Squashed 'lib/mbedtls/external/mbedtls/' content from commit 2ca6c285a0dd
git-subtree-dir: lib/mbedtls/external/mbedtls
git-subtree-split: 2ca6c285a0dd3f33982dd57299012dacab1ff206
diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function
new file mode 100644
index 0000000..a06fc30
--- /dev/null
+++ b/tests/suites/test_suite_pkparse.function
@@ -0,0 +1,335 @@
+/* BEGIN_HEADER */
+#include "mbedtls/pk.h"
+#include "mbedtls/pem.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/psa_util.h"
+#include "pk_internal.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+#include "test/psa_exercise_key.h"
+#endif
+
+#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
+#define HAVE_mbedtls_pk_parse_key_pkcs8_encrypted_der
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_FS_IO)
+static int test_psa_bridge(const mbedtls_pk_context *ctx,
+ psa_key_usage_t usage_flag)
+{
+ switch (usage_flag) {
+ case PSA_KEY_USAGE_SIGN_HASH:
+ mbedtls_test_set_step(0);
+ break;
+ case PSA_KEY_USAGE_SIGN_MESSAGE:
+ mbedtls_test_set_step(1);
+ break;
+ case PSA_KEY_USAGE_DECRYPT:
+ mbedtls_test_set_step(2);
+ break;
+ case PSA_KEY_USAGE_DERIVE:
+ mbedtls_test_set_step(3);
+ break;
+ case PSA_KEY_USAGE_VERIFY_HASH:
+ mbedtls_test_set_step(4);
+ break;
+ case PSA_KEY_USAGE_VERIFY_MESSAGE:
+ mbedtls_test_set_step(5);
+ break;
+ case PSA_KEY_USAGE_ENCRYPT:
+ mbedtls_test_set_step(6);
+ break;
+ }
+
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ mbedtls_svc_key_id_t psa_key = MBEDTLS_SVC_KEY_ID_INIT;
+ int ok = 0;
+
+ TEST_EQUAL(mbedtls_pk_get_psa_attributes(ctx, usage_flag, &attributes), 0);
+ TEST_EQUAL(mbedtls_pk_import_into_psa(ctx, &attributes, &psa_key), 0);
+ if (!mbedtls_test_key_consistency_psa_pk(psa_key, ctx)) {
+ goto exit;
+ }
+
+ psa_algorithm_t exercise_usage = psa_get_key_usage_flags(&attributes);
+ psa_algorithm_t exercise_alg = psa_get_key_algorithm(&attributes);
+ if (mbedtls_test_can_exercise_psa_algorithm(exercise_alg)) {
+ TEST_ASSERT(mbedtls_test_psa_exercise_key(psa_key,
+ exercise_usage,
+ exercise_alg, 0));
+ }
+
+ mbedtls_test_set_step((unsigned long) -1);
+ ok = 1;
+
+exit:
+ psa_destroy_key(psa_key);
+ psa_reset_key_attributes(&attributes);
+ return ok;
+}
+
+#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
+/* Whether a pk key can do ECDSA. Opaque keys are not supported since this
+ * test suite does not create opaque keys. */
+static int pk_can_ecdsa(const mbedtls_pk_context *ctx)
+{
+ /* Check whether we have an EC key. Unfortunately this also accepts
+ * keys on Montgomery curves, which can only do ECDH, so we'll have
+ * to dig further. */
+ if (!mbedtls_pk_can_do(ctx, MBEDTLS_PK_ECDSA)) {
+ return 0;
+ }
+#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+ return ctx->ec_family != PSA_ECC_FAMILY_MONTGOMERY;
+#elif defined(MBEDTLS_ECDSA_C)
+ return mbedtls_ecdsa_can_do(mbedtls_pk_ec_ro(*ctx)->grp.id);
+#else
+ return 0;
+#endif
+}
+#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
+#endif /* MBEDTLS_PSA_CRYPTO_C && && MBEDTLS_FS_IO */
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PK_PARSE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
+void pk_parse_keyfile_rsa(char *key_file, char *password, int result)
+{
+ mbedtls_pk_context ctx;
+ int res;
+ char *pwd = password;
+
+ mbedtls_pk_init(&ctx);
+ MD_PSA_INIT();
+
+ if (strcmp(pwd, "NULL") == 0) {
+ pwd = NULL;
+ }
+
+ res = mbedtls_pk_parse_keyfile(&ctx, key_file, pwd,
+ mbedtls_test_rnd_std_rand, NULL);
+
+ TEST_EQUAL(res, result);
+
+ if (res == 0) {
+ mbedtls_rsa_context *rsa;
+ TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA));
+ rsa = mbedtls_pk_rsa(ctx);
+ TEST_EQUAL(mbedtls_rsa_check_privkey(rsa), 0);
+
+ size_t bitlen = mbedtls_rsa_get_bitlen(rsa);
+ TEST_EQUAL(mbedtls_pk_get_bitlen(&ctx), bitlen);
+ TEST_EQUAL(mbedtls_pk_get_len(&ctx), (bitlen + 7) / 8);
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+ PSA_INIT();
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_SIGN_HASH));
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_SIGN_MESSAGE));
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_DECRYPT));
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_HASH));
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_MESSAGE));
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_ENCRYPT));
+#endif
+ }
+
+exit:
+ mbedtls_pk_free(&ctx);
+ PSA_DONE();
+}
+
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
+void pk_parse_public_keyfile_rsa(char *key_file, int result)
+{
+ mbedtls_pk_context ctx;
+ int res;
+
+ mbedtls_pk_init(&ctx);
+ MD_PSA_INIT();
+
+ res = mbedtls_pk_parse_public_keyfile(&ctx, key_file);
+
+ TEST_EQUAL(res, result);
+
+ if (res == 0) {
+ mbedtls_rsa_context *rsa;
+ TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA));
+ rsa = mbedtls_pk_rsa(ctx);
