-11 20:45:18 +0100[diff] [blame]517
518 /*
519 * Store correct result before we touch N
520 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]521 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &N, &grp.P ) == 0 );
Manuel Pégourié-Gonnard84338242012-11-11 20:45:18 +0100[diff] [blame]522
523 TEST_ASSERT( grp.modp( &N ) == 0 );
Manuel Pégourié-Gonnardc0696c22015-06-18 16:47:17 +0200[diff] [blame]524 TEST_ASSERT( mbedtls_mpi_bitlen( &N ) <= grp.pbits + 3 );
Manuel Pégourié-Gonnard84338242012-11-11 20:45:18 +0100[diff] [blame]525
526 /*
Paul Bakkerd8b0c5e2014-04-11 15:31:33 +0200[diff] [blame]527 * Use mod rather than addition/subtraction in case previous test fails
Manuel Pégourié-Gonnard84338242012-11-11 20:45:18 +0100[diff] [blame]528 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]529 TEST_ASSERT( mbedtls_mpi_mod_mpi( &N, &N, &grp.P ) == 0 );
530 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &R ) == 0 );
Manuel Pégourié-Gonnard84338242012-11-11 20:45:18 +0100[diff] [blame]531
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]532exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]533 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &R );
534 mbedtls_ecp_group_free( &grp );
Manuel Pégourié-Gonnard84338242012-11-11 20:45:18 +0100[diff] [blame]535}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]536/* END_CASE */
Manuel Pégourié-Gonnardb4a310b2012-11-13 20:57:00 +0100[diff] [blame]537
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]538/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]539void ecp_write_binary( int id, char * x, char * y, char * z, int format,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]540 data_t * out, int blen, int ret )
Manuel Pégourié-Gonnarde19feb52012-11-24 14:10:14 +0100[diff] [blame]541{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]542 mbedtls_ecp_group grp;
543 mbedtls_ecp_point P;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]544 unsigned char buf[256];
Manuel Pégourié-Gonnard420f1eb2013-02-10 12:22:46 +0100[diff] [blame]545 size_t olen;
Manuel Pégourié-Gonnarde19feb52012-11-24 14:10:14 +0100[diff] [blame]546
547 memset( buf, 0, sizeof( buf ) );
Manuel Pégourié-Gonnarde19feb52012-11-24 14:10:14 +0100[diff] [blame]548
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]549 mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
Manuel Pégourié-Gonnarde19feb52012-11-24 14:10:14 +0100[diff] [blame]550
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]551 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
Manuel Pégourié-Gonnarde19feb52012-11-24 14:10:14 +0100[diff] [blame]552
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]553 TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x ) == 0 );
554 TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y ) == 0 );
555 TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z ) == 0 );
Manuel Pégourié-Gonnarde19feb52012-11-24 14:10:14 +0100[diff] [blame]556
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]557 TEST_ASSERT( mbedtls_ecp_point_write_binary( &grp, &P, format,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]558 &olen, buf, blen ) == ret );
Manuel Pégourié-Gonnarde19feb52012-11-24 14:10:14 +0100[diff] [blame]559
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]560 if( ret == 0 )
Manuel Pégourié-Gonnarde19feb52012-11-24 14:10:14 +0100[diff] [blame]561 {
Ronald Cronde70b162020-06-10 11:03:08 +0200[diff] [blame]562 TEST_ASSERT( mbedtls_test_hexcmp( buf, out->x, olen, out->len ) == 0 );
Manuel Pégourié-Gonnarde19feb52012-11-24 14:10:14 +0100[diff] [blame]563 }
564
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]565exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]566 mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P );
Manuel Pégourié-Gonnarde19feb52012-11-24 14:10:14 +0100[diff] [blame]567}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]568/* END_CASE */
Manuel Pégourié-Gonnarde19feb52012-11-24 14:10:14 +0100[diff] [blame]569
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]570/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]571void ecp_read_binary( int id, data_t * buf, char * x, char * y, char * z,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]572 int ret )
Manuel Pégourié-Gonnard5e402d82012-11-24 16:19:42 +0100[diff] [blame]573{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]574 mbedtls_ecp_group grp;
575 mbedtls_ecp_point P;
576 mbedtls_mpi X, Y, Z;
Manuel Pégourié-Gonnard5e402d82012-11-24 16:19:42 +0100[diff] [blame]577
Manuel Pégourié-Gonnard5e402d82012-11-24 16:19:42 +0100[diff] [blame]578
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]579 mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
580 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
