• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1/* BEGIN_HEADER */
2#include "mbedtls/lms.h"
3
4/* END_HEADER */
5
6/* BEGIN_DEPENDENCIES
7 * depends_on:MBEDTLS_LMS_C
8 * END_DEPENDENCIES
9 */
10
11/* BEGIN_CASE depends_on:MBEDTLS_LMS_PRIVATE */
12void lms_sign_verify_test ( data_t *msg, data_t *seed )
13{
14    mbedtls_lms_public_t pub_ctx;
15    mbedtls_lms_private_t priv_ctx;
16    unsigned char sig[MBEDTLS_LMS_SIG_LEN(MBEDTLS_LMS_SHA256_M32_H10, MBEDTLS_LMOTS_SHA256_N32_W8)];
17
18    mbedtls_lms_public_init( &pub_ctx );
19    mbedtls_lms_private_init( &priv_ctx );
20
21    /* Allocation failure isn't a test failure, since it likely just means
22     * there's not enough memory to run the test.
23     */
24    TEST_EQUAL( mbedtls_lms_generate_private_key( &priv_ctx, MBEDTLS_LMS_SHA256_M32_H10,
25                                           MBEDTLS_LMOTS_SHA256_N32_W8,
26                                           mbedtls_test_rnd_std_rand, NULL,
27                                           seed->x, seed->len ), 0 );
28
29    TEST_EQUAL( mbedtls_lms_calculate_public_key( &pub_ctx, &priv_ctx ), 0 );
30
31    TEST_EQUAL( mbedtls_lms_sign( &priv_ctx, mbedtls_test_rnd_std_rand, NULL,
32                                   msg->x, msg->len, sig, sizeof( sig ),
33                                   NULL ), 0 );
34
35    TEST_EQUAL( mbedtls_lms_verify( &pub_ctx, msg->x, msg->len, sig,
36                                     sizeof( sig ) ), 0 );
37
38exit:
39    mbedtls_lms_public_free( &pub_ctx );
40    mbedtls_lms_private_free( &priv_ctx );
41}
42/* END_CASE */
43
44/* BEGIN_CASE depends_on:MBEDTLS_LMS_PRIVATE */
45void lms_sign_verify_null_msg_test( data_t *seed )
46{
47    mbedtls_lms_public_t pub_ctx;
48    mbedtls_lms_private_t priv_ctx;
49    unsigned char sig[MBEDTLS_LMS_SIG_LEN(MBEDTLS_LMS_SHA256_M32_H10, MBEDTLS_LMOTS_SHA256_N32_W8)];
50
51    mbedtls_lms_public_init( &pub_ctx );
52    mbedtls_lms_private_init( &priv_ctx );
53
54    /* Allocation failure isn't a test failure, since it likely just means
55     * there's not enough memory to run the test.
56     */
57    TEST_EQUAL( mbedtls_lms_generate_private_key( &priv_ctx, MBEDTLS_LMS_SHA256_M32_H10,
58                                           MBEDTLS_LMOTS_SHA256_N32_W8,
59                                           mbedtls_test_rnd_std_rand, NULL,
60                                           seed->x, seed->len ), 0 );
61
62    TEST_EQUAL( mbedtls_lms_calculate_public_key( &pub_ctx, &priv_ctx ), 0 );
63
64    TEST_EQUAL( mbedtls_lms_sign( &priv_ctx, mbedtls_test_rnd_std_rand, NULL,
65                                   NULL, 0, sig, sizeof( sig ),
66                                   NULL ), 0 );
67
68    TEST_EQUAL( mbedtls_lms_verify( &pub_ctx, NULL, 0, sig,
69                                     sizeof( sig ) ), 0 );
70
71exit:
72    mbedtls_lms_public_free( &pub_ctx );
73    mbedtls_lms_private_free( &priv_ctx );
74}
75/* END_CASE */
76
77/* BEGIN_CASE */
78void lms_verify_test ( data_t * msg, data_t * sig, data_t * pub_key,
79                          int expected_rc )
80{
81    mbedtls_lms_public_t ctx;
82    unsigned int size;
83    unsigned char *tmp_sig = NULL;
84
85    mbedtls_lms_public_init( &ctx);
86
87    TEST_EQUAL(mbedtls_lms_import_public_key( &ctx, pub_key->x, pub_key->len ), 0);
88
89    TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), expected_rc);
90
91    /* Test negative cases if the input data is valid */
92    if( expected_rc == 0 )
93    {
94        if( msg->len >= 1 )
95        {
96            /* Altering first message byte must cause verification failure */
97            msg->x[0] ^= 1;
98            TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ),
99                       MBEDTLS_ERR_LMS_VERIFY_FAILED);
100            msg->x[0] ^= 1;
101
102            /* Altering last message byte must cause verification failure */
103            msg->x[msg->len - 1] ^= 1;
104            TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ),
105                       MBEDTLS_ERR_LMS_VERIFY_FAILED);
