Gitiles
Code Review Sign In
git01.mediatek.com / filogic / uboot / 0344c602eadc0802776b65ff90f0a02c856cf53c / . / tests / suites / test_suite_lms.function
blob: 7116f6181045d4ddb1414eebe62809a26e522d79 [file] [log] [blame]
Tom Rini0344c602024-10-08 13:56:50 -0600[diff] [blame^]1/* BEGIN_HEADER */
2#include "mbedtls/lms.h"
3
4/* END_HEADER */
5
6/* BEGIN_DEPENDENCIES
7 * depends_on:MBEDTLS_LMS_C
8 * END_DEPENDENCIES
9 */
10
11/* BEGIN_CASE depends_on:MBEDTLS_LMS_PRIVATE */
12void lms_sign_verify_test(data_t *msg, data_t *seed)
13{
14 mbedtls_lms_public_t pub_ctx;
15 mbedtls_lms_private_t priv_ctx;
16 unsigned char sig[MBEDTLS_LMS_SIG_LEN(MBEDTLS_LMS_SHA256_M32_H10, MBEDTLS_LMOTS_SHA256_N32_W8)];
17
18 mbedtls_lms_public_init(&pub_ctx);
19 mbedtls_lms_private_init(&priv_ctx);
20
21 /* Allocation failure isn't a test failure, since it likely just means
22 * there's not enough memory to run the test.
23 */
24 TEST_EQUAL(mbedtls_lms_generate_private_key(&priv_ctx, MBEDTLS_LMS_SHA256_M32_H10,
25 MBEDTLS_LMOTS_SHA256_N32_W8,
26 mbedtls_test_rnd_std_rand, NULL,
27 seed->x, seed->len), 0);
28
29 TEST_EQUAL(mbedtls_lms_calculate_public_key(&pub_ctx, &priv_ctx), 0);
30
31 TEST_EQUAL(mbedtls_lms_sign(&priv_ctx, mbedtls_test_rnd_std_rand, NULL,
32 msg->x, msg->len, sig, sizeof(sig),
33 NULL), 0);
34
35 TEST_EQUAL(mbedtls_lms_verify(&pub_ctx, msg->x, msg->len, sig,
36 sizeof(sig)), 0);
37
38exit:
39 mbedtls_lms_public_free(&pub_ctx);
40 mbedtls_lms_private_free(&priv_ctx);
41}
42/* END_CASE */
43
44/* BEGIN_CASE depends_on:MBEDTLS_LMS_PRIVATE */
45void lms_sign_verify_null_msg_test(data_t *seed)
46{
47 mbedtls_lms_public_t pub_ctx;
48 mbedtls_lms_private_t priv_ctx;
49 unsigned char sig[MBEDTLS_LMS_SIG_LEN(MBEDTLS_LMS_SHA256_M32_H10, MBEDTLS_LMOTS_SHA256_N32_W8)];
50
51 mbedtls_lms_public_init(&pub_ctx);
52 mbedtls_lms_private_init(&priv_ctx);
53
54 /* Allocation failure isn't a test failure, since it likely just means
55 * there's not enough memory to run the test.
56 */
57 TEST_EQUAL(mbedtls_lms_generate_private_key(&priv_ctx, MBEDTLS_LMS_SHA256_M32_H10,
58 MBEDTLS_LMOTS_SHA256_N32_W8,
59 mbedtls_test_rnd_std_rand, NULL,
60 seed->x, seed->len), 0);
61
62 TEST_EQUAL(mbedtls_lms_calculate_public_key(&pub_ctx, &priv_ctx), 0);
63
64 TEST_EQUAL(mbedtls_lms_sign(&priv_ctx, mbedtls_test_rnd_std_rand, NULL,
65 NULL, 0, sig, sizeof(sig),
66 NULL), 0);
67
68 TEST_EQUAL(mbedtls_lms_verify(&pub_ctx, NULL, 0, sig,
69 sizeof(sig)), 0);
70
71exit:
72 mbedtls_lms_public_free(&pub_ctx);
73 mbedtls_lms_private_free(&priv_ctx);
74}
75/* END_CASE */
76
77/* BEGIN_CASE */
78void lms_verify_test(data_t *msg, data_t *sig, data_t *pub_key,
79 int expected_rc)
80{
81 mbedtls_lms_public_t ctx;
82 unsigned int size;
83 unsigned char *tmp_sig = NULL;
84
85 mbedtls_lms_public_init(&ctx);
86
87 TEST_EQUAL(mbedtls_lms_import_public_key(&ctx, pub_key->x, pub_key->len), 0);
88
89 TEST_EQUAL(mbedtls_lms_verify(&ctx, msg->x, msg->len, sig->x, sig->len), expected_rc);
90
91 /* Test negative cases if the input data is valid */
92 if (expected_rc == 0) {
93 if (msg->len >= 1) {
94 /* Altering first message byte must cause verification failure */
95 msg->x[0] ^= 1;
96 TEST_EQUAL(mbedtls_lms_verify(&ctx, msg->x, msg->len, sig->x, sig->len),
97 MBEDTLS_ERR_LMS_VERIFY_FAILED);
98 msg->x[0] ^= 1;
99
