TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / eba088a8ac585a038efccc4d21a44df1b21d1d73 / . / tests / suites / test_suite_pk.function
blob: a7c0368c4b7735fc7f7898be02c6817f9ebdb703 [file] [log] [blame]
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/pk.h"
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]3
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]4/* For error codes */
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]5#include "mbedtls/asn1.h"
6#include "mbedtls/base64.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]7#include "mbedtls/ecp.h"
8#include "mbedtls/rsa.h"
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]9
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]10#include <limits.h>
Andres Amaya Garcia6ff067d2017-06-09 14:26:59 +0100[diff] [blame]11#include <stdint.h>
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]12
Gilles Peskine952f4092019-05-23 20:25:48 +0200[diff] [blame]13#if defined(MBEDTLS_USE_PSA_CRYPTO)
14#include "mbedtls/psa_util.h"
Gilles Peskine1838e822019-06-20 12:40:56 +0200[diff] [blame]15#include "psa_crypto_helpers.h"
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]16#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
17#else
18/* Define empty macros so that we can use them in the preamble and teardown
19 * of every test function that uses PSA conditionally based on
20 * MBEDTLS_USE_PSA_CRYPTO. */
21#define PSA_INIT( ) ( (void) 0 )
22#define PSA_DONE( ) ( (void) 0 )
Gilles Peskine952f4092019-05-23 20:25:48 +0200[diff] [blame]23#endif
24
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]25static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
26
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]27#define RSA_KEY_SIZE 512
28#define RSA_KEY_LEN 64
29
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]30static int pk_genkey( mbedtls_pk_context *pk )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]31{
Paul Bakkera5320902013-12-19 17:29:52 +0100[diff] [blame]32 ((void) pk);
33
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]34#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
35 if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA )
36 return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), rnd_std_rand, NULL, RSA_KEY_SIZE, 3 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]37#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]38#if defined(MBEDTLS_ECP_C)
39 if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY ||
40 mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY_DH ||
41 mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]42 {
43 int ret;
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]44 if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]45 MBEDTLS_ECP_DP_SECP192R1 ) ) != 0 )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]46 return( ret );
47
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]48 return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, &mbedtls_pk_ec( *pk )->d,
49 &mbedtls_pk_ec( *pk )->Q, rnd_std_rand, NULL );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]50 }
51#endif
52 return( -1 );
53}
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]54
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]55#if defined(MBEDTLS_RSA_C)
56int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]57 const unsigned char *input, unsigned char *output,
58 size_t output_max_len )
59{
Hanno Becker6ac972d2017-09-07 10:57:48 +0100[diff] [blame]60 return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx,
61 rnd_std_rand, NULL, mode, olen,
62 input, output, output_max_len ) );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]63}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]64int mbedtls_rsa_sign_func( void *ctx,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]65 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]66 int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]67 const unsigned char *hash, unsigned char *sig )
68{
Hanno Beckera5400682017-05-03 16:43:15 +0100[diff] [blame]69 ((void) f_rng);
70 ((void) p_rng);
71 return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, rnd_std_rand, NULL, mode,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]72 md_alg, hashlen, hash, sig ) );
73}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]74size_t mbedtls_rsa_key_len_func( void *ctx )
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]75{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]76 return( ((const mbedtls_rsa_context *) ctx)->len );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]77}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]78#endif /* MBEDTLS_RSA_C */
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]79
80#if defined(MBEDTLS_USE_PSA_CRYPTO)
81
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]82/*
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]83 * Generate a key using PSA and return a handle to that key,
84 * or 0 if the key generation failed.
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]85 * The key uses NIST P-256 and is usable for signing with SHA-256.
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]86 */
Andrzej Kurek2349c4d2019-01-08 09:36:01 -0500[diff] [blame]87psa_key_handle_t pk_psa_genkey( void )
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]88{
Andrzej Kurek2349c4d2019-01-08 09:36:01 -0500[diff] [blame]89 psa_key_handle_t key;
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]90 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]91 const int curve = PSA_ECC_CURVE_SECP256R1;
Gilles Peskinec93b80c2019-05-16 19:39:54 +0200[diff] [blame]92 const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve);
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]93 const size_t bits = 256;
94
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]95 psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN );
96 psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256) );
97 psa_set_key_type( &attributes, type );
98 psa_set_key_bits( &attributes, bits );
99 PSA_ASSERT( psa_generate_key( &attributes, &key ) );
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]100
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]101exit:
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]102 return( key );
103}
104#endif /* MBEDTLS_USE_PSA_CRYPTO */
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]105/* END_HEADER */
106
107/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]108 * depends_on:MBEDTLS_PK_C
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]109 * END_DEPENDENCIES
110 */
111
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]112/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]113void pk_psa_utils( )
114{
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]115 mbedtls_pk_context pk, pk2;
Andrzej Kurek2349c4d2019-01-08 09:36:01 -0500[diff] [blame]116 psa_key_handle_t key;
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]117 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]118
Manuel Pégourié-Gonnard69baf702018-11-06 09:34:30 +0100[diff] [blame]119 const char * const name = "Opaque";
Manuel Pégourié-Gonnard0184b3c2018-10-31 10:36:51 +0100[diff] [blame]120 const size_t bitlen = 256; /* harcoded in genkey() */
121
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]122 mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
123 unsigned char b1[1], b2[1];
124 size_t len;
125 mbedtls_pk_debug_item dbg;
126
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]127 PSA_ASSERT( psa_crypto_init( ) );
Jaeden Amero3ea26872019-02-13 11:30:22 +0000[diff] [blame]128
