mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-02-02 04:51:10 +00:00
b739a712d1
Following discussion in the team, it was deemed preferable for the restart context to be explicitly managed by the caller. This commits in the first in a series moving in that directly: it starts by only changing the public API, while still internally using the old design. Future commits in that series will change to the new design internally. The test function was simplified as it no longer makes sense to test for some memory management errors since that responsibility shifted to the caller.
611 lines
20 KiB
Plaintext
611 lines
20 KiB
Plaintext
/* BEGIN_HEADER */
|
|
#include "mbedtls/ecp.h"
|
|
|
|
#define ECP_PF_UNKNOWN -1
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_ECP_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE */
|
|
void mbedtls_ecp_curve_info( int id, int tls_id, int size, char *name )
|
|
{
|
|
const mbedtls_ecp_curve_info *by_id, *by_tls, *by_name;
|
|
|
|
by_id = mbedtls_ecp_curve_info_from_grp_id( id );
|
|
by_tls = mbedtls_ecp_curve_info_from_tls_id( tls_id );
|
|
by_name = mbedtls_ecp_curve_info_from_name( name );
|
|
TEST_ASSERT( by_id != NULL );
|
|
TEST_ASSERT( by_tls != NULL );
|
|
TEST_ASSERT( by_name != NULL );
|
|
|
|
TEST_ASSERT( by_id == by_tls );
|
|
TEST_ASSERT( by_id == by_name );
|
|
|
|
TEST_ASSERT( by_id->bit_size == size );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void ecp_check_pub( int grp_id, char *x_hex, char *y_hex, char *z_hex, int ret )
|
|
{
|
|
mbedtls_ecp_group grp;
|
|
mbedtls_ecp_point P;
|
|
|
|
mbedtls_ecp_group_init( &grp );
|
|
mbedtls_ecp_point_init( &P );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp, grp_id ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x_hex ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y_hex ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z_hex ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &P ) == ret );
|
|
|
|
exit:
|
|
mbedtls_ecp_group_free( &grp );
|
|
mbedtls_ecp_point_free( &P );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_ECP_EARLY_RETURN */
|
|
void ecp_test_vect_restart( int id,
|
|
char *dA_str, char *xA_str, char *yA_str,
|
|
char *dB_str, char *xZ_str, char *yZ_str,
|
|
int max_ops, int min_restarts, int max_restarts )
|
|
{
|
|
/*
|
|
* Test for early restart. Based on test vectors like ecp_test_vect(),
|
|
* but for the sake of simplicity only does half of each side. It's
|
|
* important to test both base point and random point, though, as memory
|
|
* management is different in each case.
|
|
*
|
|
* Don't try using too precise bounds for restarts as the exact number
|
|
* will depend on settings such as MBEDTLS_ECP_FIXED_POINT_OPTIM and
|
|
* MBEDTLS_ECP_WINDOW_SIZE, as well as implementation details that may
|
|
* change in the future. A factor 2 is a minimum safety margin.
