1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15
16 /* BEGIN_HEADER */
17 #include "bsl_sal.h"
18 #include "crypt_errno.h"
19 #include "crypt_eal_pkey.h"
20 #include "crypt_util_rand.h"
21 #include "eal_pkey_local.h"
22 #include "securec.h"
23 /* END_HEADER */
24
25 static uint8_t gKyberRandBuf[3][32] = { 0 };
26 uint32_t gKyberRandNum = 0;
TEST_KyberRandom(uint8_t * randNum,uint32_t randLen)27 static int32_t TEST_KyberRandom(uint8_t *randNum, uint32_t randLen)
28 {
29 memcpy_s(randNum, randLen, gKyberRandBuf[gKyberRandNum], 32);
30 gKyberRandNum++;
31 return 0;
32 }
33
TEST_KyberRandomEx(void * libCtx,uint8_t * randNum,uint32_t randLen)34 static int32_t TEST_KyberRandomEx(void *libCtx, uint8_t *randNum, uint32_t randLen)
35 {
36 (void)libCtx;
37 return TEST_KyberRandom(randNum, randLen);
38 }
39
40 /* @
41 * @test SDV_CRYPTO_MLKEM_CTRL_API_TC001
42 * @spec -
43 * @title CRYPT_EAL_PkeyCtrl test
44 * @precon nan
45 * @brief 1. creat context
46 * 2.invoke CRYPT_EAL_PkeyCtrl to transfer various exception parameters.
47 * 3.call CRYPT_EAL_PkeyCtrl repeatedly to set the key information.
48 * @expect 1.success 2.returned as expected 3.cannot be set repeatedly.
49 * @prior nan
50 * @auto FALSE
51 @ */
52 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_CTRL_API_TC001(int bits)53 void SDV_CRYPTO_MLKEM_CTRL_API_TC001(int bits)
54 {
55 TestMemInit();
56 CRYPT_RandRegist(TestSimpleRand);
57
58 CRYPT_EAL_PkeyCtx *ctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ML_KEM);
59 uint32_t val = (uint32_t)bits;
60 int ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_SET_PARA_BY_ID + 100, &val, sizeof(val));
61 ASSERT_EQ(ret, CRYPT_MLKEM_CTRL_NOT_SUPPORT);
62
63 ret = CRYPT_EAL_PkeyCtrl(NULL, CRYPT_CTRL_SET_PARA_BY_ID, &val, sizeof(val));
64 ASSERT_EQ(ret, CRYPT_NULL_INPUT);
65
66 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_SET_PARA_BY_ID, NULL, sizeof(val));
67 ASSERT_EQ(ret, CRYPT_NULL_INPUT);
68
69 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_SET_PARA_BY_ID, &val, sizeof(val) - 1);
70 ASSERT_EQ(ret, CRYPT_INVALID_ARG);
71
72 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_SET_PARA_BY_ID, &val, sizeof(val));
73 ASSERT_EQ(ret, CRYPT_SUCCESS);
74
75 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_SET_PARA_BY_ID, &val, sizeof(val));
76 ASSERT_EQ(ret, CRYPT_MLKEM_CTRL_INIT_REPEATED);
77 EXIT:
78 CRYPT_EAL_PkeyFreeCtx(ctx);
79 CRYPT_RandRegist(NULL);
80 return;
81 }
82 /* END_CASE */
83
84 /* @
85 * @test SDV_CRYPTO_MLKEM_KEYGEN_API_TC001
86 * @spec -
87 * @title CRYPT_EAL_PkeyGen test
88 * @precon nan
89 * @brief 1.register a random number and create a context.
90 * 2.invoke CRYPT_EAL_PkeyGen and transfer various parameters.
91 * 3.check the return value.
92 * @expect 1.success 2.success 3.the returned value is the same as expected.
93 * @prior nan
94 * @auto FALSE
95 @ */
96 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_KEYGEN_API_TC001(int bits)97 void SDV_CRYPTO_MLKEM_KEYGEN_API_TC001(int bits)
98 {
99 TestMemInit();
100 CRYPT_EAL_PkeyCtx *ctx = NULL;
101 #ifdef HITLS_CRYPTO_PROVIDER
102 ctx = CRYPT_EAL_ProviderPkeyNewCtx(NULL, CRYPT_PKEY_ML_KEM, CRYPT_EAL_PKEY_KEM_OPERATE, "provider=default");
103 #else
104 ctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ML_KEM);
105 #endif
106 ASSERT_TRUE(ctx != NULL);
107
108 int32_t ret = CRYPT_EAL_PkeyGen(ctx);
109 ASSERT_EQ(ret, CRYPT_MLKEM_KEYINFO_NOT_SET);
110
111 uint32_t val = (uint32_t)bits;
112 ret = CRYPT_EAL_PkeySetParaById(ctx, val);
113 ASSERT_EQ(ret, CRYPT_SUCCESS);
114 ret = CRYPT_EAL_PkeyEncapsInit(ctx, NULL);
115 ASSERT_EQ(ret, CRYPT_SUCCESS);
116
117 ret = CRYPT_EAL_PkeyGen(ctx);
118 ASSERT_EQ(ret, CRYPT_NO_REGIST_RAND);
119
120 CRYPT_RandRegist(TestSimpleRand);
121 CRYPT_RandRegistEx(TestSimpleRandEx);
122 ret = CRYPT_EAL_PkeyGen(ctx);
123 ASSERT_EQ(ret, CRYPT_SUCCESS);
124
125 ret = CRYPT_EAL_PkeyGen(ctx);
126 ASSERT_EQ(ret, CRYPT_SUCCESS);
127 EXIT:
128 CRYPT_EAL_PkeyFreeCtx(ctx);
129 CRYPT_RandRegist(NULL);
130 CRYPT_RandRegistEx(NULL);
131 return;
132 }
133 /* END_CASE */
134
135 /* Use default random numbers for end-to-end testing */
136 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_KEYGEN_API_TC002(int bits)137 void SDV_CRYPTO_MLKEM_KEYGEN_API_TC002(int bits)
138 {
139 TestMemInit();
140 TestRandInit();
141 CRYPT_EAL_PkeyCtx *ctx = NULL;
142 #ifdef HITLS_CRYPTO_PROVIDER
143 ctx = CRYPT_EAL_ProviderPkeyNewCtx(NULL, CRYPT_PKEY_ML_KEM, CRYPT_EAL_PKEY_KEM_OPERATE, "provider=default");
144 #else
145 ctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ML_KEM);
146 #endif
147 ASSERT_TRUE(ctx != NULL);
148
149 uint32_t val = (uint32_t)bits;
150 int32_t ret = CRYPT_EAL_PkeySetParaById(ctx, val);
151 ASSERT_EQ(ret, CRYPT_SUCCESS);
152 ret = CRYPT_EAL_PkeyEncapsInit(ctx, NULL);
153 ASSERT_EQ(ret, CRYPT_SUCCESS);
154
155 ret = CRYPT_EAL_PkeyGen(ctx);
156 ASSERT_EQ(ret, CRYPT_SUCCESS);
157
158 ret = CRYPT_EAL_PkeyGen(ctx);
159 ASSERT_EQ(ret, CRYPT_SUCCESS);
160 EXIT:
161 CRYPT_EAL_PkeyFreeCtx(ctx);
162 TestRandDeInit();
163 return;
164 }
165 /* END_CASE */
166
167 /* @
168 * @test SDV_CRYPTO_MLKEM_ENCAPS_API_TC001
169 * @spec -
170 * @title CRYPT_EAL_PkeyEncaps test
171 * @precon nan
172 * @brief 1.register a random number and generate a context and key pair.