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]129 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]130 mbedtls_pk_init( &pk2 );
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]131
Gilles Peskine614faa22019-06-07 15:39:07 +0200[diff] [blame]132 TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
Gilles Peskine69c0ea22019-06-07 15:38:59 +0200[diff] [blame]133
Manuel Pégourié-Gonnard69baf702018-11-06 09:34:30 +0100[diff] [blame]134 TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, 0 ) ==
Manuel Pégourié-Gonnard920c0632018-10-31 10:57:29 +0100[diff] [blame]135 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
136
137 mbedtls_pk_free( &pk );
138 mbedtls_pk_init( &pk );
139
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]140 key = pk_psa_genkey();
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]141 if( key == 0 )
142 goto exit;
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]143
Manuel Pégourié-Gonnard69baf702018-11-06 09:34:30 +0100[diff] [blame]144 TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 );
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]145
Manuel Pégourié-Gonnard69baf702018-11-06 09:34:30 +0100[diff] [blame]146 TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE );
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]147 TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
148
Manuel Pégourié-Gonnard0184b3c2018-10-31 10:36:51 +0100[diff] [blame]149 TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen );
150 TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 );
151
Manuel Pégourié-Gonnard920c0632018-10-31 10:57:29 +0100[diff] [blame]152 TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECKEY ) == 1 );
153 TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 );
154 TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 );
155
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]156 /* unsupported operations: verify, decrypt, encrypt */
157 TEST_ASSERT( mbedtls_pk_verify( &pk, md_alg,
158 b1, sizeof( b1), b2, sizeof( b2 ) )
159 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
160 TEST_ASSERT( mbedtls_pk_decrypt( &pk, b1, sizeof( b1 ),
161 b2, &len, sizeof( b2 ),
162 NULL, NULL )
163 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
164 TEST_ASSERT( mbedtls_pk_encrypt( &pk, b1, sizeof( b1 ),
165 b2, &len, sizeof( b2 ),
166 NULL, NULL )
167 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
168
169 /* unsupported functions: check_pair, debug */
170 TEST_ASSERT( mbedtls_pk_setup( &pk2,
171 mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
172 TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2 )
173 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
174 TEST_ASSERT( mbedtls_pk_debug( &pk, &dbg )
175 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
176
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]177 /* test that freeing the context does not destroy the key */
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]178 mbedtls_pk_free( &pk );
Gilles Peskined2d45c12019-05-27 14:53:13 +0200[diff] [blame]179 TEST_ASSERT( PSA_SUCCESS == psa_get_key_attributes( key, &attributes ) );
Manuel Pégourié-Gonnard01a12c42018-10-31 10:28:01 +0100[diff] [blame]180 TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );
181
182exit:
183 mbedtls_pk_free( &pk ); /* redundant except upon error */
Manuel Pégourié-Gonnardd97390e2018-10-31 11:14:36 +0100[diff] [blame]184 mbedtls_pk_free( &pk2 );
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]185 PSA_DONE( );
Manuel Pégourié-Gonnard7b5fe042018-10-31 09:57:45 +0100[diff] [blame]186}
187/* END_CASE */
188
189
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]190/* BEGIN_CASE */
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]191void valid_parameters( )
192{
193 mbedtls_pk_context pk;
194 unsigned char buf[1];
195 size_t len;
196 void *options = NULL;
197
198 mbedtls_pk_init( &pk );
199
200 TEST_VALID_PARAM( mbedtls_pk_free( NULL ) );
201
202#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
203 TEST_VALID_PARAM( mbedtls_pk_restart_free( NULL ) );
204#endif
205
206 TEST_ASSERT( mbedtls_pk_setup( &pk, NULL ) ==
207 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
208
209 /* In informational functions, we accept NULL where a context pointer
210 * is expected because that's what the library has done forever.
211 * We do not document that NULL is accepted, so we may wish to change
212 * the behavior in a future version. */
213 TEST_ASSERT( mbedtls_pk_get_bitlen( NULL ) == 0 );
214 TEST_ASSERT( mbedtls_pk_get_len( NULL ) == 0 );
215 TEST_ASSERT( mbedtls_pk_can_do( NULL, MBEDTLS_PK_NONE ) == 0 );
216
217 TEST_ASSERT( mbedtls_pk_sign_restartable( &pk,
218 MBEDTLS_MD_NONE,
219 NULL, 0,
220 buf, &len,
221 rnd_std_rand, NULL,
222 NULL ) ==
223 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
224
225 TEST_ASSERT( mbedtls_pk_sign_restartable( &pk,
226 MBEDTLS_MD_NONE,
227 NULL, 0,
228 buf, &len,
229 rnd_std_rand, NULL,
230 NULL ) ==
231 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
232
233 TEST_ASSERT( mbedtls_pk_sign( &pk,
234 MBEDTLS_MD_NONE,
235 NULL, 0,
236 buf, &len,
237 rnd_std_rand, NULL ) ==
238 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
239
240 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk,
241 MBEDTLS_MD_NONE,
242 NULL, 0,
243 buf, sizeof( buf ),
244 NULL ) ==
245 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
246
247 TEST_ASSERT( mbedtls_pk_verify( &pk,
248 MBEDTLS_MD_NONE,
249 NULL, 0,
250 buf, sizeof( buf ) ) ==
251 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
252
253 TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
254 &pk,
255 MBEDTLS_MD_NONE,
256 NULL, 0,
257 buf, sizeof( buf ) ) ==
258 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
259
260 TEST_ASSERT( mbedtls_pk_encrypt( &pk,
261 NULL, 0,
262 NULL, &len, 0,
263 rnd_std_rand, NULL ) ==
264 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
265
266 TEST_ASSERT( mbedtls_pk_decrypt( &pk,
267 NULL, 0,
268 NULL, &len, 0,
269 rnd_std_rand, NULL ) ==
270 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
271
272#if defined(MBEDTLS_PK_PARSE_C)
273 TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1 ) ==
274 MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
275
276 TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, NULL, 0 ) ==
277 MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
278#endif /* MBEDTLS_PK_PARSE_C */
279}
280/* END_CASE */
281
282/* BEGIN_CASE depends_on:MBEDTLS_PK_WRITE_C */
283void valid_parameters_pkwrite( data_t *key_data )
284{
285 mbedtls_pk_context pk;
286
287 /* For the write tests to be effective, we need a valid key pair. */
288 mbedtls_pk_init( &pk );
289 TEST_ASSERT( mbedtls_pk_parse_key( &pk,
290 key_data->x, key_data->len,
291 NULL, 0 ) == 0 );
292
293 TEST_ASSERT( mbedtls_pk_write_key_der( &pk, NULL, 0 ) ==
294 MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
295
296 TEST_ASSERT( mbedtls_pk_write_pubkey_der( &pk, NULL, 0 ) ==
297 MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
298
299#if defined(MBEDTLS_PEM_WRITE_C)
300 TEST_ASSERT( mbedtls_pk_write_key_pem( &pk, NULL, 0 ) ==
301 MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
302
303 TEST_ASSERT( mbedtls_pk_write_pubkey_pem( &pk, NULL, 0 ) ==
304 MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
305#endif /* MBEDTLS_PEM_WRITE_C */
306
307exit:
308 mbedtls_pk_free( &pk );
309}
310/* END_CASE */
311
312/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
313void invalid_parameters( )
314{
315 size_t len;
316 unsigned char *null_buf = NULL;
317 unsigned char buf[1];
