mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-30 05:54:23 +01:00
9d6a535ba1
This commit first changes the return convention of EccPoint_mult_safer() so that it properly reports when faults are detected. Then all functions that call it need to be changed to (1) follow the same return convention and (2) properly propagate UECC_FAULT_DETECTED when it occurs. Here's the reverse call graph from EccPoint_mult_safer() to the rest of the library (where return values are translated to the MBEDTLS_ERR_ space) and test functions (where expected return values are asserted explicitly). EccPoint_mult_safer() EccPoint_compute_public_key() uECC_compute_public_key() pkparse.c tests/suites/test_suite_pkparse.function uECC_make_key_with_d() uECC_make_key() ssl_cli.c ssl_srv.c tests/suites/test_suite_pk.function tests/suites/test_suite_tinycrypt.function uECC_shared_secret() ssl_tls.c tests/suites/test_suite_tinycrypt.function uECC_sign_with_k() uECC_sign() pk.c tests/suites/test_suite_tinycrypt.function Note: in uECC_sign_with_k() a test for uECC_vli_isZero(p) is suppressed because it is redundant with a more thorough test (point validity) done at the end of EccPoint_mult_safer(). This redundancy was introduced in a previous commit but not noticed earlier.
174 lines
4.2 KiB
Plaintext
174 lines
4.2 KiB
Plaintext
/* BEGIN_HEADER */
|
|
#include "mbedtls/pk.h"
|
|
#include "mbedtls/pem.h"
|
|
#include "mbedtls/oid.h"
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_BIGNUM_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
|
|
void pk_parse_keyfile_rsa( char * key_file, char * password, int result )
|
|
{
|
|
mbedtls_pk_context ctx;
|
|
int res;
|
|
char *pwd = password;
|
|
|
|
mbedtls_pk_init( &ctx );
|
|
|
|
if( strcmp( pwd, "NULL" ) == 0 )
|
|
pwd = NULL;
|
|
|
|
res = mbedtls_pk_parse_keyfile( &ctx, key_file, pwd );
|
|
|
|
TEST_ASSERT( res == result );
|
|
|
|
if( res == 0 )
|
|
{
|
|
mbedtls_rsa_context *rsa;
|
|
TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_RSA ) );
|
|
rsa = mbedtls_pk_rsa( ctx );
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( rsa ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_pk_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */
|
|
void pk_parse_public_keyfile_rsa( char * key_file, int result )
|
|
{
|
|
mbedtls_pk_context ctx;
|
|
int res;
|
|
|
|
mbedtls_pk_init( &ctx );
|
|
|
|
res = mbedtls_pk_parse_public_keyfile( &ctx, key_file );
|
|
|
|
TEST_ASSERT( res == result );
|
|
|
|
if( res == 0 )
|
|
{
|
|
mbedtls_rsa_context *rsa;
|
|
TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_RSA ) );
|
|
rsa = mbedtls_pk_rsa( ctx );
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( rsa ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_pk_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
|
|
void pk_parse_public_keyfile_ec( char * key_file, int result )
|
|
{
|
|
#if !defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_USE_TINYCRYPT)
|
|
((void) key_file);
|
|
((void) result);
|
|
#else
|
|
mbedtls_pk_context ctx;
|
|
int res;
|
|
|
|
mbedtls_pk_init( &ctx );
|
|
|
|
res = mbedtls_pk_parse_public_keyfile( &ctx, key_file );
|
|
|
|
TEST_ASSERT( res == result );
|
|
|
|
if( res == 0 )
|
|
{
|
|
#if !defined(MBEDTLS_USE_TINYCRYPT)
|
|
mbedtls_ecp_keypair *eckey;
|
|
#else
|
|
mbedtls_uecc_keypair *uecckey;
|
|
#endif
|
|
TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_ECKEY ) );
|
|
|
|
#if !defined(MBEDTLS_USE_TINYCRYPT)
|
|
eckey = mbedtls_pk_ec( ctx );
|
|
TEST_ASSERT( mbedtls_ecp_check_pubkey( &eckey->grp, &eckey->Q ) == 0 );
|
|
#else
|
|
uecckey = mbedtls_pk_uecc( ctx );
|
|
TEST_ASSERT( uECC_valid_public_key( uecckey->public_key ) == 0 );
|
|
#endif /* MBEDTLS_USE_TINYCRYPT */
|
|
}
|
|
|
|
exit:
|
|
mbedtls_pk_free( &ctx );
|
|
#endif /* !MBEDTLS_ECP_C && !MBEDTLS_USE_TINYCRYPT */
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
|
|
void pk_parse_keyfile_ec( char * key_file, char * password, int result )
|
|
{
|
|
#if !defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_USE_TINYCRYPT)
|
|
((void) key_file);
|
|
((void) password);
|
|
((void) result);
|
|
#else
|
|
mbedtls_pk_context ctx;
|
|
int res;
|
|
|
|
mbedtls_pk_init( &ctx );
|
|
|
|
res = mbedtls_pk_parse_keyfile( &ctx, key_file, password );
|
|
|
|
TEST_ASSERT( res == result );
|
|
|
|
if( res == 0 )
|
|
{
|
|
#if !defined(MBEDTLS_USE_TINYCRYPT)
|
|
mbedtls_ecp_keypair *eckey;
|
|
#else
|
|
mbedtls_uecc_keypair *uecckey;
|
|
unsigned char tmp_pubkey[ 2 * NUM_ECC_BYTES ];
|
|
#endif
|
|
TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_ECKEY ) );
|
|
|
|
#if !defined(MBEDTLS_USE_TINYCRYPT)
|
|
eckey = mbedtls_pk_ec( ctx );
|
|
TEST_ASSERT( mbedtls_ecp_check_privkey( &eckey->grp, &eckey->d ) == 0 );
|
|
#else
|
|
uecckey = mbedtls_pk_uecc( ctx );
|
|
TEST_ASSERT( uECC_valid_public_key( uecckey->public_key ) == 0 );
|
|
TEST_ASSERT( uECC_compute_public_key( uecckey->private_key,
|
|
tmp_pubkey ) == UECC_SUCCESS );
|
|
TEST_ASSERT( memcmp( tmp_pubkey, uecckey->public_key,
|
|
sizeof( tmp_pubkey ) ) == 0 );
|
|
#endif /* MBEDTLS_USE_TINYCRYPT */
|
|
}
|
|
|
|
exit:
|
|
mbedtls_pk_free( &ctx );
|
|
#endif /* !MBEDTLS_ECP_C && !MBEDTLS_USE_TINYCRYPT */
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
|
|
void pk_parse_key( data_t * buf, char * result_str, int result )
|
|
{
|
|
mbedtls_pk_context pk;
|
|
unsigned char output[2000];
|
|
((void) result_str);
|
|
|
|
mbedtls_pk_init( &pk );
|
|
|
|
memset( output, 0, 2000 );
|
|
|
|
|
|
TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0 ) == ( result ) );
|
|
if( ( result ) == 0 )
|
|
{
|
|
TEST_ASSERT( 1 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_pk_free( &pk );
|
|
}
|
|
/* END_CASE */
|