106            msg->x[msg->len - 1] ^= 1;
107        }
108
109        if( sig->len >= 1 )
110        {
111            /* Altering first signature byte must cause verification failure */
112            sig->x[0] ^= 1;
113            TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ),
114                       MBEDTLS_ERR_LMS_VERIFY_FAILED);
115            sig->x[0] ^= 1;
116
117            /* Altering last signature byte must cause verification failure */
118            sig->x[sig->len - 1] ^= 1;
119            TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ),
120                       MBEDTLS_ERR_LMS_VERIFY_FAILED);
121            sig->x[sig->len - 1] ^= 1;
122        }
123
124        /* Signatures of all sizes must not verify, whether shorter or longer */
125        for( size = 0; size < sig->len; size++ ) {
126            if( size == sig->len )
127                continue;
128
129            ASSERT_ALLOC( tmp_sig, size );
130            if( tmp_sig != NULL )
131                memcpy( tmp_sig, sig->x, MIN(size, sig->len) );
132
133            TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, tmp_sig, size ),
134                       MBEDTLS_ERR_LMS_VERIFY_FAILED);
135            mbedtls_free( tmp_sig );
136            tmp_sig = NULL;
137        }
138    }
139
140exit:
141    mbedtls_free( tmp_sig );
142    mbedtls_lms_public_free( &ctx );
143}
144/* END_CASE */
145
146/* BEGIN_CASE */
147void lms_import_export_test (  data_t * pub_key, int expected_import_rc )
148{
149    mbedtls_lms_public_t ctx;
150    size_t exported_pub_key_buf_size = 0;
151    size_t exported_pub_key_size = 0;
152    unsigned char *exported_pub_key = NULL;
153
154    mbedtls_lms_public_init(&ctx);
155    TEST_EQUAL( mbedtls_lms_import_public_key( &ctx, pub_key->x, pub_key->len ),
156                expected_import_rc );
157
158    if( expected_import_rc == 0 )
159    {
160        exported_pub_key_buf_size = MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10);
161        ASSERT_ALLOC( exported_pub_key, exported_pub_key_buf_size );
162
163        TEST_EQUAL( mbedtls_lms_export_public_key( &ctx, exported_pub_key,
164                                                   exported_pub_key_buf_size,
165                                                   &exported_pub_key_size ), 0 );
166
167        TEST_EQUAL( exported_pub_key_size,
168                    MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10 ) );
169        ASSERT_COMPARE( pub_key->x, pub_key->len,
170                        exported_pub_key, exported_pub_key_size );
171        mbedtls_free(exported_pub_key);
172        exported_pub_key = NULL;
173
174        /* Export into too-small buffer should fail */
175        exported_pub_key_buf_size = MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10) - 1;
176        ASSERT_ALLOC( exported_pub_key, exported_pub_key_buf_size);
177        TEST_EQUAL( mbedtls_lms_export_public_key( &ctx, exported_pub_key,
178                                                   exported_pub_key_buf_size, NULL ),
179                    MBEDTLS_ERR_LMS_BUFFER_TOO_SMALL );
180        mbedtls_free(exported_pub_key);
181        exported_pub_key = NULL;
182
183        /* Export into too-large buffer should succeed */
184        exported_pub_key_buf_size = MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10) + 1;
185        ASSERT_ALLOC( exported_pub_key, exported_pub_key_buf_size);
186        TEST_EQUAL( mbedtls_lms_export_public_key( &ctx, exported_pub_key,
187                                                   exported_pub_key_buf_size,
188                                                   &exported_pub_key_size ),
189                    0 );
190        ASSERT_COMPARE( pub_key->x, pub_key->len,
191                        exported_pub_key, exported_pub_key_size );
192        mbedtls_free(exported_pub_key);
193        exported_pub_key = NULL;
194    }
195
196exit:
197    mbedtls_free( exported_pub_key );
198    mbedtls_lms_public_free( &ctx );
199}
200/* END_CASE */
201
202