Rm useless use of MD in PK test functions
Same rationale as previous "Rm useless use of MD" commits.
Here the first two test functions were already not depending on MD_C,
but the new version is much simpler, as it avoids having two versions of
the code depending on the value of USE_PSA.
Changes to the data file generated with the following Python script:
import hashlib
suite = 'pk'
functions = {
'pk_rsa_verify_test_vec': (2, 1, True),
'pk_rsa_verify_ext_test_vec': (2, 1, True),
'pk_sign_verify_restart': (6, 7, False),
}
def hash_ctx(s):
if s == 'MBEDTLS_MD_MD5':
return hashlib.md5()
if s == 'MBEDTLS_MD_SHA1':
return hashlib.sha1()
if s == 'MBEDTLS_MD_SHA224':
return hashlib.sha224()
if s == 'MBEDTLS_MD_SHA256':
return hashlib.sha256()
if s == 'MBEDTLS_MD_SHA384':
return hashlib.sha384()
if s == 'MBEDTLS_MD_SHA512':
return hashlib.sha512()
if s == 'MBEDTLS_MD_RIPEMD160':
return hashlib.new("ripemd160")
def fix(l):
parts = l.rstrip().split(":")
fun = parts[0]
if fun not in functions:
return l
(alg_idx, msg_idx, is_hex) = functions[fun]
alg_str = parts[alg_idx]
if alg_str == "MBEDTLS_MD_NONE" or alg_str == "255":
return l
h = hash_ctx(alg_str)
msg_str = parts[msg_idx][1:-1]
msg = bytes.fromhex(msg_str) if is_hex else bytes(msg_str, 'ascii')
h.update(msg)
msg_hash = h.hexdigest()
msg_hash_str = '"' + msg_hash + '"'
parts[msg_idx] = msg_hash_str
return ":".join(parts) + '\n'
filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
lines = f.readlines()
lines = [fix(l) for l in lines]
with open(filename, 'w') as f:
f.writelines(lines)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 1b26586..1899b26 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -482,7 +482,6 @@
char * input_E, data_t * result_str,
int result )
{
- unsigned char hash_result[MBEDTLS_USE_PSA_MD_MAX_SIZE];
mbedtls_rsa_context *rsa;
mbedtls_pk_context pk;
mbedtls_pk_restart_ctx *rs_ctx = NULL;
@@ -499,7 +498,6 @@
mbedtls_pk_init( &pk );
- memset( hash_result, 0x00, sizeof( hash_result ) );
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
rsa = mbedtls_pk_rsa( pk );
@@ -508,26 +506,10 @@
TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 );
-
- if( digest != MBEDTLS_MD_NONE )
- {
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- size_t hash_len;
- psa_algorithm_t hash_alg = mbedtls_psa_translate_md( digest );
- TEST_EQUAL( PSA_SUCCESS, psa_hash_compute( hash_alg,
- message_str->x, message_str->len,
- hash_result, sizeof( hash_result ), &hash_len ) );
-
-#else
- TEST_EQUAL( 0, mbedtls_md( mbedtls_md_info_from_type( digest ),
- message_str->x, message_str->len, hash_result ) );
-#endif
- }
-
- TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0,
+ TEST_ASSERT( mbedtls_pk_verify( &pk, digest, message_str->x, 0,
result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
- TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, digest, hash_result, 0,
+ TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, digest, message_str->x, 0,
result_str->x, mbedtls_pk_get_len( &pk ), rs_ctx ) == result );
exit:
@@ -547,19 +529,15 @@
int mgf1_hash_id, int salt_len, int sig_len,
int result )
{
- unsigned char hash_result[MBEDTLS_USE_PSA_MD_MAX_SIZE];
mbedtls_rsa_context *rsa;
mbedtls_pk_context pk;
mbedtls_pk_rsassa_pss_options pss_opts;
void *options;
- size_t hash_len;
int ret;
USE_PSA_INIT( );
mbedtls_pk_init( &pk );
- memset( hash_result, 0x00, sizeof( hash_result ) );
-
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
rsa = mbedtls_pk_rsa( pk );
@@ -568,26 +546,6 @@
TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 );