173 * 2.call CRYPT_EAL_PkeyEncaps to transfer abnormal values.
174 * 3. check the return value.
175 * @expect 1.success 2.success 3.the returned value is the same as expected.
176 * @prior nan
177 * @auto FALSE
178 @ */
179 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_ENCAPS_API_TC001(int bits)180 void SDV_CRYPTO_MLKEM_ENCAPS_API_TC001(int bits)
181 {
182 TestMemInit();
183
184 TestRandInit();
185 CRYPT_EAL_PkeyCtx *ctx = NULL;
186 #ifdef HITLS_CRYPTO_PROVIDER
187 ctx = CRYPT_EAL_ProviderPkeyNewCtx(NULL, CRYPT_PKEY_ML_KEM, CRYPT_EAL_PKEY_KEM_OPERATE, "provider=default");
188 #else
189 ctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ML_KEM);
190 #endif
191 ASSERT_TRUE(ctx != NULL);
192
193 uint32_t val = (uint32_t)bits;
194 int32_t ret = CRYPT_EAL_PkeySetParaById(ctx, val);
195 ASSERT_EQ(ret, CRYPT_SUCCESS);
196 ret = CRYPT_EAL_PkeyEncapsInit(ctx, NULL);
197 ASSERT_EQ(ret, CRYPT_SUCCESS);
198
199 uint32_t cipherLen = 0;
200 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_CIPHERTEXT_LEN, &cipherLen, sizeof(cipherLen));
201 ASSERT_EQ(ret, CRYPT_SUCCESS);
202 uint8_t *ciphertext = BSL_SAL_Malloc(cipherLen);
203 uint32_t sharedLen = 32;
204 uint8_t *sharedKey = BSL_SAL_Malloc(sharedLen);
205
206 ret = CRYPT_EAL_PkeyGen(ctx);
207 ASSERT_EQ(ret, CRYPT_SUCCESS);
208
209 ret = CRYPT_EAL_PkeyEncaps(NULL, ciphertext, &cipherLen, sharedKey, &sharedLen);
210 ASSERT_EQ(ret, CRYPT_NULL_INPUT);
211 ret = CRYPT_EAL_PkeyEncaps(ctx, NULL, &cipherLen, sharedKey, &sharedLen);
212 ASSERT_EQ(ret, CRYPT_NULL_INPUT);
213 ret = CRYPT_EAL_PkeyEncaps(ctx, ciphertext, NULL, sharedKey, &sharedLen);
214 ASSERT_EQ(ret, CRYPT_NULL_INPUT);
215 ret = CRYPT_EAL_PkeyEncaps(ctx, ciphertext, &cipherLen, NULL, &sharedLen);
216 ASSERT_EQ(ret, CRYPT_NULL_INPUT);
217 ret = CRYPT_EAL_PkeyEncaps(ctx, ciphertext, &cipherLen, sharedKey, NULL);
218 ASSERT_EQ(ret, CRYPT_NULL_INPUT);
219
220 cipherLen = cipherLen - 1;
221 ret = CRYPT_EAL_PkeyEncaps(ctx, ciphertext, &cipherLen, sharedKey, &sharedLen);
222 ASSERT_EQ(ret, CRYPT_MLKEM_LEN_NOT_ENOUGH);
223 cipherLen = cipherLen + 1;
224
225 sharedLen = sharedLen - 1;
226 ret = CRYPT_EAL_PkeyEncaps(ctx, ciphertext, &cipherLen, sharedKey, &sharedLen);
227 ASSERT_EQ(ret, CRYPT_MLKEM_LEN_NOT_ENOUGH);
228 sharedLen = sharedLen + 1;
229
230 ret = CRYPT_EAL_PkeyEncaps(ctx, ciphertext, &cipherLen, sharedKey, &sharedLen);
231 ASSERT_EQ(ret, CRYPT_SUCCESS);
232 EXIT:
233 CRYPT_EAL_PkeyFreeCtx(ctx);
234 BSL_SAL_Free(ciphertext);
235 BSL_SAL_Free(sharedKey);
236 TestRandDeInit();
237 return;
238 }
239 /* END_CASE */
240
241 /* @
242 * @test SDV_CRYPTO_MLKEM_DECAPS_API_TC001
243 * @spec -
244 * @title CRYPT_EAL_PkeyEncaps test
245 * @precon nan
246 * @brief 1.register a random number and generate a context and key pair.
247 * 2.call CRYPT_EAL_PkeyDecaps to transfer various abnormal values.
248 * 3.check return value
249 * @expect 1.success 2.success 3.the returned value is the same as expected.
250 * @prior nan
251 * @auto FALSE
252 @ */
253 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_DECAPS_API_TC001(int bits)254 void SDV_CRYPTO_MLKEM_DECAPS_API_TC001(int bits)
255 {
256 TestMemInit();
257
258 TestRandInit();
259 CRYPT_EAL_PkeyCtx *ctx = NULL;
260 #ifdef HITLS_CRYPTO_PROVIDER
261 ctx = CRYPT_EAL_ProviderPkeyNewCtx(NULL, CRYPT_PKEY_ML_KEM, CRYPT_EAL_PKEY_KEM_OPERATE, "provider=default");
262 #else
263 ctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ML_KEM);
264 #endif
265 ASSERT_TRUE(ctx != NULL);
266
267 uint32_t val = (uint32_t)bits;
268 int32_t ret = CRYPT_EAL_PkeySetParaById(ctx, val);
269 ASSERT_EQ(ret, CRYPT_SUCCESS);
270 ret = CRYPT_EAL_PkeyDecapsInit(ctx, NULL);
271 ASSERT_EQ(ret, CRYPT_SUCCESS);
272
273 uint32_t cipherLen = 0;
274 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_CIPHERTEXT_LEN, &cipherLen, sizeof(cipherLen));
275 ASSERT_EQ(ret, CRYPT_SUCCESS);
276 uint8_t *ciphertext = BSL_SAL_Malloc(cipherLen);
277 uint32_t sharedLen = 32;
278 uint8_t *sharedKey = BSL_SAL_Malloc(sharedLen);
279
280 ret = CRYPT_EAL_PkeyGen(ctx);
281 ASSERT_EQ(ret, CRYPT_SUCCESS);
282
283 ret = CRYPT_EAL_PkeyEncaps(ctx, ciphertext, &cipherLen, sharedKey, &sharedLen);
284 ASSERT_EQ(ret, CRYPT_SUCCESS);
285
286 ret = CRYPT_EAL_PkeyDecaps(NULL, ciphertext, cipherLen, sharedKey, &sharedLen);
287 ASSERT_EQ(ret, CRYPT_NULL_INPUT);
288 ret = CRYPT_EAL_PkeyDecaps(ctx, NULL, cipherLen, sharedKey, &sharedLen);
289 ASSERT_EQ(ret, CRYPT_NULL_INPUT);
290 ret = CRYPT_EAL_PkeyDecaps(ctx, ciphertext, cipherLen, NULL, &sharedLen);
291 ASSERT_EQ(ret, CRYPT_NULL_INPUT);
292 ret = CRYPT_EAL_PkeyDecaps(ctx, ciphertext, cipherLen, sharedKey, NULL);
293 ASSERT_EQ(ret, CRYPT_NULL_INPUT);
294
295 cipherLen = cipherLen - 1;
296 ret = CRYPT_EAL_PkeyDecaps(ctx, ciphertext, cipherLen, sharedKey, &sharedLen);
297 ASSERT_EQ(ret, CRYPT_MLKEM_LEN_NOT_ENOUGH);
298 cipherLen = cipherLen + 1;
299
300 sharedLen = sharedLen - 1;
301 ret = CRYPT_EAL_PkeyDecaps(ctx, ciphertext, cipherLen, sharedKey, &sharedLen);
302 ASSERT_EQ(ret, CRYPT_MLKEM_LEN_NOT_ENOUGH);
303 sharedLen = sharedLen + 1;
304
305 ret = CRYPT_EAL_PkeyDecaps(ctx, ciphertext, cipherLen, sharedKey, &sharedLen);
306 ASSERT_EQ(ret, CRYPT_SUCCESS);
307 EXIT:
308 CRYPT_EAL_PkeyFreeCtx(ctx);
309 BSL_SAL_Free(ciphertext);
310 BSL_SAL_Free(sharedKey);
311 TestRandDeInit();
312 return;
313 }
314 /* END_CASE */
315
316 /* @
317 * @test SDV_CRYPTO_MLKEM_SETPUB_API_TC002
318 * @spec -
319 * @title CRYPT_EAL_PkeySetPub and CRYPT_EAL_PkeyGetPub
320 * @precon nan
321 * @brief 1.register a random number and create a context.
