Merge pull request #291 from gilles-peskine-arm/ctr_drbg-test_aes_128
Test MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
This commit is contained in:
Gilles Peskine
GitHub
commit
180850a229
4 changed files with 57 additions and 9 deletions
|
|
@ -713,6 +713,15 @@ static const unsigned char nonce_pers_nopr[16] =
|
|||
{ 0x1b, 0x54, 0xb8, 0xff, 0x06, 0x42, 0xbf, 0xf5,
|
||||
0x21, 0xf1, 0x5c, 0x1c, 0x0b, 0x66, 0x5f, 0x3f };
|
||||
|
||||
#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
|
||||
static const unsigned char result_pr[16] =
|
||||
{ 0x95, 0x3c, 0xa5, 0xbd, 0x44, 0x1, 0x34, 0xb7,
|
||||
0x13, 0x58, 0x3e, 0x6a, 0x6c, 0x7e, 0x88, 0x8a };
|
||||
|
||||
static const unsigned char result_nopr[16] =
|
||||
{ 0x6c, 0x25, 0x27, 0x95, 0xa3, 0x62, 0xd6, 0xdb,
|
||||
0x90, 0xfd, 0x69, 0xb5, 0x42, 0x9, 0x4b, 0x84 };
|
||||
#else /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
|
||||
static const unsigned char result_pr[16] =
|
||||
{ 0x34, 0x01, 0x16, 0x56, 0xb4, 0x29, 0x00, 0x8f,
|
||||
0x35, 0x63, 0xec, 0xb5, 0xf2, 0x59, 0x07, 0x23 };
|
||||
|
|
@ -720,6 +729,7 @@ static const unsigned char result_pr[16] =
|
|||
static const unsigned char result_nopr[16] =
|
||||
{ 0xa0, 0x54, 0x30, 0x3d, 0x8a, 0x7e, 0xa9, 0x88,
|
||||
0x9d, 0x90, 0x3e, 0x07, 0x7c, 0x6f, 0x21, 0x8f };
|
||||
#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
|
||||
|
||||
static size_t test_offset;
|
||||
static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf,
|
||||
|
|
|
|||
|
|
@ -168,6 +168,7 @@ def include_in_full(name):
|
|||
'MBEDTLS_DEPRECATED_REMOVED',
|
||||
'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED',
|
||||
'MBEDTLS_ECP_RESTARTABLE',
|
||||
'MBEDTLS_ENTROPY_FORCE_SHA256', # Variant toggle, tested separately
|
||||
'MBEDTLS_HAVE_SSE2',
|
||||
'MBEDTLS_MEMORY_BACKTRACE',
|
||||
'MBEDTLS_MEMORY_BUFFER_ALLOC_C',
|
||||
|
|
|
|||
|
|
@ -403,12 +403,6 @@ pre_check_git () {
|
|||
fi
|
||||
}
|
||||
|
||||
pre_check_seedfile () {
|
||||
if [ ! -f "./tests/seedfile" ]; then
|
||||
dd if=/dev/urandom of=./tests/seedfile bs=32 count=1
|
||||
fi
|
||||
}
|
||||
|
||||
pre_setup_keep_going () {
|
||||
failure_summary=
|
||||
failure_count=0
|
||||
|
|
@ -930,6 +924,43 @@ component_test_aes_fewer_tables_and_rom_tables () {
|
|||
make test
|
||||
}
|
||||
|
||||
component_test_ctr_drbg_aes_256_sha_256 () {
|
||||
msg "build: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
|
||||
scripts/config.pl full
|
||||
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
|
||||
scripts/config.pl set MBEDTLS_ENTROPY_FORCE_SHA256
|
||||
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||
make
|
||||
|
||||
msg "test: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
|
||||
make test
|
||||
}
|
||||
|
||||
component_test_ctr_drbg_aes_128_sha_512 () {
|
||||
msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)"
|
||||
scripts/config.pl full
|
||||
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
|
||||
scripts/config.pl set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
|
||||
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||
make
|
||||
|
||||
msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)"
|
||||
make test
|
||||
}
|
||||
|
||||
component_test_ctr_drbg_aes_128_sha_256 () {
|
||||
msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
|
||||
scripts/config.pl full
|
||||
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
|
||||
scripts/config.pl set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
|
||||
scripts/config.pl set MBEDTLS_ENTROPY_FORCE_SHA256
|
||||
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||
make
|
||||
|
||||
msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)"
|
||||
make test
|
||||
}
|
||||
|
||||
component_test_se_default () {
|
||||
msg "build: default config + MBEDTLS_PSA_CRYPTO_SE_C"
|
||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C
|
||||
|
|
@ -1276,7 +1307,16 @@ run_component () {
|
|||
cp -p "$CONFIG_H" "$CONFIG_BAK"
|
||||
current_component="$1"
|
||||
export MBEDTLS_TEST_CONFIGURATION="$current_component"
|
||||
|
||||
# Unconditionally create a seedfile that's sufficiently long.
|
||||
# Do this before each component, because a previous component may
|
||||
# have messed it up or shortened it.
|
||||
dd if=/dev/urandom of=./tests/seedfile bs=64 count=1
|
||||
|
||||
# Run the component code.
|
||||
"$@"
|
||||
|
||||
# Restore the build tree to a clean state.
|
||||
cleanup
|
||||
}
|
||||
|
||||
|
|
@ -1286,7 +1326,6 @@ pre_initialize_variables
|
|||
pre_parse_command_line "$@"
|
||||
|
||||
pre_check_git
|
||||
pre_check_seedfile
|
||||
|
||||
build_status=0
|
||||
if [ $KEEP_GOING -eq 1 ]; then
|
||||
|
|
|
|||
|
|
@ -1097,6 +1097,4 @@ CTR_DRBG Special Behaviours
|
|||
ctr_drbg_special_behaviours:
|
||||
|
||||
CTR_DRBG self test
|
||||
depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
|
||||
ctr_drbg_selftest:
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue