TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / ae59c5232274df36b1b58dd52eb74cb153829a1a / . / tests / suites / test_suite_dhm.function
blob: 1251723b1a4ada7225e477c7252793511520eb4a [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/dhm.h"
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]3
Gilles Peskine9e966792021-04-13 22:16:45 +0200[diff] [blame]4/* Sanity checks on a Diffie-Hellman parameter: check the length-value
5 * syntax and check that the value is the expected one (taken from the
6 * DHM context by the caller). */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]7static int check_dhm_param_output(const mbedtls_mpi *expected,
8 const unsigned char *buffer,
9 size_t size,
10 size_t *offset)
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]11{
12 size_t n;
13 mbedtls_mpi actual;
14 int ok = 0;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]15 mbedtls_mpi_init(&actual);
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]16
17 ++mbedtls_test_info.step;
18
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]19 TEST_ASSERT(size >= *offset + 2);
20 n = (buffer[*offset] << 8) | buffer[*offset + 1];
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]21 *offset += 2;
Gilles Peskine104eb822021-04-13 22:10:24 +0200[diff] [blame]22 /* The DHM param output from Mbed TLS has leading zeros stripped, as
23 * permitted but not required by RFC 5246 \S4.4. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]24 TEST_EQUAL(n, mbedtls_mpi_size(expected));
25 TEST_ASSERT(size >= *offset + n);
26 TEST_EQUAL(0, mbedtls_mpi_read_binary(&actual, buffer + *offset, n));
27 TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(expected, &actual));
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]28 *offset += n;
29
30 ok = 1;
31exit:
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]32 mbedtls_mpi_free(&actual);
33 return ok;
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]34}
35
Gilles Peskine9e966792021-04-13 22:16:45 +0200[diff] [blame]36/* Sanity checks on Diffie-Hellman parameters: syntax, range, and comparison
37 * against the context. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]38static int check_dhm_params(const mbedtls_dhm_context *ctx,
39 size_t x_size,
40 const unsigned char *ske, size_t ske_len)
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]41{
42 size_t offset = 0;
43
44 /* Check that ctx->X and ctx->GX are within range. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]45 TEST_ASSERT(mbedtls_mpi_cmp_int(&ctx->X, 1) > 0);
46 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx->X, &ctx->P) < 0);
47 TEST_ASSERT(mbedtls_mpi_size(&ctx->X) <= x_size);
48 TEST_ASSERT(mbedtls_mpi_cmp_int(&ctx->GX, 1) > 0);
49 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx->GX, &ctx->P) < 0);
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]50
51 /* Check ske: it must contain P, G and G^X, each prefixed with a
52 * 2-byte size. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]53 if (!check_dhm_param_output(&ctx->P, ske, ske_len, &offset)) {
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]54 goto exit;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]55 }
56 if (!check_dhm_param_output(&ctx->G, ske, ske_len, &offset)) {
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]57 goto exit;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]58 }
59 if (!check_dhm_param_output(&ctx->GX, ske, ske_len, &offset)) {
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]60 goto exit;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]61 }
62 TEST_EQUAL(offset, ske_len);
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]63
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]64 return 1;
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]65exit:
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]66 return 0;
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]67}
68
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]69/* END_HEADER */
Paul Bakker5c60de22009-07-08 19:47:36 +0000[diff] [blame]70
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]71/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]72 * depends_on:MBEDTLS_DHM_C:MBEDTLS_BIGNUM_C
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]73 * END_DEPENDENCIES
74 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]75
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]76/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]77void dhm_invalid_params()
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]78{
79 mbedtls_dhm_context ctx;
80 unsigned char buf[42] = { 0 };
81 unsigned char *buf_null = NULL;
82 mbedtls_mpi X;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]83 size_t const buflen = sizeof(buf);
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]84 size_t len;
85
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]86 TEST_INVALID_PARAM(mbedtls_dhm_init(NULL));