+ TEST_EQUAL(mbedtls_rsa_check_pubkey(rsa), 0);
+
+ size_t bitlen = mbedtls_rsa_get_bitlen(rsa);
+ TEST_EQUAL(mbedtls_pk_get_bitlen(&ctx), bitlen);
+ TEST_EQUAL(mbedtls_pk_get_len(&ctx), (bitlen + 7) / 8);
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+ PSA_INIT();
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_HASH));
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_MESSAGE));
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_ENCRYPT));
+#endif
+ }
+
+exit:
+ mbedtls_pk_free(&ctx);
+ PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_PK_HAVE_ECC_KEYS */
+void pk_parse_public_keyfile_ec(char *key_file, int result)
+{
+ mbedtls_pk_context ctx;
+ int res;
+
+ mbedtls_pk_init(&ctx);
+ MD_OR_USE_PSA_INIT();
+
+ res = mbedtls_pk_parse_public_keyfile(&ctx, key_file);
+
+ TEST_EQUAL(res, result);
+
+ if (res == 0) {
+ TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY));
+#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+ /* No need to check whether the parsed public point is on the curve or
+ * not because this is already done by the internal "pk_get_ecpubkey()"
+ * function */
+#else
+ const mbedtls_ecp_keypair *eckey;
+ eckey = mbedtls_pk_ec_ro(ctx);
+ TEST_EQUAL(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q), 0);
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+ PSA_INIT();
+ if (pk_can_ecdsa(&ctx)) {
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_HASH));
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_MESSAGE));
+ }
+#endif
+ }
+
+exit:
+ mbedtls_pk_free(&ctx);
+ PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_PK_HAVE_ECC_KEYS */
+void pk_parse_keyfile_ec(char *key_file, char *password, int result)
+{
+ mbedtls_pk_context ctx;
+ int res;
+
+ mbedtls_pk_init(&ctx);
+ MD_OR_USE_PSA_INIT();
+
+ res = mbedtls_pk_parse_keyfile(&ctx, key_file, password,
+ mbedtls_test_rnd_std_rand, NULL);
+
+ TEST_EQUAL(res, result);
+
+ if (res == 0) {
+ TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY));
+#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+ /* PSA keys are already checked on import so nothing to do here. */
+#else
+ const mbedtls_ecp_keypair *eckey = mbedtls_pk_ec_ro(ctx);
+ TEST_EQUAL(mbedtls_ecp_check_privkey(&eckey->grp, &eckey->d), 0);
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+ PSA_INIT();
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_DERIVE));
+ if (pk_can_ecdsa(&ctx)) {
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_SIGN_HASH));
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_SIGN_MESSAGE));
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_HASH));
+ TEST_ASSERT(test_psa_bridge(&ctx, PSA_KEY_USAGE_VERIFY_MESSAGE));
+ }
+#endif
+ }
+
+exit:
+ mbedtls_pk_free(&ctx);
+ PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pk_parse_key(data_t *buf, int result)
+{
+ mbedtls_pk_context pk;
+
+ mbedtls_pk_init(&pk);
+ USE_PSA_INIT();
+
+ TEST_ASSERT(mbedtls_pk_parse_key(&pk, buf->x, buf->len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL) == result);
+
+exit:
+ mbedtls_pk_free(&pk);
+ USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:HAVE_mbedtls_pk_parse_key_pkcs8_encrypted_der */
+void pk_parse_key_encrypted(data_t *buf, data_t *pass, int result)
+{
+ mbedtls_pk_context pk;
+
+ mbedtls_pk_init(&pk);
+ USE_PSA_INIT();
+
+ TEST_EQUAL(mbedtls_pk_parse_key_pkcs8_encrypted_der(&pk, buf->x, buf->len,
+ pass->x, pass->len,
+ mbedtls_test_rnd_std_rand,
+ NULL), result);
+exit:
+ mbedtls_pk_free(&pk);
+ USE_PSA_DONE();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_WRITE_C */
+void pk_parse_fix_montgomery(data_t *input_key, data_t *exp_output)
+{
+ /* Montgomery keys have specific bits set to either 0 or 1 depending on
+ * their position. This is enforced during parsing (please see the implementation
+ * of mbedtls_ecp_read_key() for more details). The scope of this function
+ * is to verify this enforcing by feeding the parse algorithm with a x25519
+ * key which does not have those bits set properly. */
+ mbedtls_pk_context pk;
+ unsigned char *output_key = NULL;
+ size_t output_key_len = 0;
+
+ mbedtls_pk_init(&pk);
+ USE_PSA_INIT();
+
+ TEST_EQUAL(mbedtls_pk_parse_key(&pk, input_key->x, input_key->len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL), 0);
+
+ output_key_len = input_key->len;
+ TEST_CALLOC(output_key, output_key_len);
+ /* output_key_len is updated with the real amount of data written to
+ * output_key buffer. */
+ output_key_len = mbedtls_pk_write_key_der(&pk, output_key, output_key_len);
+ TEST_ASSERT(output_key_len > 0);
+
+ TEST_MEMORY_COMPARE(exp_output->x, exp_output->len, output_key, output_key_len);
+
+exit:
+ if (output_key != NULL) {
+ mbedtls_free(output_key);
+ }
+ mbedtls_pk_free(&pk);
+ USE_PSA_DONE();
+}
+/* END_CASE */