TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 84554e983025e079bb6bdc6fd467db7c81b6c552 / . / tests / suites / test_suite_pkwrite.function
blob: 28684622bd65e949c91fe667565a52b989faa9a4 [file] [log] [blame]
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/pk.h"
3#include "mbedtls/pem.h"
4#include "mbedtls/oid.h"
Valerio Setti17513412023-04-26 14:48:43 +0200[diff] [blame]5#include "psa/crypto_sizes.h"
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]6
Valerio Settic9cb5322023-04-18 11:20:36 +0200[diff] [blame]7typedef enum {
8 TEST_PEM,
9 TEST_DER
10} pkwrite_file_format_t;
11
Valerio Setti547b3a42023-04-24 10:24:37 +0200[diff] [blame]12/* Helper function for removing "\r" chars from a buffer. */
Valerio Setti7bacaf82023-04-24 08:52:16 +0200[diff] [blame]13static void fix_new_lines(unsigned char *in_str, size_t *len)
14{
15 size_t chars_left;
16 unsigned int i;
17
18 for (i = 0; (i < *len) && (*len > 0); i++) {
19 if (in_str[i] == '\r') {
20 if (i < (*len - 1)) {
21 chars_left = *len - i - 1;
Valerio Settibf974b92023-04-24 10:26:24 +0200[diff] [blame]22 memmove(&in_str[i], &in_str[i+1], chars_left);
Valerio Setti7bacaf82023-04-24 08:52:16 +0200[diff] [blame]23 } else {
24 in_str[i] = '\0';
25 }
26 *len = *len - 1;
27 }
28 }
29}
30
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]31static void pk_write_check_common(char *key_file, int is_public_key, int is_der)
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]32{
33 mbedtls_pk_context key;
34 unsigned char *buf = NULL;
35 unsigned char *check_buf = NULL;
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]36 unsigned char *start_buf;
Valerio Setti3401b302023-04-18 10:42:53 +0200[diff] [blame]37 size_t buf_len, check_buf_len;
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]38 int ret;
39
Valerio Setti14bfdbf2023-04-24 13:53:21 +0200[diff] [blame]40 mbedtls_pk_init(&key);
41 USE_PSA_INIT();
42
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]43 /* Note: if mbedtls_pk_load_file() successfully reads the file, then
44 it also allocates check_buf, which should be freed on exit */
Valerio Setti3401b302023-04-18 10:42:53 +0200[diff] [blame]45 TEST_EQUAL(mbedtls_pk_load_file(key_file, &check_buf, &check_buf_len), 0);
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]46 TEST_ASSERT(check_buf_len > 0);
47
Valerio Setti7bacaf82023-04-24 08:52:16 +0200[diff] [blame]48 /* Windows' line ending is different from the Linux's one ("\r\n" vs "\n").
49 * Git treats PEM files as text, so when on Windows, it replaces new lines
50 * with "\r\n" on checkout.
51 * Unfortunately mbedtls_pk_load_file() loads files in binary format,
52 * while mbedtls_pk_write_pubkey_pem() goes through the I/O layer which
53 * uses "\n" for newlines in both Windows and Linux.
54 * Here we remove the extra "\r" so that "buf" and "check_buf" can be
55 * easily compared later. */
56 if (!is_der) {
57 fix_new_lines(check_buf, &check_buf_len);
58 }
59 TEST_ASSERT(check_buf_len > 0);
60
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]61 ASSERT_ALLOC(buf, check_buf_len);
62
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]63 if (is_public_key) {
Valerio Setti3401b302023-04-18 10:42:53 +0200[diff] [blame]64 TEST_EQUAL(mbedtls_pk_parse_public_keyfile(&key, key_file), 0);
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]65 if (is_der) {
66 ret = mbedtls_pk_write_pubkey_der(&key, buf, check_buf_len);
67 } else {
Valerio Setti15cac172023-04-18 11:25:30 +0200[diff] [blame]68#if defined(MBEDTLS_PEM_WRITE_C)
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]69 ret = mbedtls_pk_write_pubkey_pem(&key, buf, check_buf_len);
Valerio Setti15cac172023-04-18 11:25:30 +0200[diff] [blame]70#else
71 ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
72#endif
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]73 }
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]74 } else {
Valerio Setti3401b302023-04-18 10:42:53 +0200[diff] [blame]75 TEST_EQUAL(mbedtls_pk_parse_keyfile(&key, key_file, NULL,
Valerio Setti22808952023-04-18 12:57:52 +0200[diff] [blame]76 mbedtls_test_rnd_std_rand, NULL), 0);
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]77 if (is_der) {
78 ret = mbedtls_pk_write_key_der(&key, buf, check_buf_len);
79 } else {
Valerio Setti15cac172023-04-18 11:25:30 +0200[diff] [blame]80#if defined(MBEDTLS_PEM_WRITE_C)
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]81 ret = mbedtls_pk_write_key_pem(&key, buf, check_buf_len);
Valerio Setti15cac172023-04-18 11:25:30 +0200[diff] [blame]82#else
83 ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
84#endif
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]85 }
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]86 }
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]87
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]88 if (is_der) {
Valerio Setti3401b302023-04-18 10:42:53 +0200[diff] [blame]89 TEST_LE_U(1, ret);
90 buf_len = ret;
91 start_buf = buf + check_buf_len - buf_len;