87 TEST_VALID_PARAM(mbedtls_dhm_free(NULL));
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]88
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]89 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
90 mbedtls_dhm_read_params(NULL,
91 (unsigned char **) &buf,
92 buf));
93 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
94 mbedtls_dhm_read_params(&ctx, &buf_null, buf));
95 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
96 mbedtls_dhm_read_params(&ctx, NULL, buf));
97 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
98 mbedtls_dhm_read_params(&ctx,
99 (unsigned char **) &buf,
100 NULL));
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]101
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]102 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
103 mbedtls_dhm_make_params(NULL, buflen,
104 buf, &len,
105 mbedtls_test_rnd_std_rand,
106 NULL));
107 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
108 mbedtls_dhm_make_params(&ctx, buflen,
109 NULL, &len,
110 mbedtls_test_rnd_std_rand,
111 NULL));
112 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
113 mbedtls_dhm_make_params(&ctx, buflen,
114 buf, NULL,
115 mbedtls_test_rnd_std_rand,
116 NULL));
117 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
118 mbedtls_dhm_make_params(&ctx, buflen,
119 buf, &len,
120 NULL,
121 NULL));
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]122
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]123 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
124 mbedtls_dhm_set_group(NULL, &X, &X));
125 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
126 mbedtls_dhm_set_group(&ctx, NULL, &X));
127 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
128 mbedtls_dhm_set_group(&ctx, &X, NULL));
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]129
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]130 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
131 mbedtls_dhm_read_public(NULL, buf, buflen));
132 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
133 mbedtls_dhm_read_public(&ctx, NULL, buflen));
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]134
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]135 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
136 mbedtls_dhm_make_public(NULL, buflen,
137 buf, buflen,
138 mbedtls_test_rnd_std_rand,
139 NULL));
140 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
141 mbedtls_dhm_make_public(&ctx, buflen,
142 NULL, buflen,
143 mbedtls_test_rnd_std_rand,
144 NULL));
145 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
146 mbedtls_dhm_make_public(&ctx, buflen,
147 buf, buflen,
148 NULL,
149 NULL));
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]150
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]151 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
152 mbedtls_dhm_calc_secret(NULL, buf, buflen, &len,
153 mbedtls_test_rnd_std_rand,
154 NULL));
155 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
156 mbedtls_dhm_calc_secret(&ctx, NULL, buflen, &len,
157 mbedtls_test_rnd_std_rand,
158 NULL));
159 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
160 mbedtls_dhm_calc_secret(&ctx, buf, buflen, NULL,
161 mbedtls_test_rnd_std_rand,
162 NULL));
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]163
164#if defined(MBEDTLS_ASN1_PARSE_C)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]165 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
166 mbedtls_dhm_parse_dhm(NULL, buf, buflen));
167 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
168 mbedtls_dhm_parse_dhm(&ctx, NULL, buflen));
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]169
170#if defined(MBEDTLS_FS_IO)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]171 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
172 mbedtls_dhm_parse_dhmfile(NULL, ""));
173 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA,
174 mbedtls_dhm_parse_dhmfile(&ctx, NULL));
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]175#endif /* MBEDTLS_FS_IO */
176#endif /* MBEDTLS_ASN1_PARSE_C */
177
178exit:
179 return;
180}
181/* END_CASE */
182
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]183/* BEGIN_CASE */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]184void dhm_do_dhm(char *input_P, int x_size,
185 char *input_G, int result)
Paul Bakker5c60de22009-07-08 19:47:36 +0000[diff] [blame]186{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]187 mbedtls_dhm_context ctx_srv;
188 mbedtls_dhm_context ctx_cli;
Paul Bakker5c60de22009-07-08 19:47:36 +0000[diff] [blame]189 unsigned char ske[1000];
190 unsigned char *p = ske;
191 unsigned char pub_cli[1000];
192 unsigned char sec_srv[1000];
193 unsigned char sec_cli[1000];
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]194 size_t ske_len = 0;
195 size_t pub_cli_len = 0;
Manuel Pégourié-Gonnard33352052015-06-02 16:17:08 +0100[diff] [blame]196 size_t sec_srv_len;
197 size_t sec_cli_len;