318 unsigned char *p = buf;
319 char str[1] = {0};
320 mbedtls_pk_context pk;
321 mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256;
322 void *options = buf;
323
324 (void) null_buf;
325 (void) p;
326 (void) str;
327
328 mbedtls_pk_init( &pk );
329
330 TEST_INVALID_PARAM( mbedtls_pk_init( NULL ) );
331
332#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
333 TEST_INVALID_PARAM( mbedtls_pk_restart_init( NULL ) );
334#endif
335
336 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
337 mbedtls_pk_setup( NULL, NULL ) );
338
339#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
340 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
341 mbedtls_pk_setup_rsa_alt( NULL, buf,
342 NULL, NULL, NULL ) );
343#endif
344
345 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
346 mbedtls_pk_verify_restartable( NULL,
347 MBEDTLS_MD_NONE,
348 buf, sizeof( buf ),
349 buf, sizeof( buf ),
350 NULL ) );
351 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
352 mbedtls_pk_verify_restartable( &pk,
353 MBEDTLS_MD_NONE,
354 NULL, sizeof( buf ),
355 buf, sizeof( buf ),
356 NULL ) );
357 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
358 mbedtls_pk_verify_restartable( &pk,
359 valid_md,
360 NULL, 0,
361 buf, sizeof( buf ),
362 NULL ) );
363 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
364 mbedtls_pk_verify_restartable( &pk,
365 MBEDTLS_MD_NONE,
366 buf, sizeof( buf ),
367 NULL, sizeof( buf ),
368 NULL ) );
369
370 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
371 mbedtls_pk_verify( NULL,
372 MBEDTLS_MD_NONE,
373 buf, sizeof( buf ),
374 buf, sizeof( buf ) ) );
375 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
376 mbedtls_pk_verify( &pk,
377 MBEDTLS_MD_NONE,
378 NULL, sizeof( buf ),
379 buf, sizeof( buf ) ) );
380 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
381 mbedtls_pk_verify( &pk,
382 valid_md,
383 NULL, 0,
384 buf, sizeof( buf ) ) );
385 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
386 mbedtls_pk_verify( &pk,
387 MBEDTLS_MD_NONE,
388 buf, sizeof( buf ),
389 NULL, sizeof( buf ) ) );
390
391 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
392 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
393 NULL,
394 MBEDTLS_MD_NONE,
395 buf, sizeof( buf ),
396 buf, sizeof( buf ) ) );
397 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
398 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
399 &pk,
400 MBEDTLS_MD_NONE,
401 NULL, sizeof( buf ),
402 buf, sizeof( buf ) ) );
403 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
404 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
405 &pk,
406 valid_md,
407 NULL, 0,
408 buf, sizeof( buf ) ) );
409 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
410 mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options,
411 &pk,
412 MBEDTLS_MD_NONE,
413 buf, sizeof( buf ),
414 NULL, sizeof( buf ) ) );
415
416 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
417 mbedtls_pk_sign_restartable( NULL,
418 MBEDTLS_MD_NONE,
419 buf, sizeof( buf ),
420 buf, &len,
421 rnd_std_rand, NULL,
422 NULL ) );
423 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
424 mbedtls_pk_sign_restartable( &pk,
425 MBEDTLS_MD_NONE,
426 NULL, sizeof( buf ),
427 buf, &len,
428 rnd_std_rand, NULL,
429 NULL ) );
430 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
431 mbedtls_pk_sign_restartable( &pk,
432 valid_md,
433 NULL, 0,
434 buf, &len,
435 rnd_std_rand, NULL,
436 NULL ) );
437 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
438 mbedtls_pk_sign_restartable( &pk,
439 MBEDTLS_MD_NONE,
440 buf, sizeof( buf ),
441 NULL, &len,
442 rnd_std_rand, NULL,
443 NULL ) );
444
445 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
446 mbedtls_pk_sign( NULL,
447 MBEDTLS_MD_NONE,
448 buf, sizeof( buf ),
449 buf, &len,
450 rnd_std_rand, NULL ) );
451 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
452 mbedtls_pk_sign( &pk,
453 MBEDTLS_MD_NONE,
454 NULL, sizeof( buf ),
455 buf, &len,
456 rnd_std_rand, NULL ) );
457 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
458 mbedtls_pk_sign( &pk,
459 valid_md,
460 NULL, 0,
461 buf, &len,
462 rnd_std_rand, NULL ) );
463 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
464 mbedtls_pk_sign( &pk,
465 MBEDTLS_MD_NONE,
466 buf, sizeof( buf ),
467 NULL, &len,
468 rnd_std_rand, NULL ) );
469
470 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
471 mbedtls_pk_decrypt( NULL,
472 buf, sizeof( buf ),
473 buf, &len, sizeof( buf ),
474 rnd_std_rand, NULL ) );
475 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
476 mbedtls_pk_decrypt( &pk,
477 NULL, sizeof( buf ),
478 buf, &len, sizeof( buf ),
479 rnd_std_rand, NULL ) );
480 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
481 mbedtls_pk_decrypt( &pk,
482 buf, sizeof( buf ),
483 NULL, &len, sizeof( buf ),
484 rnd_std_rand, NULL ) );
485 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
486 mbedtls_pk_decrypt( &pk,
487 buf, sizeof( buf ),
488 buf, NULL, sizeof( buf ),
489 rnd_std_rand, NULL ) );
490
491 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
492 mbedtls_pk_encrypt( NULL,
493 buf, sizeof( buf ),
494 buf, &len, sizeof( buf ),
495 rnd_std_rand, NULL ) );
496 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
497 mbedtls_pk_encrypt( &pk,
498 NULL, sizeof( buf ),
499 buf, &len, sizeof( buf ),
500 rnd_std_rand, NULL ) );
501 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
502 mbedtls_pk_encrypt( &pk,
503 buf, sizeof( buf ),
504 NULL, &len, sizeof( buf ),
505 rnd_std_rand, NULL ) );
506 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
507 mbedtls_pk_encrypt( &pk,
508 buf, sizeof( buf ),
509 buf, NULL, sizeof( buf ),
510 rnd_std_rand, NULL ) );
511
512 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
513 mbedtls_pk_check_pair( NULL, &pk ) );
514 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
515 mbedtls_pk_check_pair( &pk, NULL ) );
516
517 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
518 mbedtls_pk_debug( NULL, NULL ) );
519
520#if defined(MBEDTLS_PK_PARSE_C)
521#if defined(MBEDTLS_FS_IO)
522 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
523 mbedtls_pk_load_file( NULL, &p, &len ) );
524 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
525 mbedtls_pk_load_file( str, NULL, &len ) );
526 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
527 mbedtls_pk_load_file( str, &p, NULL ) );
528
529 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
530 mbedtls_pk_parse_keyfile( NULL, str, NULL ) );
531 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
532 mbedtls_pk_parse_keyfile( &pk, NULL, NULL ) );
533
534 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
535 mbedtls_pk_parse_public_keyfile( NULL, str ) );
536 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
537 mbedtls_pk_parse_public_keyfile( &pk, NULL ) );
538#endif
539
540 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
541 mbedtls_pk_parse_subpubkey( NULL, buf, &pk ) );
542 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
543 mbedtls_pk_parse_subpubkey( &null_buf, buf, &pk ) );
544 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
545 mbedtls_pk_parse_subpubkey( &p, NULL, &pk ) );
546 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
547 mbedtls_pk_parse_subpubkey( &p, buf, NULL ) );
548
549 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
550 mbedtls_pk_parse_key( NULL,
551 buf, sizeof( buf ),
552 buf, sizeof( buf ) ) );
553 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
554 mbedtls_pk_parse_key( &pk,
555 NULL, sizeof( buf ),
556 buf, sizeof( buf ) ) );
557
558 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
559 mbedtls_pk_parse_public_key( NULL,