Manuel Pégourié-Gonnard5e402d82012-11-24 16:19:42 +0100[diff] [blame]581
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]582 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
Manuel Pégourié-Gonnard5e402d82012-11-24 16:19:42 +0100[diff] [blame]583
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]584 TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
585 TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
586 TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
Manuel Pégourié-Gonnard5e402d82012-11-24 16:19:42 +0100[diff] [blame]587
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]588 TEST_ASSERT( mbedtls_ecp_point_read_binary( &grp, &P, buf->x, buf->len ) == ret );
Manuel Pégourié-Gonnard5e402d82012-11-24 16:19:42 +0100[diff] [blame]589
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]590 if( ret == 0 )
Manuel Pégourié-Gonnard5e402d82012-11-24 16:19:42 +0100[diff] [blame]591 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]592 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.X, &X ) == 0 );
Janos Follathdf9295b2019-02-26 12:36:52 +0000[diff] [blame]593 if( mbedtls_ecp_get_type( &grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
Janos Follath59b813c2019-02-13 10:44:06 +0000[diff] [blame]594 {
595 TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, 0 ) == 0 );
596 TEST_ASSERT( P.Y.p == NULL );
597 TEST_ASSERT( mbedtls_mpi_cmp_int( &Z, 1 ) == 0 );
598 TEST_ASSERT( mbedtls_mpi_cmp_int( &P.Z, 1 ) == 0 );
599 }
600 else
601 {
602 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Y, &Y ) == 0 );
603 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Z, &Z ) == 0 );
604 }
Manuel Pégourié-Gonnard5e402d82012-11-24 16:19:42 +0100[diff] [blame]605 }
606
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]607exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]608 mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P );
609 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
Manuel Pégourié-Gonnard5e402d82012-11-24 16:19:42 +0100[diff] [blame]610}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]611/* END_CASE */
Manuel Pégourié-Gonnard5e402d82012-11-24 16:19:42 +0100[diff] [blame]612
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]613/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]614void mbedtls_ecp_tls_read_point( int id, data_t * buf, char * x, char * y,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]615 char * z, int ret )
Manuel Pégourié-Gonnard8c16f962013-02-10 13:00:20 +0100[diff] [blame]616{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]617 mbedtls_ecp_group grp;
618 mbedtls_ecp_point P;
619 mbedtls_mpi X, Y, Z;
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]620 const unsigned char *vbuf = buf->x;
Manuel Pégourié-Gonnard8c16f962013-02-10 13:00:20 +0100[diff] [blame]621
Manuel Pégourié-Gonnard8c16f962013-02-10 13:00:20 +0100[diff] [blame]622
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]623 mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
624 mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
Manuel Pégourié-Gonnard8c16f962013-02-10 13:00:20 +0100[diff] [blame]625
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]626 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
Manuel Pégourié-Gonnard8c16f962013-02-10 13:00:20 +0100[diff] [blame]627
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]628 TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
629 TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
630 TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
Manuel Pégourié-Gonnard8c16f962013-02-10 13:00:20 +0100[diff] [blame]631
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]632 TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &P, &vbuf, buf->len ) == ret );
Manuel Pégourié-Gonnard8c16f962013-02-10 13:00:20 +0100[diff] [blame]633
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]634 if( ret == 0 )
Manuel Pégourié-Gonnard8c16f962013-02-10 13:00:20 +0100[diff] [blame]635 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]636 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.X, &X ) == 0 );
637 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Y, &Y ) == 0 );
638 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Z, &Z ) == 0 );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]639 TEST_ASSERT( (uint32_t)( vbuf - buf->x ) == buf->len );
Manuel Pégourié-Gonnard8c16f962013-02-10 13:00:20 +0100[diff] [blame]640 }
641
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]642exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]643 mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P );
644 mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
Manuel Pégourié-Gonnard8c16f962013-02-10 13:00:20 +0100[diff] [blame]645}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]646/* END_CASE */