322 * 2.call CRYPT_EAL_PkeySetPub and CRYPT_EAL_PkeyGetPub and transfer various parameters.
323 * 3.check return value
324 * @expect 1.success 2.success 3.the returned value is the same as expected.
325 * @prior nan
326 * @auto FALSE
327 @ */
328 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_SETPUB_API_TC002(int bits,Hex * testEK)329 void SDV_CRYPTO_MLKEM_SETPUB_API_TC002(int bits, Hex *testEK)
330 {
331 TestMemInit();
332 CRYPT_RandRegist(TestSimpleRand);
333
334 CRYPT_EAL_PkeyCtx *ctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ML_KEM);
335 uint32_t val = (uint32_t)bits;
336 int ret = CRYPT_EAL_PkeySetParaById(ctx, val);
337 ASSERT_EQ(ret, CRYPT_SUCCESS);
338 ret = CRYPT_EAL_PkeyEncapsInit(ctx, NULL);
339 ASSERT_EQ(ret, CRYPT_SUCCESS);
340
341 uint32_t encapsKeyLen = 0;
342 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PUBKEY_LEN, &encapsKeyLen, sizeof(encapsKeyLen));
343 ASSERT_EQ(ret, CRYPT_SUCCESS);
344
345 CRYPT_EAL_PkeyPub ek = { 0 };
346 ASSERT_EQ(CRYPT_EAL_PkeySetPub(ctx, &ek), CRYPT_EAL_ERR_ALGID);
347
348 ek.id = CRYPT_PKEY_ML_KEM;
349 ASSERT_EQ(CRYPT_EAL_PkeySetPub(ctx, &ek), CRYPT_NULL_INPUT);
350
351 ek.key.kemEk.data = BSL_SAL_Malloc(encapsKeyLen);
352 (void)memcpy_s(ek.key.kemEk.data, encapsKeyLen, testEK->x, testEK->len);
353 ek.key.kemEk.len = encapsKeyLen - 1;
354 ASSERT_EQ(CRYPT_EAL_PkeySetPub(ctx, &ek), CRYPT_MLKEM_KEYLEN_ERROR);
355
356 ek.key.kemEk.len = encapsKeyLen;
357 ASSERT_EQ(CRYPT_EAL_PkeyGetPub(ctx, &ek), CRYPT_MLKEM_KEY_NOT_SET);
358
359 ASSERT_EQ(CRYPT_EAL_PkeySetPub(ctx, &ek), CRYPT_SUCCESS);
360 (void)memset_s(ek.key.kemEk.data, encapsKeyLen, 0, encapsKeyLen);
361
362 ek.key.kemEk.len = encapsKeyLen - 1;
363 ASSERT_EQ(CRYPT_EAL_PkeyGetPub(ctx, &ek), CRYPT_MLKEM_KEYLEN_ERROR);
364 ek.key.kemEk.len = encapsKeyLen + 1;
365 ASSERT_EQ(CRYPT_EAL_PkeyGetPub(ctx, &ek), CRYPT_SUCCESS);
366 ASSERT_COMPARE("compare ek", ek.key.kemEk.data, ek.key.kemEk.len, testEK->x, testEK->len);
367 EXIT:
368 CRYPT_EAL_PkeyFreeCtx(ctx);
369 BSL_SAL_Free(ek.key.kemEk.data);
370 CRYPT_RandRegist(NULL);
371 return;
372 }
373 /* END_CASE */
374
375 /* @
376 * @test SDV_CRYPTO_MLKEM_SETPRV_API_TC002
377 * @spec -
378 * @title CRYPT_EAL_PkeySetPrv and CRYPT_EAL_PkeyGetPrv
379 * @precon nan
380 * @brief 1.register a random number and create a context.
381 * 2.call CRYPT_EAL_PkeySetPrv and CRYPT_EAL_PkeyGetPrv and transfer various parameters.
382 * 3.check return value
383 * @expect 1.success 2.success 3.the returned value is the same as expected.
384 * @prior nan
385 * @auto FALSE
386 @ */
387 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_SETPRV_API_TC002(int bits,Hex * testDK)388 void SDV_CRYPTO_MLKEM_SETPRV_API_TC002(int bits, Hex *testDK)
389 {
390 TestMemInit();
391 CRYPT_RandRegist(TestSimpleRand);
392
393 CRYPT_EAL_PkeyCtx *ctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ML_KEM);
394 uint32_t val = (uint32_t)bits;
395 int ret = CRYPT_EAL_PkeySetParaById(ctx, val);
396 ASSERT_EQ(ret, CRYPT_SUCCESS);
397 ret = CRYPT_EAL_PkeyEncapsInit(ctx, NULL);
398 ASSERT_EQ(ret, CRYPT_SUCCESS);
399
400 uint32_t decapsKeyLen = 0;
401 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PRVKEY_LEN, &decapsKeyLen, sizeof(decapsKeyLen));
402 ASSERT_EQ(ret, CRYPT_SUCCESS);
403
404 CRYPT_EAL_PkeyPrv dk = { 0 };
405 ASSERT_EQ(CRYPT_EAL_PkeySetPrv(ctx, &dk), CRYPT_EAL_ERR_ALGID);
406
407 dk.id = CRYPT_PKEY_ML_KEM;
408 ASSERT_EQ(CRYPT_EAL_PkeySetPrv(ctx, &dk), CRYPT_NULL_INPUT);
409
410 dk.key.kemDk.data = BSL_SAL_Malloc(decapsKeyLen);
411 (void)memcpy_s(dk.key.kemDk.data, decapsKeyLen, testDK->x, testDK->len);
412 dk.key.kemDk.len = decapsKeyLen - 1;
413 ASSERT_EQ(CRYPT_EAL_PkeySetPrv(ctx, &dk), CRYPT_MLKEM_KEYLEN_ERROR);
414
415 dk.key.kemDk.len = decapsKeyLen;
416 ASSERT_EQ(CRYPT_EAL_PkeyGetPrv(ctx, &dk), CRYPT_MLKEM_KEY_NOT_SET);
417
418 ASSERT_EQ(CRYPT_EAL_PkeySetPrv(ctx, &dk), CRYPT_SUCCESS);
419 (void)memset_s(dk.key.kemDk.data, decapsKeyLen, 0, decapsKeyLen);
420
421 dk.key.kemDk.len = decapsKeyLen - 1;
422 ASSERT_EQ(CRYPT_EAL_PkeyGetPrv(ctx, &dk), CRYPT_MLKEM_KEYLEN_ERROR);
423 dk.key.kemDk.len = decapsKeyLen;
424 ASSERT_EQ(CRYPT_EAL_PkeyGetPrv(ctx, &dk), CRYPT_SUCCESS);
425 ASSERT_COMPARE("compare de", dk.key.kemDk.data, dk.key.kemDk.len, testDK->x, testDK->len);
426 EXIT:
427 CRYPT_EAL_PkeyFreeCtx(ctx);
428 BSL_SAL_Free(dk.key.kemDk.data);
429 CRYPT_RandRegist(NULL);
430 return;
431 }
432 /* END_CASE */
433
434
435 /* @
436 * @test SDV_CRYPTO_MLKEM_KEYCMP_FUNC_TC001
437 * @spec -
438 * @title Context Comparison and Copy Test
439 * @precon nan
440 * @brief 1.Registers a random number that returns the specified value.
