Blame - tests/suites/test_suite_lmots.function - mirror/mbed-tls

blob: d7067dfe00d2ee23633ce3375801420b384d2889 [file] [log] [blame]

Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	1	/* BEGIN_HEADER */
Raef Coles	7dce69a	2022-08-24 14:07:06 +0100	[diff] [blame]	2	#include "lmots.h"
				3	#include "mbedtls/lms.h"
				4
Raef Coles	9c9027b	2022-09-02 18:26:31 +0100	[diff] [blame^]	5	#if defined(MBEDTLS_TEST_HOOKS)
				6	extern int( mbedtls_lmots_sign_private_key_invalidated_hook )( unsigned char );
				7
				8	int check_lmots_private_key_for_leak(unsigned char * sig)
				9	{
				10	size_t idx;
				11
				12	for( idx = MBEDTLS_LMOTS_SIG_SIGNATURE_OFFSET(MBEDTLS_LMOTS_SHA256_N32_W8);
				13	idx < MBEDTLS_LMOTS_SIG_LEN(MBEDTLS_LMOTS_SHA256_N32_W8);
				14	idx++ )
				15	{
				16	if( sig[idx] != 0x7E ) {
				17	while(1){}
				18	return 1;
				19	}
				20	}
				21
				22	return 0;
				23	}
				24	#endif /* defined(MBEDTLS_TEST_HOOKS) */
				25
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	26	/* END_HEADER */
				27
				28	/* BEGIN_DEPENDENCIES
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	29	* depends_on:MBEDTLS_LMS_C:MBEDTLS_LMS_PRIVATE:MBEDTLS_PSA_CRYPTO_C
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	30	* END_DEPENDENCIES
				31	*/
				32
				33	/* BEGIN_CASE */
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	34	void lmots_sign_verify_test ( data_t msg, data_t key_id, int leaf_id,
				35	data_t *seed )
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	36	{
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	37	mbedtls_lmots_public_t pub_ctx;
				38	mbedtls_lmots_private_t priv_ctx;
Raef Coles	e9479a0	2022-09-01 16:06:35 +0100	[diff] [blame]	39	unsigned char sig[MBEDTLS_LMOTS_SIG_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)];
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	40
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	41	mbedtls_lmots_init_public( &pub_ctx );
				42	mbedtls_lmots_init_private( &priv_ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	43
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	44	TEST_ASSERT( mbedtls_lmots_generate_private_key(&priv_ctx, MBEDTLS_LMOTS_SHA256_N32_W8,
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	45	key_id->x, leaf_id, seed->x, seed->len ) == 0 );
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	46	TEST_ASSERT( mbedtls_lmots_calculate_public_key(&pub_ctx, &priv_ctx) == 0 );
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	47	TEST_ASSERT( mbedtls_lmots_sign(&priv_ctx, &mbedtls_test_rnd_std_rand, NULL,
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	48	msg->x, msg->len, sig, sizeof(sig), NULL ) == 0 );
				49	TEST_ASSERT( mbedtls_lmots_verify(&pub_ctx, msg->x, msg->len, sig, sizeof(sig)) == 0 );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	50
				51	exit:
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	52	mbedtls_lmots_free_public( &pub_ctx );
				53	mbedtls_lmots_free_private( &priv_ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	54	}
				55	/* END_CASE */
				56
				57	/* BEGIN_CASE */
Raef Coles	9c9027b	2022-09-02 18:26:31 +0100	[diff] [blame^]	58	void lmots_sign_verify_null_msg_test ( data_t key_id, int leaf_id, data_t seed )
				59	{
				60	mbedtls_lmots_public_t pub_ctx;
				61	mbedtls_lmots_private_t priv_ctx;
				62	unsigned char sig[MBEDTLS_LMOTS_SIG_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)];
				63
				64	mbedtls_lmots_init_public( &pub_ctx );
				65	mbedtls_lmots_init_private( &priv_ctx );
				66
				67	TEST_ASSERT( mbedtls_lmots_generate_private_key(&priv_ctx, MBEDTLS_LMOTS_SHA256_N32_W8,
				68	key_id->x, leaf_id, seed->x, seed->len ) == 0 );
				69	TEST_ASSERT( mbedtls_lmots_calculate_public_key(&pub_ctx, &priv_ctx) == 0 );
				70	TEST_ASSERT( mbedtls_lmots_sign(&priv_ctx, &mbedtls_test_rnd_std_rand, NULL,
				71	NULL, 0, sig, sizeof(sig), NULL ) == 0 );
				72	TEST_ASSERT( mbedtls_lmots_verify(&pub_ctx, NULL, 0, sig, sizeof(sig)) == 0 );
				73
				74	exit:
				75	mbedtls_lmots_free_public( &pub_ctx );
				76	mbedtls_lmots_free_private( &priv_ctx );
				77	}
				78	/* END_CASE */
				79
				80	/* BEGIN_CASE */
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	81	void lmots_verify_test ( data_t msg, data_t sig, data_t *pub_key,
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	82	int expected_rc )
				83	{
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	84	mbedtls_lmots_public_t ctx;
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	85
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	86	mbedtls_lmots_init_public( &ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	87