Manuel Pégourié-Gonnard8c16f962013-02-10 13:00:20 +0100[diff] [blame]647
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]648/* BEGIN_CASE */
649void ecp_tls_write_read_point( int id )
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]650{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]651 mbedtls_ecp_group grp;
652 mbedtls_ecp_point pt;
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]653 unsigned char buf[256];
Manuel Pégourié-Gonnard98f51812013-02-10 13:38:29 +0100[diff] [blame]654 const unsigned char *vbuf;
Manuel Pégourié-Gonnard420f1eb2013-02-10 12:22:46 +0100[diff] [blame]655 size_t olen;
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]656
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]657 mbedtls_ecp_group_init( &grp );
658 mbedtls_ecp_point_init( &pt );
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]659
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]660 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]661
Manuel Pégourié-Gonnard98f51812013-02-10 13:38:29 +0100[diff] [blame]662 memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]663 TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &grp.G,
664 MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256 ) == 0 );
665 TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen )
666 == MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
Manuel Pégourié-Gonnard98f51812013-02-10 13:38:29 +0100[diff] [blame]667 TEST_ASSERT( vbuf == buf + olen );
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]668
Manuel Pégourié-Gonnard98f51812013-02-10 13:38:29 +0100[diff] [blame]669 memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]670 TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &grp.G,
671 MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256 ) == 0 );
672 TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 );
673 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.X, &pt.X ) == 0 );
674 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.Y, &pt.Y ) == 0 );
675 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.Z, &pt.Z ) == 0 );
Manuel Pégourié-Gonnard98f51812013-02-10 13:38:29 +0100[diff] [blame]676 TEST_ASSERT( vbuf == buf + olen );
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]677
Manuel Pégourié-Gonnard98f51812013-02-10 13:38:29 +0100[diff] [blame]678 memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]679 TEST_ASSERT( mbedtls_ecp_set_zero( &pt ) == 0 );
680 TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &pt,
681 MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256 ) == 0 );
682 TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 );
683 TEST_ASSERT( mbedtls_ecp_is_zero( &pt ) );
Manuel Pégourié-Gonnard98f51812013-02-10 13:38:29 +0100[diff] [blame]684 TEST_ASSERT( vbuf == buf + olen );
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]685
Manuel Pégourié-Gonnard98f51812013-02-10 13:38:29 +0100[diff] [blame]686 memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]687 TEST_ASSERT( mbedtls_ecp_set_zero( &pt ) == 0 );
688 TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &pt,
689 MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256 ) == 0 );
690 TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 );
691 TEST_ASSERT( mbedtls_ecp_is_zero( &pt ) );
Manuel Pégourié-Gonnard98f51812013-02-10 13:38:29 +0100[diff] [blame]692 TEST_ASSERT( vbuf == buf + olen );
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]693
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]694exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]695 mbedtls_ecp_group_free( &grp );
696 mbedtls_ecp_point_free( &pt );
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]697}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]698/* END_CASE */
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]699
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]700/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]701void mbedtls_ecp_tls_read_group( data_t * buf, int result, int bits,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]702 int record_len )
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]703{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]704 mbedtls_ecp_group grp;
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]705 const unsigned char *vbuf = buf->x;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]706 int ret;
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]707
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]708 mbedtls_ecp_group_init( &grp );
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]709
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]710 ret = mbedtls_ecp_tls_read_group( &grp, &vbuf, buf->len );
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]711
