TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / fd13a0f85195cc5cf7e0d650713935b88a28ac52 / . / tests / suites / test_suite_random.function
blob: c532c8a3be059852a652b4924e4243cf9e4a38c8 [file] [log] [blame]
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]1/* BEGIN_HEADER */
2
3/* Test random generation as a whole. */
4
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]5#include "mbedtls/bignum.h"
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]6#include "mbedtls/ctr_drbg.h"
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]7#include "mbedtls/ecdsa.h"
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]8#include "mbedtls/entropy.h"
9#include "mbedtls/hmac_drbg.h"
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]10#include "mbedtls/psa_util.h"
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]11#include "psa/crypto.h"
12
13/* How many bytes to generate in each test case for repeated generation.
14 * This must be high enough that the probability of generating the same
15 * output twice is infinitesimal, but low enough that random generators
16 * are willing to deliver that much. */
17#define OUTPUT_SIZE 32
18
19/* END_HEADER */
20
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]21/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]22void random_twice_with_ctr_drbg( )
23{
24 mbedtls_entropy_context entropy;
25 mbedtls_ctr_drbg_context drbg;
26 unsigned char output1[OUTPUT_SIZE];
27 unsigned char output2[OUTPUT_SIZE];
28
29 /* First round */
30 mbedtls_entropy_init( &entropy );
31 mbedtls_ctr_drbg_init( &drbg );
32 TEST_EQUAL( 0, mbedtls_ctr_drbg_seed( &drbg,
33 mbedtls_entropy_func, &entropy,
34 NULL, 0 ) );
35 TEST_EQUAL( 0, mbedtls_ctr_drbg_random( &drbg,
36 output1, sizeof( output1 ) ) );
37 mbedtls_ctr_drbg_free( &drbg );
38 mbedtls_entropy_free( &entropy );
39
40 /* Second round */
41 mbedtls_entropy_init( &entropy );
42 mbedtls_ctr_drbg_init( &drbg );
43 TEST_EQUAL( 0, mbedtls_ctr_drbg_seed( &drbg,
44 mbedtls_entropy_func, &entropy,
45 NULL, 0 ) );
46 TEST_EQUAL( 0, mbedtls_ctr_drbg_random( &drbg,
47 output2, sizeof( output2 ) ) );
48 mbedtls_ctr_drbg_free( &drbg );
49 mbedtls_entropy_free( &entropy );
50
51 /* The two rounds must generate different random data. */
52 TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
53
54exit:
55 mbedtls_ctr_drbg_free( &drbg );
56 mbedtls_entropy_free( &entropy );
57}
58/* END_CASE */
59
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]60/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_HMAC_DRBG_C */
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]61void random_twice_with_hmac_drbg( int md_type )
62{
63 mbedtls_entropy_context entropy;
64 mbedtls_hmac_drbg_context drbg;
65 unsigned char output1[OUTPUT_SIZE];
66 unsigned char output2[OUTPUT_SIZE];
67 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type );
68
69 /* First round */
70 mbedtls_entropy_init( &entropy );
71 mbedtls_hmac_drbg_init( &drbg );
72 TEST_EQUAL( 0, mbedtls_hmac_drbg_seed( &drbg, md_info,
73 mbedtls_entropy_func, &entropy,
74 NULL, 0 ) );
75 TEST_EQUAL( 0, mbedtls_hmac_drbg_random( &drbg,
76 output1, sizeof( output1 ) ) );
77 mbedtls_hmac_drbg_free( &drbg );
78 mbedtls_entropy_free( &entropy );
79
80 /* Second round */
81 mbedtls_entropy_init( &entropy );
82 mbedtls_hmac_drbg_init( &drbg );
83 TEST_EQUAL( 0, mbedtls_hmac_drbg_seed( &drbg, md_info,
84 mbedtls_entropy_func, &entropy,
85 NULL, 0 ) );
86 TEST_EQUAL( 0, mbedtls_hmac_drbg_random( &drbg,
