Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 1 | /* BEGIN_HEADER */ |
| 2 | #include "mbedtls/pkcs12.h" |
| 3 | #include "mbedtls/error.h" |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 4 | #include "common.h" |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 5 | |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 6 | typedef enum { |
| 7 | USE_NULL_INPUT = 0, |
| 8 | USE_GIVEN_INPUT = 1, |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 9 | } input_usage_method_t; |
| 10 | |
| 11 | /* END_HEADER */ |
| 12 | |
| 13 | /* BEGIN_DEPENDENCIES |
Paul Elliott | 8ca8f2d | 2021-11-30 16:21:27 +0000 | [diff] [blame] | 14 | * depends_on:MBEDTLS_PKCS12_C |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 15 | * END_DEPENDENCIES |
| 16 | */ |
| 17 | |
Waleed Elmelegy | 6d5a5c1 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 18 | /* BEGIN_CASE */ |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 19 | void pkcs12_derive_key(int md_type, int key_size_arg, |
| 20 | data_t *password_arg, int password_usage, |
| 21 | data_t *salt_arg, int salt_usage, |
| 22 | int iterations, |
| 23 | data_t *expected_output, int expected_status) |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 24 | |
| 25 | { |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 26 | unsigned char *output_data = NULL; |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 27 | |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 28 | unsigned char *password = NULL; |
| 29 | size_t password_len = 0; |
| 30 | unsigned char *salt = NULL; |
| 31 | size_t salt_len = 0; |
| 32 | size_t key_size = key_size_arg; |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 33 | |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 34 | if (password_usage == USE_GIVEN_INPUT) { |
| 35 | password = password_arg->x; |
| 36 | } |
Paul Elliott | 270a264 | 2021-11-30 16:39:51 +0000 | [diff] [blame] | 37 | |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 38 | password_len = password_arg->len; |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 39 | |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 40 | if (salt_usage == USE_GIVEN_INPUT) { |
| 41 | salt = salt_arg->x; |
| 42 | } |
Paul Elliott | 270a264 | 2021-11-30 16:39:51 +0000 | [diff] [blame] | 43 | |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 44 | salt_len = salt_arg->len; |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 45 | |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 46 | ASSERT_ALLOC(output_data, key_size); |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 47 | |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 48 | int ret = mbedtls_pkcs12_derivation(output_data, |
Gilles Peskine | d84ed27 | 2022-09-15 21:05:04 +0200 | [diff] [blame] | 49 | key_size, |
| 50 | password, |
| 51 | password_len, |
| 52 | salt, |
| 53 | salt_len, |
| 54 | md_type, |
| 55 | MBEDTLS_PKCS12_DERIVE_KEY, |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 56 | iterations); |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 57 | |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 58 | TEST_EQUAL(ret, expected_status); |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 59 | |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 60 | if (expected_status == 0) { |
| 61 | ASSERT_COMPARE(expected_output->x, expected_output->len, |
| 62 | output_data, key_size); |
| 63 | } |
Paul Elliott | 5752b4b | 2021-12-03 18:55:31 +0000 | [diff] [blame] | 64 | |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 65 | exit: |
Gilles Peskine | 1b6c09a | 2023-01-11 14:52:35 +0100 | [diff] [blame] | 66 | mbedtls_free(output_data); |
Paul Elliott | 13d5a34 | 2021-11-18 22:35:48 +0000 | [diff] [blame] | 67 | |
| 68 | } |
| 69 | /* END_CASE */ |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 70 | |
| 71 | /* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ |
Waleed Elmelegy | 6d5a5c1 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 72 | void pkcs12_pbe_encrypt(int cipher, int md, data_t *params_hex, data_t *pw, |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 73 | data_t *data, int ref_ret, data_t *ref_out) |
| 74 | { |
| 75 | int my_ret; |
Waleed Elmelegy | 6d5a5c1 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 76 | mbedtls_asn1_buf pbe_params; |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 77 | unsigned char *my_out = NULL; |
Waleed Elmelegy | 6d5a5c1 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 78 | mbedtls_cipher_type_t cipher_alg = (mbedtls_cipher_type_t) cipher; |
| 79 | mbedtls_md_type_t md_alg = (mbedtls_md_type_t) md; |
| 80 | unsigned int block_size; |
| 81 | const mbedtls_cipher_info_t *cipher_info; |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 82 | |
Waleed Elmelegy | 6d5a5c1 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 83 | cipher_info = mbedtls_cipher_info_from_type(cipher_alg); |
| 84 | block_size = cipher_info->block_size; |
| 85 | ASSERT_ALLOC(my_out, ((data->len/block_size) + 1) * block_size); |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 86 | |
Waleed Elmelegy | 6d5a5c1 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 87 | pbe_params.tag = params_hex->x[0]; |
| 88 | pbe_params.len = params_hex->x[1]; |
| 89 | pbe_params.p = params_hex->x + 2; |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 90 | |
| 91 | my_ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_ENCRYPT, cipher_alg, |
| 92 | md_alg, pw->x, pw->len, data->x, data->len, my_out); |
| 93 | TEST_EQUAL(my_ret, ref_ret); |
| 94 | if (ref_ret == 0) { |
| 95 | ASSERT_COMPARE(my_out, ref_out->len, |
| 96 | ref_out->x, ref_out->len); |
| 97 | } |
| 98 | |
| 99 | exit: |
| 100 | mbedtls_free(my_out); |
| 101 | } |
| 102 | /* END_CASE */ |
| 103 | |
| 104 | /* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ |
Waleed Elmelegy | 6d5a5c1 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 105 | void pkcs12_pbe_decrypt(int cipher, int md, data_t *params_hex, data_t *pw, |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 106 | data_t *data, int ref_ret, data_t *ref_out) |
| 107 | { |
| 108 | int my_ret; |
Waleed Elmelegy | 6d5a5c1 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 109 | mbedtls_asn1_buf pbe_params; |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 110 | unsigned char *my_out = NULL; |
Waleed Elmelegy | 6d5a5c1 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 111 | mbedtls_cipher_type_t cipher_alg = (mbedtls_cipher_type_t) cipher; |
| 112 | mbedtls_md_type_t md_alg = (mbedtls_md_type_t) md; |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 113 | |
Waleed Elmelegy | 6d5a5c1 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 114 | ASSERT_ALLOC(my_out, data->len); |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 115 | |
Waleed Elmelegy | 6d5a5c1 | 2023-09-05 15:51:48 +0100 | [diff] [blame] | 116 | pbe_params.tag = params_hex->x[0]; |
| 117 | pbe_params.len = params_hex->x[1]; |
| 118 | pbe_params.p = params_hex->x + 2; |
Waleed Elmelegy | 38a89ad | 2023-09-04 15:11:22 +0100 | [diff] [blame] | 119 | |
| 120 | my_ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg, |
| 121 | md_alg, pw->x, pw->len, data->x, data->len, my_out); |
| 122 | TEST_EQUAL(my_ret, ref_ret); |
| 123 | if (ref_ret == 0) { |
| 124 | ASSERT_COMPARE(my_out, ref_out->len, |
| 125 | ref_out->x, ref_out->len); |
| 126 | } |
| 127 | |
| 128 | exit: |
| 129 | mbedtls_free(my_out); |
| 130 | } |
| 131 | /* END_CASE */ |