- if( digest != MBEDTLS_MD_NONE )
- {
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_algorithm_t hash_alg = mbedtls_psa_translate_md( digest );
- TEST_EQUAL( PSA_SUCCESS, psa_hash_compute( hash_alg,
- message_str->x, message_str->len,
- hash_result, sizeof( hash_result ), &hash_len ) );
-#else
- const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( digest );
- TEST_ASSERT( mbedtls_md( md_info, message_str->x, message_str->len,
- hash_result ) == 0 );
- hash_len = mbedtls_md_get_size( md_info );
-#endif
- }
- else
- {
- memcpy( hash_result, message_str->x, message_str->len );
- hash_len = message_str->len;
- }
-
if( mgf1_hash_id < 0 )
{
options = NULL;
@@ -601,7 +559,7 @@
}
ret = mbedtls_pk_verify_ext( pk_type, options, &pk,
- digest, hash_result, hash_len,
+ digest, message_str->x, message_str->len,
result_str->x, sig_len );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -662,23 +620,20 @@
/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */
void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
char *QX_str, char *QY_str,
- int md_alg, char *msg, data_t *sig_check,
+ int md_alg, data_t *hash, data_t *sig_check,
int max_ops, int min_restart, int max_restart )
{
int ret, cnt_restart;
mbedtls_pk_restart_ctx rs_ctx;
mbedtls_pk_context prv, pub;
- unsigned char hash[MBEDTLS_MD_MAX_SIZE];
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
- size_t hlen, slen;
- const mbedtls_md_info_t *md_info;
+ size_t slen;
USE_PSA_INIT();
mbedtls_pk_restart_init( &rs_ctx );
mbedtls_pk_init( &prv );
mbedtls_pk_init( &pub );
- memset( hash, 0, sizeof( hash ) );
memset( sig, 0, sizeof( sig ) );
TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
@@ -689,20 +644,12 @@
TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_string( &mbedtls_pk_ec( pub )->Q, 16, QX_str, QY_str ) == 0 );
- md_info = mbedtls_md_info_from_type( md_alg );
- TEST_ASSERT( md_info != NULL );
-
- hlen = mbedtls_md_get_size( md_info );
- TEST_ASSERT( mbedtls_md( md_info,
- (const unsigned char *) msg, strlen( msg ),
- hash ) == 0 );
-
mbedtls_ecp_set_max_ops( max_ops );
slen = sizeof( sig );
cnt_restart = 0;
do {
- ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
+ ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash->x, hash->len,
sig, sizeof( sig ), &slen,
mbedtls_test_rnd_std_rand, NULL,
&rs_ctx );
@@ -718,25 +665,17 @@
cnt_restart = 0;
do {
ret = mbedtls_pk_verify_restartable( &pub, md_alg,
- hash, hlen, sig, slen, &rs_ctx );
+ hash->x, hash->len, sig, slen, &rs_ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
TEST_ASSERT( ret == 0 );
TEST_ASSERT( cnt_restart >= min_restart );
TEST_ASSERT( cnt_restart <= max_restart );
- hash[0]++;
- do {
- ret = mbedtls_pk_verify_restartable( &pub, md_alg,
- hash, hlen, sig, slen, &rs_ctx );
- } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
- TEST_ASSERT( ret != 0 );
- hash[0]--;
-
sig[0]++;
do {
ret = mbedtls_pk_verify_restartable( &pub, md_alg,
- hash, hlen, sig, slen, &rs_ctx );
+ hash->x, hash->len, sig, slen, &rs_ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
TEST_ASSERT( ret != 0 );
sig[0]--;
@@ -746,12 +685,12 @@
if( min_restart > 0 )
{
ret = mbedtls_pk_verify_restartable( &pub, md_alg,
- hash, hlen, sig, slen, &rs_ctx );
+ hash->x, hash->len, sig, slen, &rs_ctx );
TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
mbedtls_pk_restart_free( &rs_ctx );
slen = sizeof( sig );
- ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen,
+ ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash->x, hash->len,
sig, sizeof sig, &slen,
mbedtls_test_rnd_std_rand, NULL,
&rs_ctx );