441 * 2. Call CRYPT_EAL_PkeyGen to generate a key pair. The first two groups of random numbers are the same,
442 * and the third group of random numbers is different.
443 * 3. Call CRYPT_EAL_PkeyCopyCtx to copy the key pair.
444 * 4. Invoke CRYPT_EAL_PkeyCmp to compare key pairs.
445 * @expect 1.success 2.success 3.success 4.the returned value is the same as expected.
446 * @prior nan
447 * @auto FALSE
448 @ */
449 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_KEYCMP_FUNC_TC001(int bits,Hex * r0,Hex * r1,Hex * r2,int isProvider)450 void SDV_CRYPTO_MLKEM_KEYCMP_FUNC_TC001(int bits, Hex *r0, Hex *r1, Hex *r2, int isProvider)
451 {
452 TestMemInit();
453 gKyberRandNum = 0;
454 memcpy_s(gKyberRandBuf[0], 32, r0->x, r0->len);
455 memcpy_s(gKyberRandBuf[1], 32, r1->x, r1->len);
456 memcpy_s(gKyberRandBuf[2], 32, r2->x, r2->len);
457 CRYPT_RandRegist(TEST_KyberRandom);
458 CRYPT_RandRegistEx(TEST_KyberRandomEx);
459
460 CRYPT_EAL_PkeyCtx *ctx = TestPkeyNewCtx(NULL, CRYPT_PKEY_ML_KEM, CRYPT_EAL_PKEY_KEM_OPERATE,
461 "provider=default", isProvider);
462 ASSERT_NE(ctx, NULL);
463 uint32_t val = (uint32_t)bits;
464 ASSERT_EQ(CRYPT_EAL_PkeySetParaById(ctx, val), CRYPT_SUCCESS);
465 ASSERT_EQ(CRYPT_EAL_PkeyEncapsInit(ctx, NULL), CRYPT_SUCCESS);
466
467 ASSERT_EQ(CRYPT_EAL_PkeyGen(ctx), CRYPT_SUCCESS);
468 ASSERT_EQ(CRYPT_EAL_PkeyCmp(ctx, NULL), CRYPT_NULL_INPUT);
469 gKyberRandNum = 0;
470
471 CRYPT_EAL_PkeyCtx *ctx2 = TestPkeyNewCtx(NULL, CRYPT_PKEY_ML_KEM, CRYPT_EAL_PKEY_KEM_OPERATE,
472 "provider=default", isProvider);
473 ASSERT_NE(ctx2, NULL);
474 ASSERT_EQ(CRYPT_EAL_PkeyCmp(ctx, ctx2), CRYPT_MLKEM_KEY_NOT_EQUAL);
475 val = (uint32_t)bits;
476 ASSERT_EQ(CRYPT_EAL_PkeySetParaById(ctx2, val), CRYPT_SUCCESS);
477 ASSERT_EQ(CRYPT_EAL_PkeyCmp(ctx, ctx2), CRYPT_MLKEM_KEY_NOT_EQUAL);
478 ASSERT_EQ(CRYPT_EAL_PkeyEncapsInit(ctx2, NULL), CRYPT_SUCCESS);
479 ASSERT_EQ(CRYPT_EAL_PkeyCmp(ctx, ctx2), CRYPT_MLKEM_KEY_NOT_EQUAL);
480 ASSERT_EQ(CRYPT_EAL_PkeyGen(ctx2), CRYPT_SUCCESS);
481 ASSERT_EQ(CRYPT_EAL_PkeyCmp(ctx, ctx2), CRYPT_SUCCESS);
482
483 gKyberRandNum = 1;
484 CRYPT_EAL_PkeyCtx *ctx3 = TestPkeyNewCtx(NULL, CRYPT_PKEY_ML_KEM, CRYPT_EAL_PKEY_KEM_OPERATE,
485 "provider=default", isProvider);
486 ASSERT_NE(ctx3, NULL);
487 val = (uint32_t)bits;
488 ASSERT_EQ(CRYPT_EAL_PkeySetParaById(ctx3, val), CRYPT_SUCCESS);
489 ASSERT_EQ(CRYPT_EAL_PkeyEncapsInit(ctx3, NULL), CRYPT_SUCCESS);
490 ASSERT_EQ(CRYPT_EAL_PkeyGen(ctx3), CRYPT_SUCCESS);
491 ASSERT_EQ(CRYPT_EAL_PkeyCmp(ctx, ctx3), CRYPT_MLKEM_KEY_NOT_EQUAL);
492
493 CRYPT_EAL_PkeyCtx *ctx4 = BSL_SAL_Calloc(1u, sizeof(CRYPT_EAL_PkeyCtx));
494 ASSERT_EQ(CRYPT_EAL_PkeyCopyCtx(ctx4, ctx), CRYPT_SUCCESS);
495 ASSERT_EQ(CRYPT_EAL_PkeyCmp(ctx, ctx4), CRYPT_SUCCESS);
496
497 CRYPT_EAL_PkeyCtx *ctx5 = CRYPT_EAL_PkeyDupCtx(ctx);
498 ASSERT_TRUE(ctx5 != NULL);
499 ASSERT_EQ(CRYPT_EAL_PkeyCmp(ctx, ctx5), CRYPT_SUCCESS);
500 EXIT:
501 CRYPT_EAL_PkeyFreeCtx(ctx);
502 CRYPT_EAL_PkeyFreeCtx(ctx2);
503 CRYPT_EAL_PkeyFreeCtx(ctx3);
504 CRYPT_EAL_PkeyFreeCtx(ctx4);
505 CRYPT_EAL_PkeyFreeCtx(ctx5);
506 CRYPT_RandRegist(NULL);
507 CRYPT_RandRegistEx(NULL);
508 return;
509 }
510 /* END_CASE */
511
512 /* @
513 * @test SDV_CRYPTO_MLKEM_KEYGEN_FUNC_TC001
514 * @spec -
515 * @title Generating a Key Pair
516 * @precon nan
517 * @brief
518 * 1. Register a random number and return the specified random number of the test vector.