560 buf, sizeof( buf ) ) );
561 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
562 mbedtls_pk_parse_public_key( &pk,
563 NULL, sizeof( buf ) ) );
564#endif /* MBEDTLS_PK_PARSE_C */
565
566#if defined(MBEDTLS_PK_WRITE_C)
567 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
568 mbedtls_pk_write_pubkey( NULL, p, &pk ) );
569 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
570 mbedtls_pk_write_pubkey( &null_buf, p, &pk ) );
571 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
572 mbedtls_pk_write_pubkey( &p, NULL, &pk ) );
573 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
574 mbedtls_pk_write_pubkey( &p, p, NULL ) );
575
576 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
577 mbedtls_pk_write_pubkey_der( NULL,
578 buf, sizeof( buf ) ) );
579 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
580 mbedtls_pk_write_pubkey_der( &pk,
581 NULL, sizeof( buf ) ) );
582
583 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
584 mbedtls_pk_write_key_der( NULL,
585 buf, sizeof( buf ) ) );
586 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
587 mbedtls_pk_write_key_der( &pk,
588 NULL, sizeof( buf ) ) );
589
590#if defined(MBEDTLS_PEM_WRITE_C)
591 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
592 mbedtls_pk_write_pubkey_pem( NULL,
593 buf, sizeof( buf ) ) );
594 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
595 mbedtls_pk_write_pubkey_pem( &pk,
596 NULL, sizeof( buf ) ) );
597
598 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
599 mbedtls_pk_write_key_pem( NULL,
600 buf, sizeof( buf ) ) );
601 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA,
602 mbedtls_pk_write_key_pem( &pk,
603 NULL, sizeof( buf ) ) );
604#endif /* MBEDTLS_PEM_WRITE_C */
605
606#endif /* MBEDTLS_PK_WRITE_C */
607}
608/* END_CASE */
609
610/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]611void pk_utils( int type, int size, int len, char * name )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]612{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]613 mbedtls_pk_context pk;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]614
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]615 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]616
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]617 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]618 TEST_ASSERT( pk_genkey( &pk ) == 0 );
619
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]620 TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type );
621 TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) );
Manuel Pégourié-Gonnard097c7bb2015-06-18 16:43:38 +0200[diff] [blame]622 TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == (unsigned) size );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]623 TEST_ASSERT( mbedtls_pk_get_len( &pk ) == (unsigned) len );
624 TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]625
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]626exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]627 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]628}
629/* END_CASE */
630
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]631/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_FS_IO */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]632void mbedtls_pk_check_pair( char * pub_file, char * prv_file, int ret )
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]633{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]634 mbedtls_pk_context pub, prv, alt;
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]635
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]636 mbedtls_pk_init( &pub );
637 mbedtls_pk_init( &prv );
638 mbedtls_pk_init( &alt );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]639
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]640 TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &pub, pub_file ) == 0 );
641 TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL ) == 0 );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]642
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]643 TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv ) == ret );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]644
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]645#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
646 if( mbedtls_pk_get_type( &prv ) == MBEDTLS_PK_RSA )
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]647 {
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]648 TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, mbedtls_pk_rsa( prv ),
Hanno Becker6ac972d2017-09-07 10:57:48 +0100[diff] [blame]649 mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func,
650 mbedtls_rsa_key_len_func ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]651 TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt ) == ret );
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]652 }
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]653#endif
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]654
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]655 mbedtls_pk_free( &pub );
656 mbedtls_pk_free( &prv );
657 mbedtls_pk_free( &alt );
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]658}
659/* END_CASE */
660
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]661/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]662void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]663 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]664 char * input_E, data_t * result_str,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]665 int result )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]666{
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]667 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]668 mbedtls_rsa_context *rsa;
669 mbedtls_pk_context pk;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]670 mbedtls_pk_restart_ctx *rs_ctx = NULL;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]671#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]672 mbedtls_pk_restart_ctx ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]673
674 rs_ctx = &ctx;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]675 mbedtls_pk_restart_init( rs_ctx );
Manuel Pégourié-Gonnard4edb9cb2018-07-02 12:23:23 +0200[diff] [blame]676 // this setting would ensure restart would happen if ECC was used
677 mbedtls_ecp_set_max_ops( 1 );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]678#endif
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]679
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]680 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]681
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]682 memset( hash_result, 0x00, MBEDTLS_MD_MAX_SIZE );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]683
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]684 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]686
Paul Bakker42099c32014-01-27 11:45:49 +0100[diff] [blame]687 rsa->len = mod / 8;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]688 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
689 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]690
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]691
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]692 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]693 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]694
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]695 TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]696 result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]697