|
|
*
|
|
* For reference, with mbed TLS 2.4 and default settings, for P-256:
|
|
* - Random point mult: ~3250M
|
|
* - Cold base point mult: ~3300M
|
|
* - Hot base point mult: ~1100M
|
|
* With MBEDTLS_ECP_WINDOW_SIZE set to 2 (minimum):
|
|
* - Random point mult: ~3850M
|
|
*/
|
|
mbedtls_ecp_restart_ctx ctx;
|
|
mbedtls_ecp_group grp;
|
|
mbedtls_ecp_point R;
|
|
mbedtls_mpi dA, xA, yA, dB, xZ, yZ;
|
|
int cnt_restarts;
|
|
int ret;
|
|
|
|
mbedtls_ecp_restart_init( &ctx );
|
|
mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R );
|
|
mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA );
|
|
mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
|
|
|
|
mbedtls_ecp_set_max_ops( (unsigned) max_ops );
|
|
|
|
/* Base point case */
|
|
cnt_restarts = 0;
|
|
do {
|
|
ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G, NULL, NULL, &ctx );
|
|
TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
|
|
|
|
if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
|
|
cnt_restarts++;
|
|
}
|
|
while( ret != 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 );
|
|
|
|
TEST_ASSERT( cnt_restarts >= min_restarts );
|
|
TEST_ASSERT( cnt_restarts <= max_restarts );
|
|
|
|
/* Prepare context for new operation */
|
|
mbedtls_ecp_restart_free( &ctx );
|
|
|
|
/* Non-base point case */
|
|
cnt_restarts = 0;
|
|
do {
|
|
ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &R, NULL, NULL, &ctx );
|
|
TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
|
|
|
|
if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
|
|
cnt_restarts++;
|
|
}
|
|
while( ret != 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
|
|
|
|
TEST_ASSERT( cnt_restarts >= min_restarts );
|
|
TEST_ASSERT( cnt_restarts <= max_restarts );
|
|
|
|
/* Do we leak memory when not finishing an operation? */
|
|
ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &R, NULL, NULL, &ctx );
|
|
TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
|
|
|
|
exit:
|
|
mbedtls_ecp_restart_free( &ctx );
|
|
mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R );
|
|
mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); mbedtls_mpi_free( &yA );
|
|
mbedtls_mpi_free( &dB ); mbedtls_mpi_free( &xZ ); mbedtls_mpi_free( &yZ );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void ecp_test_vect( int id, char *dA_str, char *xA_str, char *yA_str,
|
|
char *dB_str, char *xB_str, char *yB_str, char *xZ_str,
|
|
char *yZ_str )
|
|
{
|
|
mbedtls_ecp_group grp;
|
|
mbedtls_ecp_point R;
|
|
mbedtls_mpi dA, xA, yA, dB, xB, yB, xZ, yZ;
|
|
rnd_pseudo_info rnd_info;
|
|
|
|
mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R );
|
|
mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA ); mbedtls_mpi_init( &dB );
|
|
mbedtls_mpi_init( &xB ); mbedtls_mpi_init( &yB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ );
|
|
memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &yB, 16, yB_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
|
|
&rnd_pseudo_rand, &rnd_info ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R, NULL, NULL ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yB ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R,
|
|
&rnd_pseudo_rand, &rnd_info ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R );
|
|
mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); mbedtls_mpi_free( &yA ); mbedtls_mpi_free( &dB );
|
|
mbedtls_mpi_free( &xB ); mbedtls_mpi_free( &yB ); mbedtls_mpi_free( &xZ ); mbedtls_mpi_free( &yZ );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void ecp_test_vec_x( int id, char *dA_hex, char *xA_hex,
|
|
char *dB_hex, char *xB_hex, char *xS_hex )
|
|
{
|
|
mbedtls_ecp_group grp;
|
|
mbedtls_ecp_point R;
|
|
mbedtls_mpi dA, xA, dB, xB, xS;
|
|
rnd_pseudo_info rnd_info;
|
|
|
|
mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R );
|
|
mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA );
|
|
mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xB );
|
|
mbedtls_mpi_init( &xS );
|
|
memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_hex ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_hex ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_hex ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_hex ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &xS, 16, xS_hex ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
|
|
&rnd_pseudo_rand, &rnd_info ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R,
|
|
&rnd_pseudo_rand, &rnd_info ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R, NULL, NULL ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R );
|
|
mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA );
|
|
mbedtls_mpi_free( &dB ); mbedtls_mpi_free( &xB );
|