519 * 2. Call CRYPT_EAL_PkeyGen to generate a key pair.
520 * 3. Compare key pairs and test vectors.
521 * @expect
522 * 1. success
523 * 2. success
524 * 3. the key pair is the same as the test vector.
525 * @prior nan
526 * @auto FALSE
527 @ */
528 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_KEYGEN_FUNC_TC001(int bits,Hex * z,Hex * d,Hex * testEK,Hex * testDK,int isProvider)529 void SDV_CRYPTO_MLKEM_KEYGEN_FUNC_TC001(int bits, Hex *z, Hex *d, Hex *testEK, Hex *testDK, int isProvider)
530 {
531 TestMemInit();
532 gKyberRandNum = 0;
533 memcpy_s(gKyberRandBuf[0], 32, d->x, d->len);
534 memcpy_s(gKyberRandBuf[1], 32, z->x, z->len);
535 CRYPT_RandRegist(TEST_KyberRandom);
536 CRYPT_RandRegistEx(TEST_KyberRandomEx);
537
538 CRYPT_EAL_PkeyCtx *ctx = TestPkeyNewCtx(NULL, CRYPT_PKEY_ML_KEM, CRYPT_EAL_PKEY_KEM_OPERATE,
539 "provider=default", isProvider);
540
541 ASSERT_NE(ctx, NULL);
542 uint32_t val = (uint32_t)bits;
543 ASSERT_EQ(CRYPT_EAL_PkeySetParaById(ctx, val), CRYPT_SUCCESS);
544 ASSERT_EQ(CRYPT_EAL_PkeyEncapsInit(ctx, NULL), CRYPT_SUCCESS);
545
546 uint32_t encapsKeyLen = 0;
547 ASSERT_EQ(CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PUBKEY_LEN, &encapsKeyLen, sizeof(encapsKeyLen)), CRYPT_SUCCESS);
548
549 uint32_t decapsKeyLen = 0;
550 ASSERT_EQ(CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PRVKEY_LEN, &decapsKeyLen, sizeof(decapsKeyLen)), CRYPT_SUCCESS);
551
552 CRYPT_EAL_PkeyPub ek = { 0 };
553 ek.id = CRYPT_PKEY_ML_KEM;
554 ek.key.kemEk.len = encapsKeyLen;
555 ek.key.kemEk.data = BSL_SAL_Malloc(encapsKeyLen);
556
557 CRYPT_EAL_PkeyPrv dk = { 0 };
558 dk.id = CRYPT_PKEY_ML_KEM;
559 dk.key.kemDk.len = decapsKeyLen;
560 dk.key.kemDk.data = BSL_SAL_Malloc(decapsKeyLen);
561
562 ASSERT_EQ(CRYPT_EAL_PkeyGen(ctx), CRYPT_SUCCESS);
563 ASSERT_EQ(CRYPT_EAL_PkeyGetPub(ctx, &ek), CRYPT_SUCCESS);
564 ASSERT_EQ(CRYPT_EAL_PkeyGetPrv(ctx, &dk), CRYPT_SUCCESS);
565 ASSERT_COMPARE("compare ek", ek.key.kemEk.data, ek.key.kemEk.len, testEK->x, testEK->len);
566 ASSERT_COMPARE("compare dk", dk.key.kemDk.data, dk.key.kemDk.len, testDK->x, testDK->len);
567 EXIT:
568 BSL_SAL_Free(ek.key.kemEk.data);
569 BSL_SAL_Free(dk.key.kemDk.data);
570 CRYPT_EAL_PkeyFreeCtx(ctx);
571 CRYPT_RandRegist(NULL);
572 CRYPT_RandRegistEx(NULL);
573 return;
574 }
575 /* END_CASE */
576
577 /* @
578 * @test SDV_CRYPTO_MLKEM_ENCAPS_DECAPS_FUNC_TC001
579 * @spec -
580 * @title Vector test for generating ciphertext, shared key, and decapsulation
581 * @precon nan
582 * @brief
583 * 1. Register a random number and return the specified random number of the test vector.
584 * 2. Call CRYPT_EAL_PkeyEncaps to generate the ciphertext and shared key.
585 * 3. Compare the ciphertext and shared key with the test vector.
586 * 4. Call CRYPT_EAL_PkeyDecaps to generate a shared key.
587 * 5. Compare the shared key with the test vector.
588 * @expect 1. Success 2. Success 3. The generation result is the same as expected 4. Success
589 * 5. The generation result is the same as expected
590 * @prior nan
591 * @auto FALSE
592 @ */
593 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_ENCAPS_DECAPS_FUNC_TC001(int bits,Hex * m,Hex * testEK,Hex * testDK,Hex * testCT,Hex * testSK,int isProvider)594 void SDV_CRYPTO_MLKEM_ENCAPS_DECAPS_FUNC_TC001(int bits, Hex *m, Hex *testEK, Hex *testDK, Hex *testCT, Hex *testSK, int isProvider)
595 {
596 TestMemInit();
597 gKyberRandNum = 0;
598 memcpy_s(gKyberRandBuf[0], 32, m->x, m->len);
599 CRYPT_RandRegist(TEST_KyberRandom);
600 CRYPT_RandRegistEx(TEST_KyberRandomEx);
601
602 CRYPT_EAL_PkeyCtx *ctx = TestPkeyNewCtx(NULL, CRYPT_PKEY_ML_KEM, CRYPT_EAL_PKEY_KEM_OPERATE,
603 "provider=default", isProvider);
604
605 ASSERT_NE(ctx, NULL);
606 uint32_t val = (uint32_t)bits;
607 ASSERT_EQ(CRYPT_EAL_PkeySetParaById(ctx, val), CRYPT_SUCCESS);
608 ASSERT_EQ(CRYPT_EAL_PkeyEncapsInit(ctx, NULL), CRYPT_SUCCESS);
609
610 uint32_t encapsKeyLen = 0;
611 ASSERT_EQ(CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PUBKEY_LEN, &encapsKeyLen, sizeof(encapsKeyLen)), CRYPT_SUCCESS);
612
613 uint32_t decapsKeyLen = 0;
614 ASSERT_EQ(CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PRVKEY_LEN, &decapsKeyLen, sizeof(decapsKeyLen)), CRYPT_SUCCESS);
615
616 uint32_t cipherLen = 0;
617 ASSERT_EQ(CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_CIPHERTEXT_LEN, &cipherLen, sizeof(cipherLen)), CRYPT_SUCCESS);
618
619 CRYPT_EAL_PkeyPub ek = { 0 };
620 ek.id = CRYPT_PKEY_ML_KEM;
621 ek.key.kemEk.len = encapsKeyLen;
622 ek.key.kemEk.data = BSL_SAL_Malloc(encapsKeyLen);
623 (void)memcpy_s(ek.key.kemEk.data, ek.key.kemEk.len, testEK->x, testEK->len);
624
625 CRYPT_EAL_PkeyPrv dk = { 0 };
626 dk.id = CRYPT_PKEY_ML_KEM;
627 dk.key.kemDk.len = decapsKeyLen;
628 dk.key.kemDk.data = BSL_SAL_Malloc(decapsKeyLen);
629 (void)memcpy_s(dk.key.kemDk.data, dk.key.kemDk.len, testDK->x, testDK->len);
630
631 uint8_t *ciphertext = BSL_SAL_Malloc(cipherLen);
632 uint32_t sharedLen = 32;
633 uint8_t *sharedKey = BSL_SAL_Malloc(sharedLen);
634
635 uint32_t decSharedLen = 32;
636 uint8_t *decSharedKey = BSL_SAL_Malloc(decSharedLen);
637
638 ASSERT_EQ(CRYPT_EAL_PkeySetPub(ctx, &ek), CRYPT_SUCCESS);
639 ASSERT_EQ(CRYPT_EAL_PkeyEncaps(ctx, ciphertext, &cipherLen, sharedKey, &sharedLen), CRYPT_SUCCESS);
640 ASSERT_COMPARE("compare ct", ciphertext, cipherLen, testCT->x, testCT->len);
641 ASSERT_COMPARE("compare sk", sharedKey, sharedLen, testSK->x, testSK->len);
642
643 ASSERT_EQ(CRYPT_EAL_PkeySetPrv(ctx, &dk), CRYPT_SUCCESS);
644 ASSERT_EQ(CRYPT_EAL_PkeyDecaps(ctx, testCT->x, testCT->len, decSharedKey, &decSharedLen), CRYPT_SUCCESS);
645 ASSERT_COMPARE("compare dec sk", decSharedKey, decSharedLen, testSK->x, testSK->len);
646 EXIT:
647 BSL_SAL_Free(ek.key.kemEk.data);
648 BSL_SAL_Free(dk.key.kemDk.data);
649 BSL_SAL_Free(ciphertext);
650 BSL_SAL_Free(sharedKey);
651 BSL_SAL_Free(decSharedKey);
652 CRYPT_EAL_PkeyFreeCtx(ctx);
653 CRYPT_RandRegist(NULL);
654 CRYPT_RandRegistEx(NULL);
655 return;
656 }
657 /* END_CASE */
658
659 /* @
660 * @test SDV_CRYPTO_MLKEM_DECAPS_FUNC_TC001
661 * @spec -
662 * @title Vector test using ciphertext and shared key decapsulation
663 * @precon nan
664 * @brief
665 * 1. Set the decapsulation key.
