Don't depend on strong entropy for RSA tests
Tests are not here to demonstrate best practice, but to test a specific
part of the code. Using an RNG provided by the test framework also makes
the test code more focused on what we actually mean to test.
This brings the number of tests skipped in test_suite_rsa in
test_psa_crypto_config_accel_hash_use_psa down to 0 (from 50).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index cfea4eb..1025bff 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -1,15 +1,8 @@
/* BEGIN_HEADER */
#include "mbedtls/rsa.h"
#include "rsa_alt_helpers.h"
-#include "mbedtls/md5.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
#include "or_psa_helpers.h"
-
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -687,23 +680,15 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
+/* BEGIN_CASE */
void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
{
mbedtls_rsa_context ctx;
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- const char *pers = "test_suite_rsa";
-
- mbedtls_ctr_drbg_init( &ctr_drbg );
- mbedtls_entropy_init( &entropy );
mbedtls_rsa_init ( &ctx );
- TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) ) == 0 );
-
- TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
+ /* This test uses an insecure RNG, suitable only for testing.
+ * In production, always use a cryptographically strong RNG! */
+ TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_test_rnd_std_rand, NULL, nrbits, exponent ) == result );
if( result == 0 )
{
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
@@ -712,8 +697,6 @@
exit:
mbedtls_rsa_free( &ctx );
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_entropy_free( &entropy );
}
/* END_CASE */
@@ -818,7 +801,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
+/* BEGIN_CASE */
void mbedtls_rsa_import( int radix_N, char *input_N,
int radix_P, char *input_P,
int radix_Q, char *input_Q,
@@ -837,27 +820,18 @@
unsigned char *buf_enc = NULL;
unsigned char *buf_dec = NULL;
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- const char *pers = "test_suite_rsa";
-
const int have_N = ( strlen( input_N ) > 0 );
const int have_P = ( strlen( input_P ) > 0 );
const int have_Q = ( strlen( input_Q ) > 0 );
const int have_D = ( strlen( input_D ) > 0 );
const int have_E = ( strlen( input_E ) > 0 );
- mbedtls_ctr_drbg_init( &ctr_drbg );
- mbedtls_entropy_init( &entropy );
mbedtls_rsa_init( &ctx );
mbedtls_mpi_init( &N );
mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
- TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers, strlen( pers ) ) == 0 );
-
if( have_N )
TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
@@ -931,7 +905,9 @@
if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
goto exit;
- TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
+ /* This test uses an insecure RNG, suitable only for testing.
+ * In production, always use a cryptographically strong RNG! */
+ TEST_ASSERT( mbedtls_test_rnd_std_rand( NULL,
buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
/* Make sure the number we're generating is smaller than the modulus */
@@ -941,8 +917,10 @@
if( is_priv )
{
- TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
- &ctr_drbg, buf_enc,
+ /* This test uses an insecure RNG, suitable only for testing.
+ * In production, always use a cryptographically strong RNG! */
+ TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_std_rand,
+ NULL, buf_enc,
buf_dec ) == 0 );
TEST_ASSERT( memcmp( buf_orig, buf_dec,
@@ -958,9 +936,6 @@
mbedtls_rsa_free( &ctx );
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_entropy_free( &entropy );
-
mbedtls_mpi_free( &N );
mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
@@ -1091,7 +1066,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE */
void mbedtls_rsa_validate_params( int radix_N, char *input_N,
int radix_P, char *input_P,
int radix_Q, char *input_Q,
@@ -1108,20 +1083,10 @@
const int have_D = ( strlen( input_D ) > 0 );
const int have_E = ( strlen( input_E ) > 0 );
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- const char *pers = "test_suite_rsa";
-
mbedtls_mpi_init( &N );
mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
- mbedtls_ctr_drbg_init( &ctr_drbg );
- mbedtls_entropy_init( &entropy );
- TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) ) == 0 );
-
if( have_N )
TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
@@ -1137,18 +1102,17 @@
if( have_E )
TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
+ /* This test uses an insecure RNG, suitable only for testing.
+ * In production, always use a cryptographically strong RNG! */
TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
have_P ? &P : NULL,
have_Q ? &Q : NULL,
have_D ? &D : NULL,
have_E ? &E : NULL,
- prng ? mbedtls_ctr_drbg_random : NULL,
- prng ? &ctr_drbg : NULL ) == result );
+ prng ? mbedtls_test_rnd_std_rand : NULL,
+ prng ? NULL : NULL ) == result );
+
exit:
-
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_entropy_free( &entropy );
-
mbedtls_mpi_free( &N );
mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
@@ -1250,7 +1214,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
+/* BEGIN_CASE */
void mbedtls_rsa_import_raw( data_t *input_N,
data_t *input_P, data_t *input_Q,
data_t *input_D, data_t *input_E,
@@ -1265,19 +1229,9 @@
unsigned char *buf_dec = NULL;
mbedtls_rsa_context ctx;
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- const char *pers = "test_suite_rsa";
-
- mbedtls_ctr_drbg_init( &ctr_drbg );
- mbedtls_entropy_init( &entropy );
mbedtls_rsa_init( &ctx );
- TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) ) == 0 );
-
if( !successive )
{
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
@@ -1336,7 +1290,9 @@
if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
goto exit;
- TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
+ /* This test uses an insecure RNG, suitable only for testing.
+ * In production, always use a cryptographically strong RNG! */
+ TEST_ASSERT( mbedtls_test_rnd_std_rand( NULL,
buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
/* Make sure the number we're generating is smaller than the modulus */
@@ -1346,8 +1302,10 @@
if( is_priv )
{
- TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
- &ctr_drbg, buf_enc,
+ /* This test uses an insecure RNG, suitable only for testing.
+ * In production, always use a cryptographically strong RNG! */
+ TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_std_rand,
+ NULL, buf_enc,
buf_dec ) == 0 );
TEST_ASSERT( memcmp( buf_orig, buf_dec,
@@ -1362,10 +1320,6 @@
mbedtls_free( buf_dec );
mbedtls_rsa_free( &ctx );
-
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_entropy_free( &entropy );
-
}
/* END_CASE */