|
mbedtls_mpi_free( &xS );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void ecp_fast_mod( int id, char *N_str )
|
|
{
|
|
mbedtls_ecp_group grp;
|
|
mbedtls_mpi N, R;
|
|
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &R );
|
|
mbedtls_ecp_group_init( &grp );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, 16, N_str ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
|
TEST_ASSERT( grp.modp != NULL );
|
|
|
|
/*
|
|
* Store correct result before we touch N
|
|
*/
|
|
TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &N, &grp.P ) == 0 );
|
|
|
|
TEST_ASSERT( grp.modp( &N ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_bitlen( &N ) <= grp.pbits + 3 );
|
|
|
|
/*
|
|
* Use mod rather than addition/subtraction in case previous test fails
|
|
*/
|
|
TEST_ASSERT( mbedtls_mpi_mod_mpi( &N, &N, &grp.P ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &R ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &R );
|
|
mbedtls_ecp_group_free( &grp );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void ecp_write_binary( int id, char *x, char *y, char *z, int format,
|
|
char *out, int blen, int ret )
|
|
{
|
|
mbedtls_ecp_group grp;
|
|
mbedtls_ecp_point P;
|
|
unsigned char buf[256], str[512];
|
|
size_t olen;
|
|
|
|
memset( buf, 0, sizeof( buf ) );
|
|
memset( str, 0, sizeof( str ) );
|
|
|
|
mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_point_write_binary( &grp, &P, format,
|
|
&olen, buf, blen ) == ret );
|
|
|
|
if( ret == 0 )
|
|
{
|
|
hexify( str, buf, olen );
|
|
TEST_ASSERT( strcasecmp( (char *) str, out ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void ecp_read_binary( int id, char *input, char *x, char *y, char *z,
|
|
int ret )
|
|
{
|
|
mbedtls_ecp_group grp;
|
|
mbedtls_ecp_point P;
|
|
mbedtls_mpi X, Y, Z;
|
|
int ilen;
|
|
unsigned char buf[256];
|
|
|
|
memset( buf, 0, sizeof( buf ) );
|
|
|
|
mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
|
|
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
|
|
|
|
ilen = unhexify( buf, input );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_point_read_binary( &grp, &P, buf, ilen ) == ret );
|
|
|
|
if( ret == 0 )
|
|
{
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.X, &X ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Y, &Y ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Z, &Z ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P );
|
|
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void mbedtls_ecp_tls_read_point( int id, char *input, char *x, char *y, char *z,
|
|
int ret )
|
|
{
|
|
mbedtls_ecp_group grp;
|
|
mbedtls_ecp_point P;
|
|
mbedtls_mpi X, Y, Z;
|
|
size_t ilen;
|
|
unsigned char buf[256];
|
|
const unsigned char *vbuf = buf;
|
|
|
|
memset( buf, 0, sizeof( buf ) );
|
|
|
|
mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P );
|
|
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
|
|
|
|
ilen = unhexify( buf, input );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &P, &vbuf, ilen ) == ret );
|
|
|
|
if( ret == 0 )
|
|
{
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.X, &X ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Y, &Y ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Z, &Z ) == 0 );
|
|
TEST_ASSERT( *vbuf == 0x00 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P );
|
|
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void ecp_tls_write_read_point( int id )
|
|
{
|
|
mbedtls_ecp_group grp;
|
|
mbedtls_ecp_point pt;
|
|
unsigned char buf[256];
|
|
const unsigned char *vbuf;
|
|
size_t olen;
|
|
|
|
mbedtls_ecp_group_init( &grp );
|
|
mbedtls_ecp_point_init( &pt );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
|
|
|
memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
|
|
TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &grp.G,
|
|
MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256 ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen )
|
|
== MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
|
|
TEST_ASSERT( vbuf == buf + olen );
|
|
|
|
memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
|
|
TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &grp.G,
|
|
MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256 ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.X, &pt.X ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.Y, &pt.Y ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.Z, &pt.Z ) == 0 );
|
|
TEST_ASSERT( vbuf == buf + olen );
|
|
|
|
memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
|
|
TEST_ASSERT( mbedtls_ecp_set_zero( &pt ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &pt,
|
|
MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256 ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_is_zero( &pt ) );