666 * 2. Invoke CRYPT_EAL_PkeyDecaps to generate a shared key.
667 * 3. Compare the shared key with the test vector.
668 * @expect 1. Succeeded 2. Succeeded 3. The generation result is the same as expected.
669 * @prior nan
670 * @auto FALSE
671 @ */
672 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_DECAPS_FUNC_TC001(int bits,Hex * testDK,Hex * testCT,Hex * testSK,int isProvider)673 void SDV_CRYPTO_MLKEM_DECAPS_FUNC_TC001(int bits, Hex *testDK, Hex *testCT, Hex *testSK, int isProvider)
674 {
675 TestMemInit();
676 CRYPT_EAL_PkeyCtx *ctx = TestPkeyNewCtx(NULL, CRYPT_PKEY_ML_KEM, CRYPT_EAL_PKEY_KEM_OPERATE,
677 "provider=default", isProvider);
678
679 ASSERT_NE(ctx, NULL);
680 uint32_t val = (uint32_t)bits;
681 int ret = CRYPT_EAL_PkeySetParaById(ctx, val);
682 ASSERT_EQ(ret, CRYPT_SUCCESS);
683 ret = CRYPT_EAL_PkeyDecapsInit(ctx, NULL);
684 ASSERT_EQ(ret, CRYPT_SUCCESS);
685
686 uint32_t decapsKeyLen = 0;
687 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PRVKEY_LEN, &decapsKeyLen, sizeof(decapsKeyLen));
688 ASSERT_EQ(ret, CRYPT_SUCCESS);
689
690 CRYPT_EAL_PkeyPrv dk = { 0 };
691 dk.id = CRYPT_PKEY_ML_KEM;
692 dk.key.kemDk.len = decapsKeyLen;
693 dk.key.kemDk.data = BSL_SAL_Malloc(decapsKeyLen);
694 (void)memcpy_s(dk.key.kemDk.data, dk.key.kemDk.len, testDK->x, testDK->len);
695
696 uint32_t sharedLen = 32;
697 uint8_t *sharedKey = BSL_SAL_Malloc(sharedLen);
698
699 ASSERT_EQ(CRYPT_EAL_PkeySetPrv(ctx, &dk), CRYPT_SUCCESS);
700 ASSERT_EQ(CRYPT_EAL_PkeyDecaps(ctx, testCT->x, testCT->len, sharedKey, &sharedLen), CRYPT_SUCCESS);
701 ASSERT_COMPARE("compare sk", sharedKey, sharedLen, testSK->x, testSK->len);
702 EXIT:
703 BSL_SAL_Free(dk.key.kemDk.data);
704 BSL_SAL_Free(sharedKey);
705 CRYPT_EAL_PkeyFreeCtx(ctx);
706 return;
707 }
708 /* END_CASE */
709
710 /* @
711 * @test SDV_CRYPTO_MLKEM_PKEYNEWCTX_API_TC001
712 * @spec -
713 * @title CRYPT_EAL_PkeyNewCtx interface test
714 * @precon nan
715 * @brief 1. The input parameter is the ID of the algorithm that does not support key generation CRYPT_MD_SHA256.
716 * 2. The input parameter is - 1.
717 * 3. The input parameter is CRYPT_PKEY_MAX + 1.
718 * @expect 1. Failure 2. Failure 3. Failure
719 * @prior nan
720 * @auto FALSE
721 @ */
722 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_PKEYNEWCTX_API_TC001()723 void SDV_CRYPTO_MLKEM_PKEYNEWCTX_API_TC001()
724 {
725 TestMemInit();
726 CRYPT_RandRegist(TestSimpleRand);
727
728 CRYPT_EAL_PkeyCtx *ctx1 = CRYPT_EAL_PkeyNewCtx((CRYPT_PKEY_AlgId)CRYPT_MD_SHA256);
729 ASSERT_TRUE(ctx1 == NULL);
730
731 CRYPT_EAL_PkeyCtx *ctx2 = CRYPT_EAL_PkeyNewCtx(-1);
732 ASSERT_TRUE(ctx2 == NULL);
733
734 CRYPT_EAL_PkeyCtx *ctx3 = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_MAX + 1);
735 ASSERT_TRUE(ctx3 == NULL);
736
737 EXIT:
738 CRYPT_EAL_PkeyFreeCtx(ctx1);
739 CRYPT_EAL_PkeyFreeCtx(ctx2);
740 CRYPT_EAL_PkeyFreeCtx(ctx3);
741 CRYPT_RandRegist(NULL);
742 return;
743 }
744 /* END_CASE */
745
746 /* @
747 * @test SDV_CRYPTO_MLKEM_ABNORMAL_DECAPS_FUNC_TC001
748 * @spec -
749 * @title Invalid ciphertext. Decapsulation failed.
750 * @precon nan
751 * @brief 1. Generate a key pair.
752 * 2. Call CRYPT_EAL_PkeyEncaps for encapsulation.
753 * 3. Modify the content in ciphertext and call CRYPT_EAL_PkeyDecaps for decapsulation.