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	88	mbedtls_lmots_import_public_key( &ctx, pub_key->x, pub_key->len );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	89
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	90	TEST_ASSERT(mbedtls_lmots_verify( &ctx, msg->x, msg->len, sig->x, sig->len ) == expected_rc );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	91
				92	exit:
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	93	mbedtls_lmots_free_public( &ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	94	}
				95	/* END_CASE */
				96
				97	/* BEGIN_CASE */
				98	void lmots_import_export_test ( data_t * pub_key )
				99	{
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	100	mbedtls_lmots_public_t ctx;
Raef Coles	e9479a0	2022-09-01 16:06:35 +0100	[diff] [blame]	101	uint8_t exported_pub_key[MBEDTLS_LMOTS_PUBLIC_KEY_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)];
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	102	size_t exported_pub_key_len;
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	103
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	104	mbedtls_lmots_init_public( &ctx );
				105	TEST_ASSERT( mbedtls_lmots_import_public_key( &ctx, pub_key->x, pub_key->len ) == 0 );
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	106	TEST_ASSERT( mbedtls_lmots_export_public_key( &ctx, exported_pub_key,
				107	sizeof( exported_pub_key ),
				108	&exported_pub_key_len ) == 0 );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	109
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	110	ASSERT_COMPARE( pub_key->x, pub_key->len,
				111	exported_pub_key, exported_pub_key_len );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	112
				113	exit:
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	114	mbedtls_lmots_free_public( &ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	115	}
				116	/* END_CASE */
				117
				118	/* BEGIN_CASE */
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	119	void lmots_reuse_test ( data_t msg, data_t key_id, int leaf_id, data_t *seed )
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	120	{
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	121	mbedtls_lmots_private_t ctx;
Raef Coles	e9479a0	2022-09-01 16:06:35 +0100	[diff] [blame]	122	unsigned char sig[MBEDTLS_LMOTS_SIG_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)];
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	123
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	124	mbedtls_lmots_init_private( &ctx );
				125	TEST_ASSERT( mbedtls_lmots_generate_private_key(&ctx, MBEDTLS_LMOTS_SHA256_N32_W8,
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	126	key_id->x, leaf_id, seed->x,
				127	seed->len ) == 0 );
				128	TEST_ASSERT( mbedtls_lmots_sign(&ctx, mbedtls_test_rnd_std_rand, NULL,
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	129	msg->x, msg->len, sig, sizeof( sig ), NULL ) == 0 );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	130
				131	/* Running another sign operation should fail, since the key should now have
				132	* been erased.
				133	*/
Raef Coles	f5919e2	2022-09-02 16:05:10 +0100	[diff] [blame]	134	TEST_ASSERT( mbedtls_lmots_sign(&ctx, mbedtls_test_rnd_std_rand, NULL,
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	135	msg->x, msg->len, sig, sizeof( sig ), NULL ) != 0 );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	136
				137	exit:
Raef Coles	01c71a1	2022-08-31 15:55:00 +0100	[diff] [blame]	138	mbedtls_lmots_free_private( &ctx );
Raef Coles	8ff6df5	2021-07-21 12:42:15 +0100	[diff] [blame]	139	}
				140	/* END_CASE */
Raef Coles	9c9027b	2022-09-02 18:26:31 +0100	[diff] [blame^]	141
				142	/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
				143	void lmots_signature_leak_test ( data_t msg, data_t key_id, int leaf_id,
				144	data_t *seed )
				145	{
				146	mbedtls_lmots_private_t ctx;
				147	unsigned char sig[MBEDTLS_LMOTS_SIG_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)];
				148
				149	mbedtls_lmots_sign_private_key_invalidated_hook = &check_lmots_private_key_for_leak;
				150
				151	/* Fill with recognisable pattern */
				152	memset( sig, 0x7E, sizeof( sig ) );
				153
				154	mbedtls_lmots_init_private( &ctx );
				155	TEST_ASSERT( mbedtls_lmots_generate_private_key(&ctx, MBEDTLS_LMOTS_SHA256_N32_W8,
				156	key_id->x, leaf_id, seed->x,
				157	seed->len ) == 0 );
				158	TEST_ASSERT( mbedtls_lmots_sign(&ctx, mbedtls_test_rnd_std_rand, NULL,
				159	msg->x, msg->len, sig, sizeof( sig ), NULL ) == 0 );
				160
				161	exit:
				162	mbedtls_lmots_free_private( &ctx );
				163	mbedtls_lmots_sign_private_key_invalidated_hook = NULL;
				164	}
				165	/* END_CASE */