|
|
TEST_ASSERT( vbuf == buf + olen );
|
|
|
|
memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
|
|
TEST_ASSERT( mbedtls_ecp_set_zero( &pt ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &pt,
|
|
MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256 ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_is_zero( &pt ) );
|
|
TEST_ASSERT( vbuf == buf + olen );
|
|
|
|
exit:
|
|
mbedtls_ecp_group_free( &grp );
|
|
mbedtls_ecp_point_free( &pt );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void mbedtls_ecp_tls_read_group( char *record, int result, int bits )
|
|
{
|
|
mbedtls_ecp_group grp;
|
|
unsigned char buf[10];
|
|
const unsigned char *vbuf = buf;
|
|
int len, ret;
|
|
|
|
mbedtls_ecp_group_init( &grp );
|
|
memset( buf, 0x00, sizeof( buf ) );
|
|
|
|
len = unhexify( buf, record );
|
|
|
|
ret = mbedtls_ecp_tls_read_group( &grp, &vbuf, len );
|
|
|
|
TEST_ASSERT( ret == result );
|
|
if( ret == 0)
|
|
{
|
|
TEST_ASSERT( mbedtls_mpi_bitlen( &grp.P ) == (size_t) bits );
|
|
TEST_ASSERT( *vbuf == 0x00 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_ecp_group_free( &grp );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void ecp_tls_write_read_group( int id )
|
|
{
|
|
mbedtls_ecp_group grp1, grp2;
|
|
unsigned char buf[10];
|
|
const unsigned char *vbuf = buf;
|
|
size_t len;
|
|
int ret;
|
|
|
|
mbedtls_ecp_group_init( &grp1 );
|
|
mbedtls_ecp_group_init( &grp2 );
|
|
memset( buf, 0x00, sizeof( buf ) );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp1, id ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_tls_write_group( &grp1, &len, buf, 10 ) == 0 );
|
|
ret = mbedtls_ecp_tls_read_group( &grp2, &vbuf, len );
|
|
TEST_ASSERT( ret == 0 );
|
|
|
|
if( ret == 0 )
|
|
{
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp1.N, &grp2.N ) == 0 );
|
|
TEST_ASSERT( grp1.id == grp2.id );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_ecp_group_free( &grp1 );
|
|
mbedtls_ecp_group_free( &grp2 );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void mbedtls_ecp_check_privkey( int id, char *key_hex, int ret )
|
|
{
|
|
mbedtls_ecp_group grp;
|
|
mbedtls_mpi d;
|
|
|
|
mbedtls_ecp_group_init( &grp );
|
|
mbedtls_mpi_init( &d );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, key_hex ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == ret );
|
|
|
|
exit:
|
|
mbedtls_ecp_group_free( &grp );
|
|
mbedtls_mpi_free( &d );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void mbedtls_ecp_check_pub_priv( int id_pub, char *Qx_pub, char *Qy_pub,
|
|
int id, char *d, char *Qx, char *Qy, int ret )
|
|
{
|
|
mbedtls_ecp_keypair pub, prv;
|
|
|
|
mbedtls_ecp_keypair_init( &pub );
|
|
mbedtls_ecp_keypair_init( &prv );
|
|
|
|
if( id_pub != MBEDTLS_ECP_DP_NONE )
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &pub.grp, id_pub ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_point_read_string( &pub.Q, 16, Qx_pub, Qy_pub ) == 0 );
|
|
|
|
if( id != MBEDTLS_ECP_DP_NONE )
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &prv.grp, id ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_point_read_string( &prv.Q, 16, Qx, Qy ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &prv.d, 16, d ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv ) == ret );
|
|
|
|
exit:
|
|
mbedtls_ecp_keypair_free( &pub );
|
|
mbedtls_ecp_keypair_free( &prv );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void mbedtls_ecp_gen_keypair( int id )
|
|
{
|
|
mbedtls_ecp_group grp;
|
|
mbedtls_ecp_point Q;
|
|
mbedtls_mpi d;
|
|
rnd_pseudo_info rnd_info;
|
|
|
|
mbedtls_ecp_group_init( &grp );
|
|
mbedtls_ecp_point_init( &Q );
|
|
mbedtls_mpi_init( &d );
|
|
memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q, &rnd_pseudo_rand, &rnd_info )
|
|
== 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &Q ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_ecp_group_free( &grp );
|
|
mbedtls_ecp_point_free( &Q );
|
|
mbedtls_mpi_free( &d );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void mbedtls_ecp_gen_key( int id )
|
|
{
|
|
mbedtls_ecp_keypair key;
|
|
rnd_pseudo_info rnd_info;
|
|
|
|
mbedtls_ecp_keypair_init( &key );
|
|
memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_gen_key( id, &key, &rnd_pseudo_rand, &rnd_info ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &key.grp, &key.Q ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_check_privkey( &key.grp, &key.d ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_ecp_keypair_free( &key );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
|
|
void ecp_selftest()
|
|
{
|
|
TEST_ASSERT( mbedtls_ecp_self_test( 1 ) == 0 );
|
|
}
|
|
/* END_CASE */
|