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]92 } else {
Valerio Setti3401b302023-04-18 10:42:53 +0200[diff] [blame]93 TEST_EQUAL(ret, 0);
Valerio Setti22808952023-04-18 12:57:52 +0200[diff] [blame]94 buf_len = strlen((char *) buf) + 1; /* +1 takes the string terminator into account */
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]95 start_buf = buf;
96 }
97
Valerio Setti3401b302023-04-18 10:42:53 +0200[diff] [blame]98 ASSERT_COMPARE(start_buf, buf_len, check_buf, check_buf_len);
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]99
100exit:
101 mbedtls_free(buf);
102 mbedtls_free(check_buf);
103 mbedtls_pk_free(&key);
Valerio Setti14bfdbf2023-04-24 13:53:21 +0200[diff] [blame]104 USE_PSA_DONE();
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]105}
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]106/* END_HEADER */
107
108/* BEGIN_DEPENDENCIES
Hanno Becker19d858e2018-10-16 13:46:25 +0100[diff] [blame]109 * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]110 * END_DEPENDENCIES
111 */
112
Valerio Setti15cac172023-04-18 11:25:30 +0200[diff] [blame]113/* BEGIN_CASE */
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]114void pk_write_pubkey_check(char *key_file, int is_der)
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]115{
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]116 pk_write_check_common(key_file, 1, is_der);
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]117 goto exit; /* make the compiler happy */
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]118}
119/* END_CASE */
120
Valerio Setti15cac172023-04-18 11:25:30 +0200[diff] [blame]121/* BEGIN_CASE */
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]122void pk_write_key_check(char *key_file, int is_der)
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]123{
Valerio Settic60bc5e2023-04-17 18:43:06 +0200[diff] [blame]124 pk_write_check_common(key_file, 0, is_der);
Valerio Setti89590952023-04-17 17:34:09 +0200[diff] [blame]125 goto exit; /* make the compiler happy */
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]126}
127/* END_CASE */
Valerio Setti17513412023-04-26 14:48:43 +0200[diff] [blame]128
129/* BEGIN_CASE */
Valerio Setti84554e92023-04-27 10:06:45 +0200[diff] [blame^]130void pk_write_public_from_private(char *priv_key_file,
Valerio Setti17513412023-04-26 14:48:43 +0200[diff] [blame]131 char *pub_key_file)
132{
133 mbedtls_pk_context priv_key, pub_key;
134 uint8_t derived_key_raw[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
135 uint8_t *derived_key_start;
136 size_t derived_key_len = 0;
137 uint8_t pub_key_raw[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
138 uint8_t *pub_key_start;
139 size_t pub_key_len = 0;
140#if defined(MBEDTLS_USE_PSA_CRYPTO)
141 mbedtls_svc_key_id_t opaque_key_id = MBEDTLS_SVC_KEY_ID_INIT;
142#endif /* MBEDTLS_USE_PSA_CRYPTO */
143
144 mbedtls_pk_init(&priv_key);
145 mbedtls_pk_init(&pub_key);
146 USE_PSA_INIT();
147
148 memset(derived_key_raw, 0, sizeof(derived_key_raw));
149 memset(pub_key_raw, 0, sizeof(pub_key_raw));
150
151 TEST_EQUAL(mbedtls_pk_parse_keyfile(&priv_key, priv_key_file, NULL,
152 mbedtls_test_rnd_std_rand, NULL), 0);
153 TEST_EQUAL(mbedtls_pk_parse_public_keyfile(&pub_key, pub_key_file), 0);
154
155 /* mbedtls_pk_write_pubkey() writes data backward in the provided buffer,
156 * i.e. derived_key_raw, so we place derived_key_start at the end of it
157 * and it will be updated accordingly on return.
158 * The same holds for pub_key_raw and pub_key_start below.*/
159 derived_key_start = derived_key_raw + sizeof(derived_key_raw);
160 TEST_LE_U(1, mbedtls_pk_write_pubkey(&derived_key_start,
161 derived_key_raw, &priv_key));
162 derived_key_len = sizeof(derived_key_raw) -
163 (derived_key_start - derived_key_raw);
164
165
166 pub_key_start = pub_key_raw + sizeof(pub_key_raw);
167 TEST_LE_U(1, mbedtls_pk_write_pubkey(&pub_key_start,
168 pub_key_raw, &pub_key));
169 pub_key_len = sizeof(pub_key_raw) -
170 (pub_key_start - pub_key_raw);
171
172 ASSERT_COMPARE(derived_key_start, derived_key_len,
173 pub_key_start, pub_key_len);
174
175#if defined(MBEDTLS_USE_PSA_CRYPTO)
176 mbedtls_platform_zeroize(derived_key_raw, sizeof(derived_key_raw));
177 derived_key_len = 0;
178
179 TEST_EQUAL(mbedtls_pk_wrap_as_opaque(&priv_key, &opaque_key_id,
180 PSA_ALG_NONE, PSA_KEY_USAGE_EXPORT,
181 PSA_ALG_NONE), 0);
182
183 derived_key_start = derived_key_raw + sizeof(derived_key_raw);
184 TEST_LE_U(1, mbedtls_pk_write_pubkey(&derived_key_start,
185 derived_key_raw, &priv_key));
186 derived_key_len = sizeof(derived_key_raw) -
187 (derived_key_start - derived_key_raw);
188
189 ASSERT_COMPARE(derived_key_start, derived_key_len,
190 pub_key_start, pub_key_len);
191#endif /* MBEDTLS_USE_PSA_CRYPTO */
192
193exit:
194#if defined(MBEDTLS_USE_PSA_CRYPTO)
195 psa_destroy_key(opaque_key_id);
196#endif /* MBEDTLS_USE_PSA_CRYPTO */
197 mbedtls_pk_free(&pub_key);
198 mbedtls_pk_free(&priv_key);
199 USE_PSA_DONE();
200}
201/* END_CASE */