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]698 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, digest, hash_result, 0,
Manuel Pégourié-Gonnard125af942018-09-11 11:08:12 +0200[diff] [blame]699 result_str->x, mbedtls_pk_get_len( &pk ), rs_ctx ) == result );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]700
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]701exit:
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]702#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]703 mbedtls_pk_restart_free( rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]704#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]705 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]706}
707/* END_CASE */
708
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]709/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]710void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]711 int mod, int radix_N, char * input_N,
712 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]713 data_t * result_str, int pk_type,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]714 int mgf1_hash_id, int salt_len, int result )
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]715{
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]716 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]717 mbedtls_rsa_context *rsa;
718 mbedtls_pk_context pk;
719 mbedtls_pk_rsassa_pss_options pss_opts;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]720 void *options;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]721 size_t hash_len;
722
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]723 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]724
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]725 memset( hash_result, 0x00, sizeof( hash_result ) );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]726
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]727 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]728 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]729
730 rsa->len = mod / 8;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]731 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
732 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]733
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]734
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]735 if( digest != MBEDTLS_MD_NONE )
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]736 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]737 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ),
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]738 message_str->x, message_str->len, hash_result ) == 0 );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]739 hash_len = 0;
740 }
741 else
742 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]743 memcpy( hash_result, message_str->x, message_str->len );
744 hash_len = message_str->len;
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]745 }
746
747 if( mgf1_hash_id < 0 )
748 {
749 options = NULL;
750 }
751 else
752 {
753 options = &pss_opts;
754
755 pss_opts.mgf1_hash_id = mgf1_hash_id;
756 pss_opts.expected_salt_len = salt_len;
757 }
758
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]759 TEST_ASSERT( mbedtls_pk_verify_ext( pk_type, options, &pk,
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]760 digest, hash_result, hash_len,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]761 result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]762
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]763exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]764 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]765}
766/* END_CASE */
767
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]768/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]769void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash,
770 data_t * sig, int ret )
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]771{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]772 mbedtls_pk_context pk;
773 mbedtls_ecp_keypair *eckey;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]774
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]775 mbedtls_pk_init( &pk );
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]776 PSA_INIT( );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]777
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]778 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]779
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]780 TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) );
781 eckey = mbedtls_pk_ec( pk );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]782
Manuel Pégourié-Gonnarde3a062b2015-05-11 18:46:47 +0200[diff] [blame]783 TEST_ASSERT( mbedtls_ecp_group_load( &eckey->grp, id ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]784 TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]785 key->x, key->len ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]786
Andrzej Kurekc05ec9f2018-11-08 05:04:53 -0500[diff] [blame]787 // MBEDTLS_MD_SHA1 is a dummy - it is ignored, but has to be other than MBEDTLS_MD_NONE.
788 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA1,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]789 hash->x, hash->len, sig->x, sig->len ) == ret );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]790
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]791exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]792 mbedtls_pk_free( &pk );
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]793 PSA_DONE( );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]794}
795/* END_CASE */
796
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]797/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */
798void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
799 char *QX_str, char *QY_str,
800 int md_alg, char *msg, char *sig_str,
801 int max_ops, int min_restart, int max_restart )
802{
803 int ret, cnt_restart;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]804 mbedtls_pk_restart_ctx rs_ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]805 mbedtls_pk_context prv, pub;
806 unsigned char hash[MBEDTLS_MD_MAX_SIZE];
807 unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
808 unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
809 size_t hlen, slen, slen_check;
810 const mbedtls_md_info_t *md_info;
811
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]812 mbedtls_pk_restart_init( &rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]813 mbedtls_pk_init( &prv );
814 mbedtls_pk_init( &pub );
815 memset( hash, 0, sizeof( hash ) );
816 memset( sig, 0, sizeof( sig ) );
817 memset( sig_check, 0, sizeof( sig_check ) );
818
819 TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
820 TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 );
821 TEST_ASSERT( mbedtls_mpi_read_string( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 );
822
823 TEST_ASSERT( mbedtls_pk_setup( &pub, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
824 TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 );
825 TEST_ASSERT( mbedtls_ecp_point_read_string( &mbedtls_pk_ec( pub )->Q, 16, QX_str, QY_str ) == 0 );
826
827 slen_check = unhexify( sig_check, sig_str );
828
829 md_info = mbedtls_md_info_from_type( md_alg );
830 TEST_ASSERT( md_info != NULL );
831
832 hlen = mbedtls_md_get_size( md_info );
833 mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash );
834
835 mbedtls_ecp_set_max_ops( max_ops );
836
837 slen = sizeof( sig );
838 cnt_restart = 0;
839 do {
840 ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
841 sig, &slen, NULL, NULL, &rs_ctx );