754 * 4. Inconsistent sharedKeys
755 * @expect 1. Success 2. Success 3. Success 4. Inconsistency
756 * @prior nan
757 * @auto FALSE
758 @ */
759 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_ABNORMAL_DECAPS_FUNC_TC001(int bits,Hex * m,Hex * testEK,Hex * testDK,Hex * testCT,Hex * testSK,Hex * changeCT)760 void SDV_CRYPTO_MLKEM_ABNORMAL_DECAPS_FUNC_TC001(int bits, Hex *m, Hex *testEK, Hex *testDK, Hex *testCT, Hex *testSK, Hex *changeCT)
761 {
762 TestMemInit();
763 gKyberRandNum = 0;
764 memcpy_s(gKyberRandBuf[0], 32, m->x, m->len);
765 CRYPT_RandRegist(TEST_KyberRandom);
766 CRYPT_RandRegistEx(TEST_KyberRandomEx);
767
768 CRYPT_EAL_PkeyCtx *ctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ML_KEM);
769 uint32_t val = (uint32_t)bits;
770 uint32_t ret = CRYPT_EAL_PkeySetParaById(ctx, val);
771 ASSERT_EQ(ret, CRYPT_SUCCESS);
772 ret = CRYPT_EAL_PkeyEncapsInit(ctx, NULL);
773 ASSERT_EQ(ret, CRYPT_SUCCESS);
774
775 uint32_t encapsKeyLen = 0;
776 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PUBKEY_LEN, &encapsKeyLen, sizeof(encapsKeyLen));
777 ASSERT_EQ(ret, CRYPT_SUCCESS);
778
779 uint32_t decapsKeyLen = 0;
780 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PRVKEY_LEN, &decapsKeyLen, sizeof(decapsKeyLen));
781 ASSERT_EQ(ret, CRYPT_SUCCESS);
782
783 uint32_t cipherLen = 0;
784 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_CIPHERTEXT_LEN, &cipherLen, sizeof(cipherLen));
785 ASSERT_EQ(ret, CRYPT_SUCCESS);
786
787 CRYPT_EAL_PkeyPub ek = { 0 };
788 ek.id = CRYPT_PKEY_ML_KEM;
789 ek.key.kemEk.len = encapsKeyLen;
790 ek.key.kemEk.data = BSL_SAL_Malloc(encapsKeyLen);
791 (void)memcpy_s(ek.key.kemEk.data, ek.key.kemEk.len, testEK->x, testEK->len);
792
793 CRYPT_EAL_PkeyPrv dk = { 0 };
794 dk.id = CRYPT_PKEY_ML_KEM;
795 dk.key.kemDk.len = decapsKeyLen;
796 dk.key.kemDk.data = BSL_SAL_Malloc(decapsKeyLen);
797 (void)memcpy_s(dk.key.kemDk.data, dk.key.kemDk.len, testDK->x, testDK->len);
798
799 uint8_t *ciphertext = BSL_SAL_Malloc(cipherLen);
800 uint32_t sharedLen = 32;
801 uint8_t *sharedKey = BSL_SAL_Malloc(sharedLen);
802
803 uint32_t decSharedLen = 32;
804 uint8_t *decSharedKey = BSL_SAL_Malloc(decSharedLen);
805
806 ASSERT_EQ(CRYPT_EAL_PkeySetPub(ctx, &ek), CRYPT_SUCCESS);
807 ASSERT_EQ(CRYPT_EAL_PkeyEncaps(ctx, ciphertext, &cipherLen, sharedKey, &sharedLen), CRYPT_SUCCESS);
808 ASSERT_COMPARE("compare ct", ciphertext, cipherLen, testCT->x, testCT->len);
809 ASSERT_COMPARE("compare sk", sharedKey, sharedLen, testSK->x, testSK->len);
810
811 ASSERT_EQ(CRYPT_EAL_PkeySetPrv(ctx, &dk), CRYPT_SUCCESS);
812 ASSERT_EQ(CRYPT_EAL_PkeyDecaps(ctx, changeCT->x, changeCT->len, decSharedKey, &decSharedLen), CRYPT_SUCCESS);
813 ASSERT_TRUE(memcmp(sharedKey, decSharedKey, sharedLen) != 0);
814
815 EXIT:
816 BSL_SAL_Free(ek.key.kemEk.data);
817 BSL_SAL_Free(dk.key.kemDk.data);
818 BSL_SAL_Free(ciphertext);
819 BSL_SAL_Free(sharedKey);
820 BSL_SAL_Free(decSharedKey);
821 CRYPT_EAL_PkeyFreeCtx(ctx);
822 CRYPT_RandRegist(NULL);
823 CRYPT_RandRegistEx(NULL);
824 return;
825 }
826 /* END_CASE */
827
828 /* @
829 * @test SDV_CRYPTO_MLKEM_ABNORMAL_DECAPS_FUNC_TC002
830 * @spec -
831 * @title Invalid private key. Decapsulation failed.
832 * @precon nan
833 * @brief 1. Generate a key pair.
834 * 2. Call CRYPT_EAL_PkeyEncaps for encapsulation.
835 * 3. Call SetPrvKey to set invalid prvKey to the CTX.
836 * 4. Call CRYPT_EAL_PkeyDecaps for decapsulation.
837 * 5. Inconsistent sharedKeys
838 * @expect 1. Success 2. Success 3. Success 4. Success 5. Inconsistency
839 * @prior nan
840 * @auto FALSE
841 @ */
842 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_ABNORMAL_DECAPS_FUNC_TC002(int bits,Hex * m,Hex * testEK,Hex * testCT,Hex * testSK,Hex * changeDK)843 void SDV_CRYPTO_MLKEM_ABNORMAL_DECAPS_FUNC_TC002(int bits, Hex *m, Hex *testEK, Hex *testCT, Hex *testSK, Hex *changeDK)
844 {
845 TestMemInit();
846 gKyberRandNum = 0;
847 memcpy_s(gKyberRandBuf[0], 32, m->x, m->len);
848 CRYPT_RandRegist(TEST_KyberRandom);
849 CRYPT_RandRegistEx(TEST_KyberRandomEx);
850
851 CRYPT_EAL_PkeyCtx *ctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ML_KEM);
852 uint32_t val = (uint32_t)bits;
853 int ret = CRYPT_EAL_PkeySetParaById(ctx, val);
854 ASSERT_EQ(ret, CRYPT_SUCCESS);
855 ret = CRYPT_EAL_PkeyEncapsInit(ctx, NULL);
856 ASSERT_EQ(ret, CRYPT_SUCCESS);
857
858 uint32_t encapsKeyLen = 0;
859 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PUBKEY_LEN, &encapsKeyLen, sizeof(encapsKeyLen));
860 ASSERT_EQ(ret, CRYPT_SUCCESS);
861
862 uint32_t decapsKeyLen = 0;
863 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PRVKEY_LEN, &decapsKeyLen, sizeof(decapsKeyLen));
864 ASSERT_EQ(ret, CRYPT_SUCCESS);
865
866 uint32_t cipherLen = 0;
867 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_CIPHERTEXT_LEN, &cipherLen, sizeof(cipherLen));