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]712 TEST_ASSERT( ret == result );
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]713 if( ret == 0)
Manuel Pégourié-Gonnard7c145c62013-02-10 13:20:52 +0100[diff] [blame]714 {
Manuel Pégourié-Gonnardc0696c22015-06-18 16:47:17 +0200[diff] [blame]715 TEST_ASSERT( mbedtls_mpi_bitlen( &grp.P ) == (size_t) bits );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]716 TEST_ASSERT( vbuf - buf->x == record_len);
Manuel Pégourié-Gonnard7c145c62013-02-10 13:20:52 +0100[diff] [blame]717 }
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]718
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]719exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]720 mbedtls_ecp_group_free( &grp );
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]721}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]722/* END_CASE */
Manuel Pégourié-Gonnard6282aca2013-02-10 11:15:11 +0100[diff] [blame]723
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]724/* BEGIN_CASE */
725void ecp_tls_write_read_group( int id )
Manuel Pégourié-Gonnard46106a92013-02-10 12:51:17 +0100[diff] [blame]726{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]727 mbedtls_ecp_group grp1, grp2;
Manuel Pégourié-Gonnard46106a92013-02-10 12:51:17 +0100[diff] [blame]728 unsigned char buf[10];
Manuel Pégourié-Gonnard7c145c62013-02-10 13:20:52 +0100[diff] [blame]729 const unsigned char *vbuf = buf;
Manuel Pégourié-Gonnard46106a92013-02-10 12:51:17 +0100[diff] [blame]730 size_t len;
731 int ret;
732
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]733 mbedtls_ecp_group_init( &grp1 );
734 mbedtls_ecp_group_init( &grp2 );
Manuel Pégourié-Gonnard46106a92013-02-10 12:51:17 +0100[diff] [blame]735 memset( buf, 0x00, sizeof( buf ) );
736
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]737 TEST_ASSERT( mbedtls_ecp_group_load( &grp1, id ) == 0 );
Manuel Pégourié-Gonnard46106a92013-02-10 12:51:17 +0100[diff] [blame]738
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]739 TEST_ASSERT( mbedtls_ecp_tls_write_group( &grp1, &len, buf, 10 ) == 0 );
740 ret = mbedtls_ecp_tls_read_group( &grp2, &vbuf, len );
Paul Bakker94b916c2014-04-17 16:07:20 +0200[diff] [blame]741 TEST_ASSERT( ret == 0 );
Manuel Pégourié-Gonnard46106a92013-02-10 12:51:17 +0100[diff] [blame]742
743 if( ret == 0 )
744 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]745 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp1.N, &grp2.N ) == 0 );
Manuel Pégourié-Gonnard46106a92013-02-10 12:51:17 +0100[diff] [blame]746 TEST_ASSERT( grp1.id == grp2.id );
747 }
748
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]749exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]750 mbedtls_ecp_group_free( &grp1 );
751 mbedtls_ecp_group_free( &grp2 );
Manuel Pégourié-Gonnard46106a92013-02-10 12:51:17 +0100[diff] [blame]752}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]753/* END_CASE */
Manuel Pégourié-Gonnard46106a92013-02-10 12:51:17 +0100[diff] [blame]754
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]755/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]756void mbedtls_ecp_check_privkey( int id, char * key_hex, int ret )
Manuel Pégourié-Gonnardc8dc2952013-07-01 14:06:13 +0200[diff] [blame]757{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]758 mbedtls_ecp_group grp;
759 mbedtls_mpi d;
Manuel Pégourié-Gonnardc8dc2952013-07-01 14:06:13 +0200[diff] [blame]760
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]761 mbedtls_ecp_group_init( &grp );
762 mbedtls_mpi_init( &d );
Manuel Pégourié-Gonnardc8dc2952013-07-01 14:06:13 +0200[diff] [blame]763
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]764 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]765 TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, key_hex ) == 0 );
Manuel Pégourié-Gonnardc8dc2952013-07-01 14:06:13 +0200[diff] [blame]766
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]767 TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == ret );
Manuel Pégourié-Gonnardc8dc2952013-07-01 14:06:13 +0200[diff] [blame]768
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]769exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]770 mbedtls_ecp_group_free( &grp );
771 mbedtls_mpi_free( &d );
Manuel Pégourié-Gonnardc8dc2952013-07-01 14:06:13 +0200[diff] [blame]772}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]773/* END_CASE */
Manuel Pégourié-Gonnardc8dc2952013-07-01 14:06:13 +0200[diff] [blame]774
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]775/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]776void mbedtls_ecp_check_pub_priv( int id_pub, char * Qx_pub, char * Qy_pub,
777 int id, char * d, char * Qx, char * Qy,
778 int ret )