Gilles Peskine33ec8632021-03-30 23:44:22 +0200[diff] [blame]198 int i;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]199 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker5c60de22009-07-08 19:47:36 +0000[diff] [blame]200
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]201 mbedtls_dhm_init(&ctx_srv);
202 mbedtls_dhm_init(&ctx_cli);
203 memset(ske, 0x00, 1000);
204 memset(pub_cli, 0x00, 1000);
205 memset(sec_srv, 0x00, 1000);
206 memset(sec_cli, 0x00, 1000);
207 memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info));
Paul Bakker5c60de22009-07-08 19:47:36 +0000[diff] [blame]208
Manuel Pégourié-Gonnard143b5022013-09-04 16:29:59 +0200[diff] [blame]209 /*
210 * Set params
211 */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]212 TEST_ASSERT(mbedtls_test_read_mpi(&ctx_srv.P, input_P) == 0);
213 TEST_ASSERT(mbedtls_test_read_mpi(&ctx_srv.G, input_G) == 0);
214 pub_cli_len = mbedtls_mpi_size(&ctx_srv.P);
Manuel Pégourié-Gonnard143b5022013-09-04 16:29:59 +0200[diff] [blame]215
216 /*
217 * First key exchange
218 */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]219 mbedtls_test_set_step(10);
220 TEST_ASSERT(mbedtls_dhm_make_params(&ctx_srv, x_size, ske, &ske_len,
221 &mbedtls_test_rnd_pseudo_rand,
222 &rnd_info) == result);
223 if (result != 0) {
Janos Follath4b151fa2017-09-20 13:46:37 +0100[diff] [blame]224 goto exit;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]225 }
226 if (!check_dhm_params(&ctx_srv, x_size, ske, ske_len)) {
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]227 goto exit;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]228 }
Janos Follath4b151fa2017-09-20 13:46:37 +0100[diff] [blame]229
Manuel Pégourié-Gonnard143b5022013-09-04 16:29:59 +0200[diff] [blame]230 ske[ske_len++] = 0;
231 ske[ske_len++] = 0;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]232 TEST_ASSERT(mbedtls_dhm_read_params(&ctx_cli, &p, ske + ske_len) == 0);
Manuel Pégourié-Gonnard143b5022013-09-04 16:29:59 +0200[diff] [blame]233
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]234 TEST_ASSERT(mbedtls_dhm_make_public(&ctx_cli, x_size, pub_cli, pub_cli_len,
235 &mbedtls_test_rnd_pseudo_rand,
236 &rnd_info) == 0);
237 TEST_ASSERT(mbedtls_dhm_read_public(&ctx_srv, pub_cli, pub_cli_len) == 0);
Manuel Pégourié-Gonnard143b5022013-09-04 16:29:59 +0200[diff] [blame]238
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]239 TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv, sizeof(sec_srv),
240 &sec_srv_len,
241 &mbedtls_test_rnd_pseudo_rand,
242 &rnd_info) == 0);
243 TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_cli, sec_cli, sizeof(sec_cli), &sec_cli_len, NULL,
244 NULL) == 0);
Manuel Pégourié-Gonnard143b5022013-09-04 16:29:59 +0200[diff] [blame]245
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]246 TEST_ASSERT(sec_srv_len == sec_cli_len);
247 TEST_ASSERT(sec_srv_len != 0);
248 TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0);
Manuel Pégourié-Gonnard143b5022013-09-04 16:29:59 +0200[diff] [blame]249
Manuel Pégourié-Gonnard15d5de12013-09-17 11:34:11 +0200[diff] [blame]250 /* Re-do calc_secret on server a few times to test update of blinding values */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]251 for (i = 0; i < 3; i++) {
252 mbedtls_test_set_step(20 + i);
Manuel Pégourié-Gonnard15d5de12013-09-17 11:34:11 +0200[diff] [blame]253 sec_srv_len = 1000;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]254 TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv,
255 sizeof(sec_srv), &sec_srv_len,
256 &mbedtls_test_rnd_pseudo_rand,
257 &rnd_info) == 0);
Manuel Pégourié-Gonnard143b5022013-09-04 16:29:59 +0200[diff] [blame]258
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]259 TEST_ASSERT(sec_srv_len == sec_cli_len);
260 TEST_ASSERT(sec_srv_len != 0);
261 TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0);
Manuel Pégourié-Gonnard15d5de12013-09-17 11:34:11 +0200[diff] [blame]262 }
Manuel Pégourié-Gonnard143b5022013-09-04 16:29:59 +0200[diff] [blame]263
264 /*
265 * Second key exchange to test change of blinding values on server
266 */
Manuel Pégourié-Gonnard143b5022013-09-04 16:29:59 +0200[diff] [blame]267 p = ske;
Paul Bakker5c60de22009-07-08 19:47:36 +0000[diff] [blame]268
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]269 mbedtls_test_set_step(30);
270 TEST_ASSERT(mbedtls_dhm_make_params(&ctx_srv, x_size, ske, &ske_len,
271 &mbedtls_test_rnd_pseudo_rand,
272 &rnd_info) == 0);
273 if (!check_dhm_params(&ctx_srv, x_size, ske, ske_len)) {
Gilles Peskinedc0b6e42021-03-30 23:28:51 +0200[diff] [blame]274 goto exit;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]275 }
Paul Bakker5c60de22009-07-08 19:47:36 +0000[diff] [blame]276 ske[ske_len++] = 0;
277 ske[ske_len++] = 0;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]278 TEST_ASSERT(mbedtls_dhm_read_params(&ctx_cli, &p, ske + ske_len) == 0);
Paul Bakker5c60de22009-07-08 19:47:36 +0000[diff] [blame]279
