From 7c5dc6b20a3eb64f4019390be701be714b6805d8 Mon Sep 17 00:00:00 2001 From: Jarno Lamsa Date: Mon, 26 Aug 2019 13:12:35 +0300 Subject: [PATCH 1/6] Add test suite for tinycrypt Initially add a test for ECDH-part. --- tests/CMakeLists.txt | 1 + tests/suites/test_suite_tinycrypt.data | 2 ++ tests/suites/test_suite_tinycrypt.function | 35 ++++++++++++++++++++++ 3 files changed, 38 insertions(+) create mode 100644 tests/suites/test_suite_tinycrypt.data create mode 100644 tests/suites/test_suite_tinycrypt.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 5938a5fc8..2ea77e7e7 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -133,6 +133,7 @@ add_test_suite(poly1305) add_test_suite(shax) add_test_suite(ssl) add_test_suite(timing) +add_test_suite(tinycrypt) add_test_suite(rsa) add_test_suite(version) add_test_suite(xtea) diff --git a/tests/suites/test_suite_tinycrypt.data b/tests/suites/test_suite_tinycrypt.data new file mode 100644 index 000000000..85d599276 --- /dev/null +++ b/tests/suites/test_suite_tinycrypt.data @@ -0,0 +1,2 @@ +Tinycrypt ECDH +test_ecdh: diff --git a/tests/suites/test_suite_tinycrypt.function b/tests/suites/test_suite_tinycrypt.function new file mode 100644 index 000000000..eb347ea49 --- /dev/null +++ b/tests/suites/test_suite_tinycrypt.function @@ -0,0 +1,35 @@ +/* BEGIN_HEADER */ + +#include "tinycrypt/ecc.h" +#include "tinycrypt/ecc_dh.h" +#include "tinycrypt/ecc_dsa.h" + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_USE_TINYCRYPT + * END_DEPENDENCIES + */ + +/* BEGIN_CASE depends_on:MBEDTLS_USE_TINYCRYPT */ +void test_ecdh() +{ + uint8_t private1[NUM_ECC_BYTES] = {0}; + uint8_t private2[NUM_ECC_BYTES] = {0}; + uint8_t public1[2*NUM_ECC_BYTES] = {0}; + uint8_t public2[2*NUM_ECC_BYTES] = {0}; + uint8_t secret1[NUM_ECC_BYTES] = {0}; + uint8_t secret2[NUM_ECC_BYTES] = {0}; + + const struct uECC_Curve_t * curve = uECC_secp256r1(); + + TEST_ASSERT( uECC_make_key( public1, private1, curve ) != 0 ); + TEST_ASSERT( uECC_make_key( public2, private2, curve ) != 0 ); + + TEST_ASSERT( uECC_shared_secret( public2, private1, secret1, curve ) != 0 ); + + TEST_ASSERT( uECC_shared_secret( public1, private2, secret2, curve ) != 0 ); + + TEST_ASSERT( memcmp( secret1, secret2, sizeof( secret1 ) ) == 0 ); +} +/* END_CASE */ From 6c2f76e9cdae1b6c361238047ec909b35f3d8b8a Mon Sep 17 00:00:00 2001 From: Jarno Lamsa Date: Mon, 26 Aug 2019 13:34:45 +0300 Subject: [PATCH 2/6] Add a unit test for ECDSA Add a basic unit test for the ECDSA part of the tinycrypt. It generates keys, signs and verifies. Modified from tinycrypt tests found in tinycrypt-repository. --- tests/suites/test_suite_tinycrypt.data | 3 +++ tests/suites/test_suite_tinycrypt.function | 24 ++++++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/tests/suites/test_suite_tinycrypt.data b/tests/suites/test_suite_tinycrypt.data index 85d599276..d76550efe 100644 --- a/tests/suites/test_suite_tinycrypt.data +++ b/tests/suites/test_suite_tinycrypt.data @@ -1,2 +1,5 @@ Tinycrypt ECDH test_ecdh: + +Tinycrypt ECDSA +test_ecdsa: diff --git a/tests/suites/test_suite_tinycrypt.function b/tests/suites/test_suite_tinycrypt.function index eb347ea49..698058f01 100644 --- a/tests/suites/test_suite_tinycrypt.function +++ b/tests/suites/test_suite_tinycrypt.function @@ -33,3 +33,27 @@ void test_ecdh() TEST_ASSERT( memcmp( secret1, secret2, sizeof( secret1 ) ) == 0 ); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_USE_TINYCRYPT */ +void test_ecdsa() +{ + uint8_t private[NUM_ECC_BYTES] = {0}; + uint8_t public[2*NUM_ECC_BYTES] = {0}; + uint8_t hash[NUM_ECC_BYTES] = {0}; + uint8_t sig[2*NUM_ECC_BYTES] = {0}; + unsigned int hash_words[NUM_ECC_WORDS] = {0}; + + const struct uECC_Curve_t * curve = uECC_secp256r1(); + + uECC_generate_random_int( hash_words, curve->n, + BITS_TO_WORDS( curve->num_n_bits ) ); + + uECC_vli_nativeToBytes( hash, NUM_ECC_BYTES, hash_words ); + + TEST_ASSERT( uECC_make_key( public, private, curve ) != 0 ); + + TEST_ASSERT( uECC_sign( private, hash, sizeof( hash ), sig, curve ) != 0 ); + + TEST_ASSERT( uECC_verify( public, hash, sizeof( hash ), sig, curve ) != 0 ); +} +/* END_CASE */ \ No newline at end of file From 34fcbfe2879c2e1f3beed265f7fb9b6c9639bafd Mon Sep 17 00:00:00 2001 From: Jarno Lamsa Date: Mon, 26 Aug 2019 14:37:33 +0300 Subject: [PATCH 3/6] Add rng for the tinycrypt tests Use rnd_std_rand for the rng. --- tests/suites/test_suite_tinycrypt.function | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/suites/test_suite_tinycrypt.function b/tests/suites/test_suite_tinycrypt.function index 698058f01..0691d1058 100644 --- a/tests/suites/test_suite_tinycrypt.function +++ b/tests/suites/test_suite_tinycrypt.function @@ -4,6 +4,16 @@ #include "tinycrypt/ecc_dh.h" #include "tinycrypt/ecc_dsa.h" +static int uecc_rng_wrapper( uint8_t *dest, unsigned int size ) +{ + int ret; + ret = rnd_std_rand( NULL, dest, size ); + if( ret == 0 ) + return( (int) size ); + + return( 0 ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -23,7 +33,10 @@ void test_ecdh() const struct uECC_Curve_t * curve = uECC_secp256r1(); + uECC_set_rng( &uecc_rng_wrapper ); + TEST_ASSERT( uECC_make_key( public1, private1, curve ) != 0 ); + TEST_ASSERT( uECC_make_key( public2, private2, curve ) != 0 ); TEST_ASSERT( uECC_shared_secret( public2, private1, secret1, curve ) != 0 ); @@ -45,6 +58,8 @@ void test_ecdsa() const struct uECC_Curve_t * curve = uECC_secp256r1(); + uECC_set_rng( &uecc_rng_wrapper ); + uECC_generate_random_int( hash_words, curve->n, BITS_TO_WORDS( curve->num_n_bits ) ); From a7e0f632fcf1f0b4f3e7d5c33411c5f624946910 Mon Sep 17 00:00:00 2001 From: Jarno Lamsa Date: Mon, 2 Sep 2019 09:47:37 +0300 Subject: [PATCH 4/6] Add unit tests for primitive test vectors Add a unit test for both ECDSA and ECDH, testing reference test vectors for secp256r1. --- tests/suites/test_suite_tinycrypt.data | 6 +++ tests/suites/test_suite_tinycrypt.function | 59 +++++++++++++++++++++- 2 files changed, 64 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_tinycrypt.data b/tests/suites/test_suite_tinycrypt.data index d76550efe..ac2a8e23e 100644 --- a/tests/suites/test_suite_tinycrypt.data +++ b/tests/suites/test_suite_tinycrypt.data @@ -3,3 +3,9 @@ test_ecdh: Tinycrypt ECDSA test_ecdsa: + +ECDH primitive rfc 5903 p256 +ecdh_primitive_testvec:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"DAD0B65394221CF9B051E1FECA5787D098DFE637FC90B9EF945D0C3772581180":"5271A0461CDB8252D61F1C456FA3E59AB1F45B33ACCF5F58389E0577B8990BB3":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D12DFB5289C8D4F81208B70270398C342296970A0BCCB74C736FC7554494BF63":"56FBF3CA366CC23E8157854C13C58D6AAC23F046ADA30F8353E74F33039872AB":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE" + +ECDSA primitive rfc 4754 p256 +ecdsa_primitive_testvec:"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":"BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD":"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"86FA3BB4E26CAD5BF90B7F81899256CE7594BB1EA0C89212748BFF3B3D5B0315":1 diff --git a/tests/suites/test_suite_tinycrypt.function b/tests/suites/test_suite_tinycrypt.function index 0691d1058..36e4c66cd 100644 --- a/tests/suites/test_suite_tinycrypt.function +++ b/tests/suites/test_suite_tinycrypt.function @@ -71,4 +71,61 @@ void test_ecdsa() TEST_ASSERT( uECC_verify( public, hash, sizeof( hash ), sig, curve ) != 0 ); } -/* END_CASE */ \ No newline at end of file +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_USE_TINYCRYPT */ +void ecdh_primitive_testvec( data_t * private1, data_t * xA_str, + data_t * yA_str, data_t * private2, + data_t * xB_str, data_t * yB_str, data_t * z_str ) +{ + const struct uECC_Curve_t * curve = uECC_secp256r1(); + uint8_t public1[2*NUM_ECC_BYTES] = {0}; + uint8_t public2[2*NUM_ECC_BYTES] = {0}; + uint8_t secret1[NUM_ECC_BYTES] = {0}; + uint8_t secret2[NUM_ECC_BYTES] = {0}; + + memcpy( public1, xA_str->x, xA_str->len ); + memcpy( public1 + NUM_ECC_BYTES, yA_str->x, yA_str->len ); + memcpy( public2, xB_str->x, xB_str->len ); + memcpy( public2 + NUM_ECC_BYTES, yB_str->x, yB_str->len ); + + // Compute shared secrets and compare to test vector secret + TEST_ASSERT( uECC_shared_secret( public2, private1->x, secret1, curve ) != 0 ); + + TEST_ASSERT( uECC_shared_secret( public1, private2->x, secret2, curve ) != 0 ); + + TEST_ASSERT( memcmp( secret1, secret2, sizeof( secret1 ) ) == 0 ); + TEST_ASSERT( memcmp( secret1, z_str->x, sizeof( secret1 ) ) == 0 ); + TEST_ASSERT( memcmp( secret2, z_str->x, sizeof( secret2 ) ) == 0 ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_USE_TINYCRYPT */ +void ecdsa_primitive_testvec( data_t * xQ_str, data_t * yQ_str, + data_t * hash, data_t * r_str, data_t * s_str, + int result ) +{ + const struct uECC_Curve_t * curve = uECC_secp256r1(); + uint8_t pub_bytes[2*NUM_ECC_BYTES] = {0}; + uint8_t sig_bytes[2*NUM_ECC_BYTES] = {0}; + + memcpy( pub_bytes, xQ_str->x, xQ_str->len ); + memcpy( pub_bytes + NUM_ECC_BYTES, yQ_str->x, yQ_str->len ); + memcpy( sig_bytes, r_str->x, r_str->len ); + memcpy( sig_bytes + NUM_ECC_BYTES, s_str->x, r_str->len ); + + TEST_ASSERT( uECC_verify( pub_bytes, hash->x, hash->len, + sig_bytes, curve ) == result ); + + // Alter the signature and check the verification fails + for( int i = 0; i < 2*NUM_ECC_BYTES; i++ ) + { + uint8_t temp = sig_bytes[i]; + sig_bytes[i] = ( sig_bytes[i] + 1 ) % 256; + TEST_ASSERT( uECC_verify( pub_bytes, hash->x, hash->len, + sig_bytes, curve ) == 0 ); + sig_bytes[i] = temp; + } + +} +/* END_CASE */ From f35f35bcbef168ae306fd03ace78a8ea32ccfdd9 Mon Sep 17 00:00:00 2001 From: Jarno Lamsa Date: Mon, 2 Sep 2019 15:36:49 +0300 Subject: [PATCH 5/6] Use rnd_std_rand for generating hash --- tests/suites/test_suite_tinycrypt.function | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/tests/suites/test_suite_tinycrypt.function b/tests/suites/test_suite_tinycrypt.function index 36e4c66cd..2cf656616 100644 --- a/tests/suites/test_suite_tinycrypt.function +++ b/tests/suites/test_suite_tinycrypt.function @@ -54,16 +54,12 @@ void test_ecdsa() uint8_t public[2*NUM_ECC_BYTES] = {0}; uint8_t hash[NUM_ECC_BYTES] = {0}; uint8_t sig[2*NUM_ECC_BYTES] = {0}; - unsigned int hash_words[NUM_ECC_WORDS] = {0}; const struct uECC_Curve_t * curve = uECC_secp256r1(); uECC_set_rng( &uecc_rng_wrapper ); - uECC_generate_random_int( hash_words, curve->n, - BITS_TO_WORDS( curve->num_n_bits ) ); - - uECC_vli_nativeToBytes( hash, NUM_ECC_BYTES, hash_words ); + TEST_ASSERT( rnd_std_rand( NULL, hash, NUM_ECC_BYTES ) == 0 ); TEST_ASSERT( uECC_make_key( public, private, curve ) != 0 ); From 28012e2ea2a43dc98850d1fcb821dbbdee0c2599 Mon Sep 17 00:00:00 2001 From: Jarno Lamsa Date: Mon, 9 Sep 2019 08:42:11 +0300 Subject: [PATCH 6/6] Remove redundant rng wrapper --- tests/suites/test_suite_tinycrypt.function | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/tests/suites/test_suite_tinycrypt.function b/tests/suites/test_suite_tinycrypt.function index 2cf656616..24b331d80 100644 --- a/tests/suites/test_suite_tinycrypt.function +++ b/tests/suites/test_suite_tinycrypt.function @@ -4,16 +4,6 @@ #include "tinycrypt/ecc_dh.h" #include "tinycrypt/ecc_dsa.h" -static int uecc_rng_wrapper( uint8_t *dest, unsigned int size ) -{ - int ret; - ret = rnd_std_rand( NULL, dest, size ); - if( ret == 0 ) - return( (int) size ); - - return( 0 ); -} - /* END_HEADER */ /* BEGIN_DEPENDENCIES