868 ASSERT_EQ(ret, CRYPT_SUCCESS);
869
870 CRYPT_EAL_PkeyPub ek = { 0 };
871 ek.id = CRYPT_PKEY_ML_KEM;
872 ek.key.kemEk.len = encapsKeyLen;
873 ek.key.kemEk.data = BSL_SAL_Malloc(encapsKeyLen);
874 (void)memcpy_s(ek.key.kemEk.data, ek.key.kemEk.len, testEK->x, testEK->len);
875
876 CRYPT_EAL_PkeyPrv dk = { 0 };
877 dk.id = CRYPT_PKEY_ML_KEM;
878 dk.key.kemDk.len = decapsKeyLen;
879 dk.key.kemDk.data = BSL_SAL_Malloc(decapsKeyLen);
880 (void)memcpy_s(dk.key.kemDk.data, dk.key.kemDk.len, changeDK->x, changeDK->len);
881
882 uint8_t *ciphertext = BSL_SAL_Malloc(cipherLen);
883 uint32_t sharedLen = 32;
884 uint8_t *sharedKey = BSL_SAL_Malloc(sharedLen);
885
886 uint32_t decSharedLen = 32;
887 uint8_t *decSharedKey = BSL_SAL_Malloc(decSharedLen);
888
889 ASSERT_EQ(CRYPT_EAL_PkeySetPub(ctx, &ek), CRYPT_SUCCESS);
890 ASSERT_EQ(CRYPT_EAL_PkeyEncaps(ctx, ciphertext, &cipherLen, sharedKey, &sharedLen), CRYPT_SUCCESS);
891 ASSERT_COMPARE("compare ct", ciphertext, cipherLen, testCT->x, testCT->len);
892 ASSERT_COMPARE("compare sk", sharedKey, sharedLen, testSK->x, testSK->len);
893
894 ASSERT_EQ(CRYPT_EAL_PkeySetPrv(ctx, &dk), CRYPT_SUCCESS);
895 ASSERT_EQ(CRYPT_EAL_PkeyDecaps(ctx, ciphertext, cipherLen, decSharedKey, &decSharedLen), CRYPT_SUCCESS);
896 ASSERT_TRUE(memcmp(sharedKey, decSharedKey, sharedLen) != 0);
897
898 EXIT:
899 BSL_SAL_Free(ek.key.kemEk.data);
900 BSL_SAL_Free(dk.key.kemDk.data);
901 BSL_SAL_Free(ciphertext);
902 BSL_SAL_Free(sharedKey);
903 BSL_SAL_Free(decSharedKey);
904 CRYPT_EAL_PkeyFreeCtx(ctx);
905 CRYPT_RandRegist(NULL);
906 CRYPT_RandRegistEx(NULL);
907 return;
908 }
909 /* END_CASE */
910
911 /* @
912 * @test SDV_CRYPTO_MLKEM_ABNORMAL_DECAPS_FUNC_TC002
913 * @spec -
914 * @title Invalid public key. Decapsulation failed.
915 * @precon nan
916 * @brief 1. Generate a key pair.
917 * 2. Call CRYPT_EAL_PkeyEncaps for encapsulation.
918 * 3. Call SetPrvKey to set invalid prvKey to the CTX.
919 * 4. Call CRYPT_EAL_PkeyDecaps for decapsulation.
920 * 5. Inconsistent sharedKeys
921 * @expect 1. Success 2. Success 3. Success 4. Success 5. Failure
922 * @prior nan
923 * @auto FALSE
924 @ */
925 /* BEGIN_CASE */
SDV_CRYPTO_MLKEM_ABNORMAL_DECAPS_FUNC_TC003(int bits,Hex * m,Hex * testDK,Hex * changeEK)926 void SDV_CRYPTO_MLKEM_ABNORMAL_DECAPS_FUNC_TC003(int bits, Hex *m, Hex *testDK, Hex *changeEK)
927 {
928 TestMemInit();
929 gKyberRandNum = 0;
930 memcpy_s(gKyberRandBuf[0], 32, m->x, m->len);
931 CRYPT_RandRegist(TEST_KyberRandom);
932 CRYPT_RandRegistEx(TEST_KyberRandomEx);
933
934 CRYPT_EAL_PkeyCtx *ctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ML_KEM);
935 uint32_t val = (uint32_t)bits;
936 int ret = CRYPT_EAL_PkeySetParaById(ctx, val);
937 ASSERT_EQ(ret, CRYPT_SUCCESS);
938 ret = CRYPT_EAL_PkeyEncapsInit(ctx, NULL);
939 ASSERT_EQ(ret, CRYPT_SUCCESS);
940
941 uint32_t encapsKeyLen = 0;
942 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PUBKEY_LEN, &encapsKeyLen, sizeof(encapsKeyLen));
943 ASSERT_EQ(ret, CRYPT_SUCCESS);
944
945 uint32_t decapsKeyLen = 0;
946 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_PRVKEY_LEN, &decapsKeyLen, sizeof(decapsKeyLen));
947 ASSERT_EQ(ret, CRYPT_SUCCESS);
948
949 uint32_t cipherLen = 0;
950 ret = CRYPT_EAL_PkeyCtrl(ctx, CRYPT_CTRL_GET_CIPHERTEXT_LEN, &cipherLen, sizeof(cipherLen));
951 ASSERT_EQ(ret, CRYPT_SUCCESS);
952
953 CRYPT_EAL_PkeyPub ek = { 0 };
954 ek.id = CRYPT_PKEY_ML_KEM;
955 ek.key.kemEk.len = encapsKeyLen;
956 ek.key.kemEk.data = BSL_SAL_Malloc(encapsKeyLen);
957 (void)memcpy_s(ek.key.kemEk.data, ek.key.kemEk.len, changeEK->x, changeEK->len);
958
959 CRYPT_EAL_PkeyPrv dk = { 0 };
960 dk.id = CRYPT_PKEY_ML_KEM;
961 dk.key.kemDk.len = decapsKeyLen;
962 dk.key.kemDk.data = BSL_SAL_Malloc(decapsKeyLen);
963 (void)memcpy_s(dk.key.kemDk.data, dk.key.kemDk.len, testDK->x, testDK->len);
964
965 uint8_t *ciphertext = BSL_SAL_Malloc(cipherLen);
966 uint32_t sharedLen = 32;
967 uint8_t *sharedKey = BSL_SAL_Malloc(sharedLen);
968
969 uint32_t decSharedLen = 32;
970 uint8_t *decSharedKey = BSL_SAL_Malloc(decSharedLen);
971
972 ASSERT_EQ(CRYPT_EAL_PkeySetPub(ctx, &ek), CRYPT_SUCCESS);
973 ASSERT_EQ(CRYPT_EAL_PkeyEncaps(ctx, ciphertext, &cipherLen, sharedKey, &sharedLen), CRYPT_SUCCESS);
974
975 ASSERT_EQ(CRYPT_EAL_PkeySetPrv(ctx, &dk), CRYPT_SUCCESS);
976 ASSERT_EQ(CRYPT_EAL_PkeyDecaps(ctx, ciphertext, cipherLen, decSharedKey, &decSharedLen), CRYPT_SUCCESS);
977 ASSERT_TRUE(memcmp(sharedKey, decSharedKey, sharedLen) != 0);
978
979 EXIT:
980 BSL_SAL_Free(ek.key.kemEk.data);
981 BSL_SAL_Free(dk.key.kemDk.data);
982 BSL_SAL_Free(ciphertext);
983 BSL_SAL_Free(sharedKey);
984 BSL_SAL_Free(decSharedKey);
985 CRYPT_EAL_PkeyFreeCtx(ctx);
986 CRYPT_RandRegist(NULL);
987 CRYPT_RandRegistEx(NULL);
988 return;
989 }
990 /* END_CASE */
991