842 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
843
844 TEST_ASSERT( ret == 0 );
845 TEST_ASSERT( slen == slen_check );
846 TEST_ASSERT( memcmp( sig, sig_check, slen ) == 0 );
847
848 TEST_ASSERT( cnt_restart >= min_restart );
849 TEST_ASSERT( cnt_restart <= max_restart );
850
851 cnt_restart = 0;
852 do {
853 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
854 hash, hlen, sig, slen, &rs_ctx );
855 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
856
857 TEST_ASSERT( ret == 0 );
858 TEST_ASSERT( cnt_restart >= min_restart );
859 TEST_ASSERT( cnt_restart <= max_restart );
860
861 hash[0]++;
862 do {
863 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
864 hash, hlen, sig, slen, &rs_ctx );
865 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
866 TEST_ASSERT( ret != 0 );
867 hash[0]--;
868
869 sig[0]++;
870 do {
871 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
872 hash, hlen, sig, slen, &rs_ctx );
873 } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
874 TEST_ASSERT( ret != 0 );
875 sig[0]--;
876
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]877 /* Do we leak memory when aborting? try verify then sign
878 * This test only makes sense when we actually restart */
879 if( min_restart > 0 )
880 {
881 ret = mbedtls_pk_verify_restartable( &pub, md_alg,
882 hash, hlen, sig, slen, &rs_ctx );
883 TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
884 mbedtls_pk_restart_free( &rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]885
Manuel Pégourié-Gonnard46ba7f32017-08-28 12:20:39 +0200[diff] [blame]886 slen = sizeof( sig );
887 ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
888 sig, &slen, NULL, NULL, &rs_ctx );
889 TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
890 }
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]891
892exit:
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]893 mbedtls_pk_restart_free( &rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]894 mbedtls_pk_free( &prv );
895 mbedtls_pk_free( &pub );
896}
897/* END_CASE */
898
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]899/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]900void pk_sign_verify( int type, int sign_ret, int verify_ret )
901{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]902 mbedtls_pk_context pk;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]903 size_t sig_len;
Gilles Peskineeba088a2019-11-05 16:32:32 +0100[diff] [blame^]904 unsigned char hash[MBEDTLS_MD_MAX_SIZE];
905 unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]906 void *rs_ctx = NULL;
907#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]908 mbedtls_pk_restart_ctx ctx;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]909
910 rs_ctx = &ctx;
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]911 mbedtls_pk_restart_init( rs_ctx );
Manuel Pégourié-Gonnard4edb9cb2018-07-02 12:23:23 +0200[diff] [blame]912 /* This value is large enough that the operation will complete in one run.
913 * See comments at the top of ecp_test_vect_restart in
914 * test_suite_ecp.function for estimates of operation counts. */
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]915 mbedtls_ecp_set_max_ops( 42000 );
916#endif
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]917
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]918 mbedtls_pk_init( &pk );
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]919 PSA_INIT( );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]920
921 memset( hash, 0x2a, sizeof hash );
922 memset( sig, 0, sizeof sig );
923
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]924 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]925 TEST_ASSERT( pk_genkey( &pk ) == 0 );
926
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]927 TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256,
928 hash, sizeof hash, sig, &sig_len,
929 rnd_std_rand, NULL, rs_ctx ) == sign_ret );
Gilles Peskineeba088a2019-11-05 16:32:32 +0100[diff] [blame^]930 if( sign_ret == 0 )
931 TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE );
932 else
Gilles Peskinef85e4e62019-11-12 11:08:23 +0100[diff] [blame]933 sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]934
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]935 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]936 hash, sizeof hash, sig, sig_len ) == verify_ret );
937
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]938 if( verify_ret == 0 )
939 {
940 hash[0]++;
941 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
942 hash, sizeof hash, sig, sig_len ) != 0 );
943 hash[0]--;
944
945 sig[0]++;
946 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
947 hash, sizeof hash, sig, sig_len ) != 0 );
948 sig[0]--;
949 }
950
951 TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
952 sig, &sig_len, rnd_std_rand, NULL ) == sign_ret );
Gilles Peskineeba088a2019-11-05 16:32:32 +0100[diff] [blame^]953 if( sign_ret == 0 )
954 TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE );
955 else
Gilles Peskinef85e4e62019-11-12 11:08:23 +0100[diff] [blame]956 sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]957
958 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
959 hash, sizeof hash, sig, sig_len, rs_ctx ) == verify_ret );
960
961 if( verify_ret == 0 )
962 {
963 hash[0]++;
964 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
965 hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
966 hash[0]--;
967
968 sig[0]++;
969 TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
970 hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
971 sig[0]--;
972 }
973
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]974exit:
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]975#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Manuel Pégourié-Gonnard15d7df22017-08-17 14:33:31 +0200[diff] [blame]976 mbedtls_pk_restart_free( rs_ctx );
Manuel Pégourié-Gonnardc4ee9ac2017-05-08 10:09:36 +0200[diff] [blame]977#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]978 mbedtls_pk_free( &pk );
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]979 PSA_DONE( );
Manuel Pégourié-Gonnardb0a467f2013-09-21 12:31:05 +0200[diff] [blame]980}
981/* END_CASE */
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]982
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]983/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]984void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]985 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]986 data_t * result, int ret )
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]987{
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]988 unsigned char output[300];
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]989 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]990 mbedtls_rsa_context *rsa;
991 mbedtls_pk_context pk;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]992 size_t olen;
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]993
994 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]995 memset( output, 0, sizeof( output ) );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]996
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]997
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]998 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]999 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1000 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1001
1002 rsa->len = mod / 8;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1003 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
1004 TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1005
