TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 33783b46469a9d4e51c710b3506ba46449314b20 / . / tests / suites / test_suite_random.function
blob: 3026bae0e4619008ee5ca42940b4e7522172d2df [file] [log] [blame]
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]1/* BEGIN_HEADER */
2
3/* Test random generation as a whole. */
4
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]5#include "mbedtls/bignum.h"
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]6#include "mbedtls/ctr_drbg.h"
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]7#include "mbedtls/ecdsa.h"
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]8#include "mbedtls/entropy.h"
9#include "mbedtls/hmac_drbg.h"
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]10#include "mbedtls/psa_util.h"
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]11#include "psa/crypto.h"
12
13/* How many bytes to generate in each test case for repeated generation.
14 * This must be high enough that the probability of generating the same
15 * output twice is infinitesimal, but low enough that random generators
16 * are willing to deliver that much. */
17#define OUTPUT_SIZE 32
18
19/* END_HEADER */
20
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]21/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]22void random_twice_with_ctr_drbg()
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]23{
24 mbedtls_entropy_context entropy;
25 mbedtls_ctr_drbg_context drbg;
26 unsigned char output1[OUTPUT_SIZE];
27 unsigned char output2[OUTPUT_SIZE];
28
29 /* First round */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]30 mbedtls_entropy_init(&entropy);
31 mbedtls_ctr_drbg_init(&drbg);
32 TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg,
33 mbedtls_entropy_func, &entropy,
34 NULL, 0));
35 TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg,
36 output1, sizeof(output1)));
37 mbedtls_ctr_drbg_free(&drbg);
38 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]39
40 /* Second round */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]41 mbedtls_entropy_init(&entropy);
42 mbedtls_ctr_drbg_init(&drbg);
43 TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg,
44 mbedtls_entropy_func, &entropy,
45 NULL, 0));
46 TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg,
47 output2, sizeof(output2)));
48 mbedtls_ctr_drbg_free(&drbg);
49 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]50
51 /* The two rounds must generate different random data. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]52 TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]53
54exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]55 mbedtls_ctr_drbg_free(&drbg);
56 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]57}
58/* END_CASE */
59
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]60/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_HMAC_DRBG_C */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]61void random_twice_with_hmac_drbg(int md_type)
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]62{
63 mbedtls_entropy_context entropy;
64 mbedtls_hmac_drbg_context drbg;
65 unsigned char output1[OUTPUT_SIZE];
66 unsigned char output2[OUTPUT_SIZE];
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]67 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]68
69 /* First round */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]70 mbedtls_entropy_init(&entropy);
71 mbedtls_hmac_drbg_init(&drbg);
72 TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info,
73 mbedtls_entropy_func, &entropy,
74 NULL, 0));
75 TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg,
76 output1, sizeof(output1)));
77 mbedtls_hmac_drbg_free(&drbg);
78 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]79
80 /* Second round */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]81 mbedtls_entropy_init(&entropy);
82 mbedtls_hmac_drbg_init(&drbg);
83 TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info,
84 mbedtls_entropy_func, &entropy,
85 NULL, 0));
86 TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg,
87 output2, sizeof(output2)));
88 mbedtls_hmac_drbg_free(&drbg);
89 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]90
91 /* The two rounds must generate different random data. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]92 TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]93
94exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]95 mbedtls_hmac_drbg_free(&drbg);
96 mbedtls_entropy_free(&entropy);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]97}
98/* END_CASE */
99
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]100/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]101void random_twice_with_psa_from_classic()
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]102{
103 unsigned char output1[OUTPUT_SIZE];
104 unsigned char output2[OUTPUT_SIZE];
105
106 /* First round */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]107 PSA_ASSERT(psa_crypto_init());
108 TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
109 output1, sizeof(output1)));
110 PSA_DONE();
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]111
112 /* Second round */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]113 PSA_ASSERT(psa_crypto_init());
114 TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
115 output2, sizeof(output2)));
116 PSA_DONE();
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]117
118 /* The two rounds must generate different random data. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]119 TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]120
121exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]122 PSA_DONE();
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]123}
124/* END_CASE */
125
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]126/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]127void random_twice_with_psa_from_psa()
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]128{
129 unsigned char output1[OUTPUT_SIZE];
130 unsigned char output2[OUTPUT_SIZE];
131
132 /* First round */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]133 PSA_ASSERT(psa_crypto_init());
134 PSA_ASSERT(psa_generate_random(output1, sizeof(output1)));
135 PSA_DONE();
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]136
137 /* Second round */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]138 PSA_ASSERT(psa_crypto_init());
139 PSA_ASSERT(psa_generate_random(output2, sizeof(output2)));
140 PSA_DONE();
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]141
142 /* The two rounds must generate different random data. */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]143 TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0);
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]144
145exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]146 PSA_DONE();
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]147}
148/* END_CASE */
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]149
150/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]151void mbedtls_psa_get_random_no_init()
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]152{
153 unsigned char output[1];
154
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]155 TEST_ASSERT(mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
156 output, sizeof(output)) != 0);
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]157}
158/* END_CASE */
159
160/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]161void mbedtls_psa_get_random_length(int n)
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]162{
163 unsigned char *output = NULL;
164
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]165 PSA_ASSERT(psa_crypto_init());
166 ASSERT_ALLOC(output, n);
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]167
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]168 TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
169 output, n));
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]170exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]171 mbedtls_free(output);
172 PSA_DONE();
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]173}
174/* END_CASE */
175
176/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ECDSA_C */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]177void mbedtls_psa_get_random_ecdsa_sign(int curve)
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]178{
179 mbedtls_ecp_group grp;
180 mbedtls_mpi d, r, s;
181 unsigned char buf[] = "This is not a hash.";
182
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]183 mbedtls_ecp_group_init(&grp);
184 mbedtls_mpi_init(&d);
185 mbedtls_mpi_init(&r);
186 mbedtls_mpi_init(&s);
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]187
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]188 TEST_EQUAL(0, mbedtls_mpi_lset(&d, 123456789));
189 TEST_EQUAL(0, mbedtls_ecp_group_load(&grp, curve));
190 PSA_ASSERT(psa_crypto_init());
191 TEST_EQUAL(0, mbedtls_ecdsa_sign(&grp, &r, &s, &d,
192 buf, sizeof(buf),
193 mbedtls_psa_get_random,
194 MBEDTLS_PSA_RANDOM_STATE));
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]195exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]196 mbedtls_mpi_free(&d);
197 mbedtls_mpi_free(&r);
198 mbedtls_mpi_free(&s);
199 mbedtls_ecp_group_free(&grp);
200 PSA_DONE();
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]201}
202/* END_CASE */