Manuel Pégourié-Gonnard30668d62014-11-06 15:25:32 +0100[diff] [blame]779{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]780 mbedtls_ecp_keypair pub, prv;
Manuel Pégourié-Gonnard30668d62014-11-06 15:25:32 +0100[diff] [blame]781
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]782 mbedtls_ecp_keypair_init( &pub );
783 mbedtls_ecp_keypair_init( &prv );
Manuel Pégourié-Gonnard30668d62014-11-06 15:25:32 +0100[diff] [blame]784
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]785 if( id_pub != MBEDTLS_ECP_DP_NONE )
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]786 TEST_ASSERT( mbedtls_ecp_group_load( &pub.grp, id_pub ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]787 TEST_ASSERT( mbedtls_ecp_point_read_string( &pub.Q, 16, Qx_pub, Qy_pub ) == 0 );
Manuel Pégourié-Gonnard30668d62014-11-06 15:25:32 +0100[diff] [blame]788
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]789 if( id != MBEDTLS_ECP_DP_NONE )
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]790 TEST_ASSERT( mbedtls_ecp_group_load( &prv.grp, id ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]791 TEST_ASSERT( mbedtls_ecp_point_read_string( &prv.Q, 16, Qx, Qy ) == 0 );
792 TEST_ASSERT( mbedtls_mpi_read_string( &prv.d, 16, d ) == 0 );
Manuel Pégourié-Gonnard30668d62014-11-06 15:25:32 +0100[diff] [blame]793
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]794 TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv ) == ret );
Manuel Pégourié-Gonnard30668d62014-11-06 15:25:32 +0100[diff] [blame]795
796exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]797 mbedtls_ecp_keypair_free( &pub );
798 mbedtls_ecp_keypair_free( &prv );
Manuel Pégourié-Gonnard30668d62014-11-06 15:25:32 +0100[diff] [blame]799}
800/* END_CASE */
801
802/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]803void mbedtls_ecp_gen_keypair( int id )
Manuel Pégourié-Gonnard45a035a2013-01-26 14:42:45 +0100[diff] [blame]804{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]805 mbedtls_ecp_group grp;
806 mbedtls_ecp_point Q;
807 mbedtls_mpi d;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]808 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard45a035a2013-01-26 14:42:45 +0100[diff] [blame]809
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]810 mbedtls_ecp_group_init( &grp );
811 mbedtls_ecp_point_init( &Q );
812 mbedtls_mpi_init( &d );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]813 memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
Manuel Pégourié-Gonnard45a035a2013-01-26 14:42:45 +0100[diff] [blame]814
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]815 TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
Manuel Pégourié-Gonnard45a035a2013-01-26 14:42:45 +0100[diff] [blame]816
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]817 TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q,
818 &mbedtls_test_rnd_pseudo_rand,
819 &rnd_info ) == 0 );
Manuel Pégourié-Gonnard45a035a2013-01-26 14:42:45 +0100[diff] [blame]820
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]821 TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &Q ) == 0 );
822 TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == 0 );
Manuel Pégourié-Gonnard45a035a2013-01-26 14:42:45 +0100[diff] [blame]823
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]824exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]825 mbedtls_ecp_group_free( &grp );
826 mbedtls_ecp_point_free( &Q );
827 mbedtls_mpi_free( &d );
Manuel Pégourié-Gonnard45a035a2013-01-26 14:42:45 +0100[diff] [blame]828}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]829/* END_CASE */
Manuel Pégourié-Gonnard45a035a2013-01-26 14:42:45 +0100[diff] [blame]830
Manuel Pégourié-Gonnard104ee1d2013-11-30 14:13:16 +0100[diff] [blame]831/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]832void mbedtls_ecp_gen_key( int id )
Manuel Pégourié-Gonnard104ee1d2013-11-30 14:13:16 +0100[diff] [blame]833{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]834 mbedtls_ecp_keypair key;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]835 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard104ee1d2013-11-30 14:13:16 +0100[diff] [blame]836
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]837 mbedtls_ecp_keypair_init( &key );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]838 memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
Manuel Pégourié-Gonnard104ee1d2013-11-30 14:13:16 +0100[diff] [blame]839
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]840 TEST_ASSERT( mbedtls_ecp_gen_key( id, &key,
841 &mbedtls_test_rnd_pseudo_rand,
842 &rnd_info ) == 0 );
Manuel Pégourié-Gonnard104ee1d2013-11-30 14:13:16 +0100[diff] [blame]843
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]844 TEST_ASSERT( mbedtls_ecp_check_pubkey( &key.grp, &key.Q ) == 0 );