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1006 TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len,
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1007 output, &olen, sizeof( output ),
1008 rnd_pseudo_rand, &rnd_info ) == ret );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1009 TEST_ASSERT( olen == result->len );
1010 TEST_ASSERT( memcmp( output, result->x, olen ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1011
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1012exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1013 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1014}
1015/* END_CASE */
1016
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1017/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1018void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1019 char * input_P, int radix_Q, char * input_Q,
1020 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1021 char * input_E, data_t * clear, int ret )
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1022{
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]1023 unsigned char output[256];
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1024 rnd_pseudo_info rnd_info;
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]1025 mbedtls_mpi N, P, Q, E;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1026 mbedtls_rsa_context *rsa;
1027 mbedtls_pk_context pk;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1028 size_t olen;
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1029
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1030 mbedtls_pk_init( &pk );
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]1031 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
1032 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1033
1034 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1035
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1036
1037 /* init pk-rsa context */
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]1038 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1039 rsa = mbedtls_pk_rsa( pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1040
1041 /* load public key */
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]1042 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1043 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1044
1045 /* load private key */
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]1046 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1047 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1048 TEST_ASSERT( mbedtls_rsa_import( rsa, &N, &P, &Q, NULL, &E ) == 0 );
1049 TEST_ASSERT( mbedtls_rsa_get_len( rsa ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1050 TEST_ASSERT( mbedtls_rsa_complete( rsa ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1051
1052 /* decryption test */
1053 memset( output, 0, sizeof( output ) );
1054 olen = 0;
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1055 TEST_ASSERT( mbedtls_pk_decrypt( &pk, cipher->x, cipher->len,
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1056 output, &olen, sizeof( output ),
1057 rnd_pseudo_rand, &rnd_info ) == ret );
1058 if( ret == 0 )
1059 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1060 TEST_ASSERT( olen == clear->len );
1061 TEST_ASSERT( memcmp( output, clear->x, olen ) == 0 );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1062 }
1063
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1064exit:
Hanno Beckerd71dc152017-08-23 06:32:42 +0100[diff] [blame]1065 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
1066 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1067 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard67d45832013-10-17 12:34:16 +0200[diff] [blame]1068}
1069/* END_CASE */
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1070
1071/* BEGIN_CASE */
1072void pk_ec_nocrypt( int type )
1073{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1074 mbedtls_pk_context pk;
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1075 unsigned char output[100];
1076 unsigned char input[100];
1077 rnd_pseudo_info rnd_info;
1078 size_t olen = 0;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1079 int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1080
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1081 mbedtls_pk_init( &pk );
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1082
1083 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
1084 memset( output, 0, sizeof( output ) );
1085 memset( input, 0, sizeof( input ) );
1086
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]1087 TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1088
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1089 TEST_ASSERT( mbedtls_pk_encrypt( &pk, input, sizeof( input ),
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1090 output, &olen, sizeof( output ),
1091 rnd_pseudo_rand, &rnd_info ) == ret );
1092
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1093 TEST_ASSERT( mbedtls_pk_decrypt( &pk, input, sizeof( input ),
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1094 output, &olen, sizeof( output ),
1095 rnd_pseudo_rand, &rnd_info ) == ret );
1096
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1097exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1098 mbedtls_pk_free( &pk );
Manuel Pégourié-Gonnard75c78822013-10-17 12:46:39 +0200[diff] [blame]1099}
1100/* END_CASE */
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1101
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]1102/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1103void pk_rsa_overflow( )
1104{
1105 mbedtls_pk_context pk;
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1106 size_t hash_len = SIZE_MAX, sig_len = SIZE_MAX;
1107 unsigned char hash[50], sig[100];
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]1108
1109 if( SIZE_MAX <= UINT_MAX )
1110 return;
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1111
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1112 memset( hash, 0x2a, sizeof hash );
1113 memset( sig, 0, sizeof sig );
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1114
1115 mbedtls_pk_init( &pk );
1116
1117 TEST_ASSERT( mbedtls_pk_setup( &pk,
1118 mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
1119
1120#if defined(MBEDTLS_PKCS1_V21)
1121 TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, NULL, &pk,
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1122 MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len ) ==
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1123 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
1124#endif /* MBEDTLS_PKCS1_V21 */
1125
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1126 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE, hash, hash_len,
1127 sig, sig_len ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA );
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1128
itayzafrir693a1d92018-02-26 12:02:10 +0200[diff] [blame]1129 TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, hash, hash_len, sig, &sig_len,
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1130 rnd_std_rand, NULL ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA );
1131
1132exit:
1133 mbedtls_pk_free( &pk );
1134}
1135/* END_CASE */
1136
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1137/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1138void pk_rsa_alt( )
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1139{
1140 /*
1141 * An rsa_alt context can only do private operations (decrypt, sign).
1142 * Test it against the public operations (encrypt, verify) of a
1143 * corresponding rsa context.