100 /* Altering last message byte must cause verification failure */
101 msg->x[msg->len - 1] ^= 1;
102 TEST_EQUAL(mbedtls_lms_verify(&ctx, msg->x, msg->len, sig->x, sig->len),
103 MBEDTLS_ERR_LMS_VERIFY_FAILED);
104 msg->x[msg->len - 1] ^= 1;
105 }
106
107 if (sig->len >= 1) {
108 /* Altering first signature byte must cause verification failure */
109 sig->x[0] ^= 1;
110 TEST_EQUAL(mbedtls_lms_verify(&ctx, msg->x, msg->len, sig->x, sig->len),
111 MBEDTLS_ERR_LMS_VERIFY_FAILED);
112 sig->x[0] ^= 1;
113
114 /* Altering last signature byte must cause verification failure */
115 sig->x[sig->len - 1] ^= 1;
116 TEST_EQUAL(mbedtls_lms_verify(&ctx, msg->x, msg->len, sig->x, sig->len),
117 MBEDTLS_ERR_LMS_VERIFY_FAILED);
118 sig->x[sig->len - 1] ^= 1;
119 }
120
121 /* Signatures of all sizes must not verify, whether shorter or longer */
122 for (size = 0; size < sig->len; size++) {
123 if (size == sig->len) {
124 continue;
125 }
126
127 TEST_CALLOC(tmp_sig, size);
128 if (tmp_sig != NULL) {
129 memcpy(tmp_sig, sig->x, MIN(size, sig->len));
130 }
131
132 TEST_EQUAL(mbedtls_lms_verify(&ctx, msg->x, msg->len, tmp_sig, size),
133 MBEDTLS_ERR_LMS_VERIFY_FAILED);
134 mbedtls_free(tmp_sig);
135 tmp_sig = NULL;
136 }
137 }
138
139exit:
140 mbedtls_free(tmp_sig);
141 mbedtls_lms_public_free(&ctx);
142}
143/* END_CASE */
144
145/* BEGIN_CASE */
146void lms_import_export_test(data_t *pub_key, int expected_import_rc)
147{
148 mbedtls_lms_public_t ctx;
149 size_t exported_pub_key_buf_size = 0;
150 size_t exported_pub_key_size = 0;
151 unsigned char *exported_pub_key = NULL;
152
153 mbedtls_lms_public_init(&ctx);
154 TEST_EQUAL(mbedtls_lms_import_public_key(&ctx, pub_key->x, pub_key->len),
155 expected_import_rc);
156
157 if (expected_import_rc == 0) {
158 exported_pub_key_buf_size = MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10);
159 TEST_CALLOC(exported_pub_key, exported_pub_key_buf_size);
160
161 TEST_EQUAL(mbedtls_lms_export_public_key(&ctx, exported_pub_key,
162 exported_pub_key_buf_size,
163 &exported_pub_key_size), 0);
164
165 TEST_EQUAL(exported_pub_key_size,
166 MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10));
167 TEST_MEMORY_COMPARE(pub_key->x, pub_key->len,
168 exported_pub_key, exported_pub_key_size);
169 mbedtls_free(exported_pub_key);
170 exported_pub_key = NULL;
171
172 /* Export into too-small buffer should fail */
173 exported_pub_key_buf_size = MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10) - 1;
174 TEST_CALLOC(exported_pub_key, exported_pub_key_buf_size);
175 TEST_EQUAL(mbedtls_lms_export_public_key(&ctx, exported_pub_key,
176 exported_pub_key_buf_size, NULL),
177 MBEDTLS_ERR_LMS_BUFFER_TOO_SMALL);
178 mbedtls_free(exported_pub_key);
179 exported_pub_key = NULL;
180
181 /* Export into too-large buffer should succeed */
182 exported_pub_key_buf_size = MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10) + 1;
183 TEST_CALLOC(exported_pub_key, exported_pub_key_buf_size);
184 TEST_EQUAL(mbedtls_lms_export_public_key(&ctx, exported_pub_key,
185 exported_pub_key_buf_size,
186 &exported_pub_key_size),
187 0);
188 TEST_MEMORY_COMPARE(pub_key->x, pub_key->len,
189 exported_pub_key, exported_pub_key_size);
190 mbedtls_free(exported_pub_key);
191 exported_pub_key = NULL;
192 }
193
194exit:
195 mbedtls_free(exported_pub_key);
196 mbedtls_lms_public_free(&ctx);
197}
198/* END_CASE */