845 TEST_ASSERT( mbedtls_ecp_check_privkey( &key.grp, &key.d ) == 0 );
Manuel Pégourié-Gonnard104ee1d2013-11-30 14:13:16 +0100[diff] [blame]846
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]847exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]848 mbedtls_ecp_keypair_free( &key );
Manuel Pégourié-Gonnard104ee1d2013-11-30 14:13:16 +0100[diff] [blame]849}
850/* END_CASE */
851
Janos Follath171a7ef2019-02-15 16:17:45 +0000[diff] [blame]852/* BEGIN_CASE */
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]853void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected, int canonical )
Janos Follath171a7ef2019-02-15 16:17:45 +0000[diff] [blame]854{
855 int ret = 0;
856 mbedtls_ecp_keypair key;
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]857 mbedtls_ecp_keypair key2;
Janos Follath171a7ef2019-02-15 16:17:45 +0000[diff] [blame]858
859 mbedtls_ecp_keypair_init( &key );
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]860 mbedtls_ecp_keypair_init( &key2 );
Janos Follath171a7ef2019-02-15 16:17:45 +0000[diff] [blame]861
862 ret = mbedtls_ecp_read_key( grp_id, &key, in_key->x, in_key->len );
863 TEST_ASSERT( ret == expected );
864
865 if( expected == 0 )
866 {
867 ret = mbedtls_ecp_check_privkey( &key.grp, &key.d );
868 TEST_ASSERT( ret == 0 );
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]869
870 if( canonical )
871 {
872 unsigned char buf[MBEDTLS_ECP_MAX_BYTES];
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]873
Steven Cooreman0024df62020-07-13 10:59:40 +0200[diff] [blame]874 ret = mbedtls_ecp_write_key( &key, buf, in_key->len );
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]875 TEST_ASSERT( ret == 0 );
876
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]877 ASSERT_COMPARE( in_key->x, in_key->len,
Steven Cooremanc9b7f782020-06-11 17:00:36 +0200[diff] [blame]878 buf, in_key->len );
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]879 }
880 else
881 {
882 unsigned char export1[MBEDTLS_ECP_MAX_BYTES];
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]883 unsigned char export2[MBEDTLS_ECP_MAX_BYTES];
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]884
Steven Cooreman0024df62020-07-13 10:59:40 +0200[diff] [blame]885 ret = mbedtls_ecp_write_key( &key, export1, in_key->len );
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]886 TEST_ASSERT( ret == 0 );
887
888 ret = mbedtls_ecp_read_key( grp_id, &key2, export1, in_key->len );
889 TEST_ASSERT( ret == expected );
890
Steven Cooreman0024df62020-07-13 10:59:40 +0200[diff] [blame]891 ret = mbedtls_ecp_write_key( &key2, export2, in_key->len );
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]892 TEST_ASSERT( ret == 0 );
893
Steven Cooremanc9b7f782020-06-11 17:00:36 +0200[diff] [blame]894 ASSERT_COMPARE( export1, in_key->len,
895 export2, in_key->len );
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]896 }
Janos Follath171a7ef2019-02-15 16:17:45 +0000[diff] [blame]897 }
898
899exit:
900 mbedtls_ecp_keypair_free( &key );
Steven Cooremande8593f2020-06-09 19:55:26 +0200[diff] [blame]901 mbedtls_ecp_keypair_free( &key2 );
Janos Follath171a7ef2019-02-15 16:17:45 +0000[diff] [blame]902}
903/* END_CASE */
904
Gilles Peskine618be2e2021-04-03 21:47:53 +0200[diff] [blame]905/* BEGIN_CASE depends_on:HAVE_FIX_NEGATIVE */
906void fix_negative( data_t *N_bin, int c, int bits )
907{
908 mbedtls_mpi C, M, N;
909
910 mbedtls_mpi_init( &C );
911 mbedtls_mpi_init( &M );
912 mbedtls_mpi_init( &N );
913
Gilles Peskine392d1012021-04-09 15:46:51 +0200[diff] [blame]914 /* C = - c * 2^bits (positive since c is negative) */
Gilles Peskine618be2e2021-04-03 21:47:53 +0200[diff] [blame]915 TEST_EQUAL( 0, mbedtls_mpi_lset( &C, -c ) );
916 TEST_EQUAL( 0, mbedtls_mpi_shift_l( &C, bits ) );
917
918 TEST_EQUAL( 0, mbedtls_mpi_read_binary( &N, N_bin->x, N_bin->len ) );
919 TEST_EQUAL( 0, mbedtls_mpi_grow( &N, C.n ) );
920
Gilles Peskine392d1012021-04-09 15:46:51 +0200[diff] [blame]921 /* M = N - C = - ( C - N ) (expected result of fix_negative) */
Gilles Peskine618be2e2021-04-03 21:47:53 +0200[diff] [blame]922 TEST_EQUAL( 0, mbedtls_mpi_sub_mpi( &M, &N, &C ) );
923
924 mbedtls_ecp_fix_negative( &N, c, bits );
925
926 TEST_EQUAL( 0, mbedtls_mpi_cmp_mpi( &N, &M ) );
927
928exit:
929 mbedtls_mpi_free( &C );
930 mbedtls_mpi_free( &M );
931 mbedtls_mpi_free( &N );
932}
933/* END_CASE */
934
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]935/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]936void ecp_selftest( )
Manuel Pégourié-Gonnardb4a310b2012-11-13 20:57:00 +0100[diff] [blame]937{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]938 TEST_ASSERT( mbedtls_ecp_self_test( 1 ) == 0 );
Manuel Pégourié-Gonnardb4a310b2012-11-13 20:57:00 +0100[diff] [blame]939}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]940/* END_CASE */