1144 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1145 mbedtls_rsa_context raw;
1146 mbedtls_pk_context rsa, alt;
1147 mbedtls_pk_debug_item dbg_items[10];
Ron Eldor58e3f692018-11-21 13:44:31 +0200[diff] [blame]1148 unsigned char hash[50], sig[64];
1149 unsigned char msg[50], ciph[64], test[50];
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1150 size_t sig_len, ciph_len, test_len;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1151 int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1152
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1153 mbedtls_rsa_init( &raw, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
1154 mbedtls_pk_init( &rsa ); mbedtls_pk_init( &alt );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1155
1156 memset( hash, 0x2a, sizeof hash );
1157 memset( sig, 0, sizeof sig );
1158 memset( msg, 0x2a, sizeof msg );
1159 memset( ciph, 0, sizeof ciph );
1160 memset( test, 0, sizeof test );
1161
1162 /* Initiliaze PK RSA context with random key */
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]1163 TEST_ASSERT( mbedtls_pk_setup( &rsa,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1164 mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1165 TEST_ASSERT( pk_genkey( &rsa ) == 0 );
1166
1167 /* Extract key to the raw rsa context */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1168 TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1169
1170 /* Initialize PK RSA_ALT context */
Manuel Pégourié-Gonnardd9e6a3a2015-05-14 19:41:36 +0200[diff] [blame]1171 TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, (void *) &raw,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1172 mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, mbedtls_rsa_key_len_func ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1173
1174 /* Test administrative functions */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1175 TEST_ASSERT( mbedtls_pk_can_do( &alt, MBEDTLS_PK_RSA ) );
Manuel Pégourié-Gonnard097c7bb2015-06-18 16:43:38 +0200[diff] [blame]1176 TEST_ASSERT( mbedtls_pk_get_bitlen( &alt ) == RSA_KEY_SIZE );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1177 TEST_ASSERT( mbedtls_pk_get_len( &alt ) == RSA_KEY_LEN );
1178 TEST_ASSERT( mbedtls_pk_get_type( &alt ) == MBEDTLS_PK_RSA_ALT );
1179 TEST_ASSERT( strcmp( mbedtls_pk_get_name( &alt ), "RSA-alt" ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1180
1181 /* Test signature */
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]1182#if SIZE_MAX > UINT_MAX
1183 TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, SIZE_MAX,
1184 sig, &sig_len, rnd_std_rand, NULL ) ==
Andres AG5c79d252017-02-15 10:52:32 +0000[diff] [blame]1185 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
Andres Amaya Garcia7ea67272017-05-08 11:15:49 +0100[diff] [blame]1186#endif /* SIZE_MAX > UINT_MAX */
1187 TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, sizeof hash,
1188 sig, &sig_len, rnd_std_rand, NULL ) == 0 );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1189 TEST_ASSERT( sig_len == RSA_KEY_LEN );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1190 TEST_ASSERT( mbedtls_pk_verify( &rsa, MBEDTLS_MD_NONE,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1191 hash, sizeof hash, sig, sig_len ) == 0 );
1192
1193 /* Test decrypt */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1194 TEST_ASSERT( mbedtls_pk_encrypt( &rsa, msg, sizeof msg,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1195 ciph, &ciph_len, sizeof ciph,
1196 rnd_std_rand, NULL ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1197 TEST_ASSERT( mbedtls_pk_decrypt( &alt, ciph, ciph_len,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1198 test, &test_len, sizeof test,
1199 rnd_std_rand, NULL ) == 0 );
1200 TEST_ASSERT( test_len == sizeof msg );
1201 TEST_ASSERT( memcmp( test, msg, test_len ) == 0 );
1202
1203 /* Test forbidden operations */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1204 TEST_ASSERT( mbedtls_pk_encrypt( &alt, msg, sizeof msg,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1205 ciph, &ciph_len, sizeof ciph,
1206 rnd_std_rand, NULL ) == ret );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1207 TEST_ASSERT( mbedtls_pk_verify( &alt, MBEDTLS_MD_NONE,
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1208 hash, sizeof hash, sig, sig_len ) == ret );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1209 TEST_ASSERT( mbedtls_pk_debug( &alt, dbg_items ) == ret );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1210
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1211exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1212 mbedtls_rsa_free( &raw );
1213 mbedtls_pk_free( &rsa ); mbedtls_pk_free( &alt );
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]1214}
1215/* END_CASE */
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1216
1217/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
1218void pk_psa_sign( )
1219{
1220 mbedtls_pk_context pk;
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1221 unsigned char hash[50], sig[100], pkey_legacy[100], pkey_psa[100];
1222 unsigned char *pkey_legacy_start, *pkey_psa_start;
1223 size_t sig_len, klen_legacy, klen_psa;
1224 int ret;
1225 psa_key_handle_t handle;
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1226
1227 /*
1228 * This tests making signatures with a wrapped PSA key:
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1229 * - generate a fresh ECP legacy PK context
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1230 * - wrap it in a PK context and make a signature this way
1231 * - extract the public key
1232 * - parse it to a PK context and verify the signature this way
1233 */
1234
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]1235 PSA_ASSERT( psa_crypto_init( ) );
1236
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1237 /* Create legacy EC public/private key in PK context. */
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1238 mbedtls_pk_init( &pk );
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1239 TEST_ASSERT( mbedtls_pk_setup( &pk,
1240 mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
1241 TEST_ASSERT( mbedtls_ecp_gen_key( MBEDTLS_ECP_DP_SECP256R1,
1242 (mbedtls_ecp_keypair*) pk.pk_ctx,
1243 rnd_std_rand, NULL ) == 0 );
1244
1245 /* Export underlying public key for re-importing in a legacy context. */
1246 ret = mbedtls_pk_write_pubkey_der( &pk, pkey_legacy,
1247 sizeof( pkey_legacy ) );
1248 TEST_ASSERT( ret >= 0 );
1249 klen_legacy = (size_t) ret;
1250 /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
1251 pkey_legacy_start = pkey_legacy + sizeof( pkey_legacy ) - klen_legacy;
1252
1253 /* Turn PK context into an opaque one. */
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1254 TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &handle,
1255 PSA_ALG_SHA_256 ) == 0 );
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1256
1257 memset( hash, 0x2a, sizeof hash );
1258 memset( sig, 0, sizeof sig );
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1259
1260 TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256,
1261 hash, sizeof hash, sig, &sig_len,
1262 NULL, NULL ) == 0 );
1263
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1264 /* Export underlying public key for re-importing in a psa context. */
1265 ret = mbedtls_pk_write_pubkey_der( &pk, pkey_psa,
1266 sizeof( pkey_psa ) );
1267 TEST_ASSERT( ret >= 0 );
1268 klen_psa = (size_t) ret;
1269 /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
1270 pkey_psa_start = pkey_psa + sizeof( pkey_psa ) - klen_psa;
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1271
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1272 TEST_ASSERT( klen_psa == klen_legacy );
1273 TEST_ASSERT( memcmp( pkey_psa_start, pkey_legacy_start, klen_psa ) == 0 );
1274
1275 mbedtls_pk_free( &pk );
1276 TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( handle ) );
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1277
1278 mbedtls_pk_init( &pk );
Hanno Becker56104ea2019-02-01 11:48:19 +0000[diff] [blame]1279 TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey_legacy_start,
1280 klen_legacy ) == 0 );
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1281 TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
1282 hash, sizeof hash, sig, sig_len ) == 0 );
1283
1284exit:
1285 mbedtls_pk_free( &pk );
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]1286 PSA_DONE( );
Manuel Pégourié-Gonnard36867712018-10-31 16:22:49 +0100[diff] [blame]1287}
1288/* END_CASE */