87 output2, sizeof( output2 ) ) );
88 mbedtls_hmac_drbg_free( &drbg );
89 mbedtls_entropy_free( &entropy );
90
91 /* The two rounds must generate different random data. */
92 TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
93
94exit:
95 mbedtls_hmac_drbg_free( &drbg );
96 mbedtls_entropy_free( &entropy );
97}
98/* END_CASE */
99
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]100/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]101void random_twice_with_psa_from_classic( )
102{
103 unsigned char output1[OUTPUT_SIZE];
104 unsigned char output2[OUTPUT_SIZE];
105
106 /* First round */
107 PSA_ASSERT( psa_crypto_init( ) );
108 TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
109 output1, sizeof( output1 ) ) );
110 PSA_DONE( );
111
112 /* Second round */
113 PSA_ASSERT( psa_crypto_init( ) );
114 TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
115 output2, sizeof( output2 ) ) );
116 PSA_DONE( );
117
118 /* The two rounds must generate different random data. */
119 TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
120
121exit:
122 PSA_DONE( );
123}
124/* END_CASE */
125
Mateusz Starzyk72f60df2021-04-30 13:28:22 +0200[diff] [blame]126/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
Gilles Peskine077599a2021-02-03 18:55:39 +0100[diff] [blame]127void random_twice_with_psa_from_psa( )
128{
129 unsigned char output1[OUTPUT_SIZE];
130 unsigned char output2[OUTPUT_SIZE];
131
132 /* First round */
133 PSA_ASSERT( psa_crypto_init( ) );
134 PSA_ASSERT( psa_generate_random( output1, sizeof( output1 ) ) );
135 PSA_DONE( );
136
137 /* Second round */
138 PSA_ASSERT( psa_crypto_init( ) );
139 PSA_ASSERT( psa_generate_random( output2, sizeof( output2 ) ) );
140 PSA_DONE( );
141
142 /* The two rounds must generate different random data. */
143 TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
144
145exit:
146 PSA_DONE( );
147}
148/* END_CASE */
Gilles Peskinee3ed8022021-02-03 20:04:08 +0100[diff] [blame]149
150/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
151void mbedtls_psa_get_random_no_init( )
152{
153 unsigned char output[1];
154
155 TEST_ASSERT( mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
156 output, sizeof( output ) ) != 0 );
157}
158/* END_CASE */
159
160/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
161void mbedtls_psa_get_random_length( int n )
162{
163 unsigned char *output = NULL;
164
165 PSA_ASSERT( psa_crypto_init( ) );
166 ASSERT_ALLOC( output, n );
167
168 TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
169 output, n ) );
170exit:
171 mbedtls_free( output );
172 PSA_DONE( );
173}
174/* END_CASE */
175
176/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ECDSA_C */
177void mbedtls_psa_get_random_ecdsa_sign( int curve )
178{
179 mbedtls_ecp_group grp;
180 mbedtls_mpi d, r, s;
181 unsigned char buf[] = "This is not a hash.";
182
183 mbedtls_ecp_group_init( &grp );
184 mbedtls_mpi_init( &d );
185 mbedtls_mpi_init( &r );
186 mbedtls_mpi_init( &s );
187
188 TEST_EQUAL( 0, mbedtls_mpi_lset( &d, 123456789 ) );
189 TEST_EQUAL( 0, mbedtls_ecp_group_load( &grp, curve ) );
190 PSA_ASSERT( psa_crypto_init( ) );
191 TEST_EQUAL( 0, mbedtls_ecdsa_sign( &grp, &r, &s, &d,
192 buf, sizeof( buf ),
193 mbedtls_psa_get_random,
194 MBEDTLS_PSA_RANDOM_STATE ) );
195exit:
196 mbedtls_mpi_free( &d );
197 mbedtls_mpi_free( &r );
198 mbedtls_mpi_free( &s );
199 mbedtls_ecp_group_free( &grp );
200 PSA_DONE( );
201}
202/* END_CASE */