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]280 TEST_ASSERT(mbedtls_dhm_make_public(&ctx_cli, x_size, pub_cli, pub_cli_len,
281 &mbedtls_test_rnd_pseudo_rand,
282 &rnd_info) == 0);
283 TEST_ASSERT(mbedtls_dhm_read_public(&ctx_srv, pub_cli, pub_cli_len) == 0);
Paul Bakker5c60de22009-07-08 19:47:36 +0000[diff] [blame]284
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]285 TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv, sizeof(sec_srv),
286 &sec_srv_len,
287 &mbedtls_test_rnd_pseudo_rand,
288 &rnd_info) == 0);
289 TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_cli, sec_cli, sizeof(sec_cli), &sec_cli_len, NULL,
290 NULL) == 0);
Paul Bakker5c60de22009-07-08 19:47:36 +0000[diff] [blame]291
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]292 TEST_ASSERT(sec_srv_len == sec_cli_len);
293 TEST_ASSERT(sec_srv_len != 0);
294 TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0);
Paul Bakkerc43481a2011-02-20 16:34:26 +0000[diff] [blame]295
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]296exit:
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]297 mbedtls_dhm_free(&ctx_srv);
298 mbedtls_dhm_free(&ctx_cli);
Paul Bakker5c60de22009-07-08 19:47:36 +0000[diff] [blame]299}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]300/* END_CASE */
Paul Bakker40ce79f2013-09-15 17:43:54 +0200[diff] [blame]301
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]302/* BEGIN_CASE */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]303void dhm_make_public(int P_bytes, char *input_G, int result)
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]304{
305 mbedtls_mpi P, G;
306 mbedtls_dhm_context ctx;
307 unsigned char output[MBEDTLS_MPI_MAX_SIZE];
308
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]309 mbedtls_mpi_init(&P);
310 mbedtls_mpi_init(&G);
311 mbedtls_dhm_init(&ctx);
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]312
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]313 TEST_ASSERT(mbedtls_mpi_lset(&P, 1) == 0);
314 TEST_ASSERT(mbedtls_mpi_shift_l(&P, (P_bytes * 8) - 1) == 0);
315 TEST_ASSERT(mbedtls_mpi_set_bit(&P, 0, 1) == 0);
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]316
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]317 TEST_ASSERT(mbedtls_test_read_mpi(&G, input_G) == 0);
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]318
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]319 TEST_ASSERT(mbedtls_dhm_set_group(&ctx, &P, &G) == 0);
320 TEST_ASSERT(mbedtls_dhm_make_public(&ctx, (int) mbedtls_mpi_size(&P),
321 output, sizeof(output),
322 &mbedtls_test_rnd_pseudo_rand,
323 NULL) == result);
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]324
325exit:
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]326 mbedtls_mpi_free(&P);
327 mbedtls_mpi_free(&G);
328 mbedtls_dhm_free(&ctx);
Chris Jonesd10b3312020-12-02 10:41:50 +0000[diff] [blame]329}
330/* END_CASE */
331
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]332/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]333void dhm_file(char *filename, char *p, char *g, int len)
Manuel Pégourié-Gonnard3fec2202014-03-29 16:42:38 +0100[diff] [blame]334{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]335 mbedtls_dhm_context ctx;
336 mbedtls_mpi P, G;
Manuel Pégourié-Gonnard3fec2202014-03-29 16:42:38 +0100[diff] [blame]337
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]338 mbedtls_dhm_init(&ctx);
339 mbedtls_mpi_init(&P); mbedtls_mpi_init(&G);
Manuel Pégourié-Gonnard3fec2202014-03-29 16:42:38 +0100[diff] [blame]340
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]341 TEST_ASSERT(mbedtls_test_read_mpi(&P, p) == 0);
342 TEST_ASSERT(mbedtls_test_read_mpi(&G, g) == 0);
Manuel Pégourié-Gonnard3fec2202014-03-29 16:42:38 +0100[diff] [blame]343
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]344 TEST_ASSERT(mbedtls_dhm_parse_dhmfile(&ctx, filename) == 0);
Manuel Pégourié-Gonnard3fec2202014-03-29 16:42:38 +0100[diff] [blame]345
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]346 TEST_ASSERT(ctx.len == (size_t) len);
347 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.P, &P) == 0);
348 TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.G, &G) == 0);
Manuel Pégourié-Gonnard3fec2202014-03-29 16:42:38 +0100[diff] [blame]349
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]350exit:
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]351 mbedtls_mpi_free(&P); mbedtls_mpi_free(&G);
352 mbedtls_dhm_free(&ctx);
Manuel Pégourié-Gonnard3fec2202014-03-29 16:42:38 +0100[diff] [blame]353}
354/* END_CASE */
355
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]356/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]357void dhm_selftest()
Paul Bakker40ce79f2013-09-15 17:43:54 +0200[diff] [blame]358{
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]359 TEST_ASSERT(mbedtls_dhm_self_test(1) == 0);
Paul Bakker40ce79f2013-09-15 17:43:54 +0200[diff] [blame]360}
361/* END_CASE */