From d663543004e5bdd74e98585807c78b060f5140e8 Mon Sep 17 00:00:00 2001
From: Paul Elliott <paul.elliott@arm.com>
Date: Thu, 18 Nov 2021 22:35:48 +0000
Subject: [PATCH] Add PKCS12 tests

Only regression tests for the empty password bugs for now. Further tests
will follow later.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
---
 tests/CMakeLists.txt                    |  1 +
 tests/suites/test_suite_pkcs12.data     | 33 ++++++++++++
 tests/suites/test_suite_pkcs12.function | 72 +++++++++++++++++++++++++
 3 files changed, 106 insertions(+)
 create mode 100644 tests/suites/test_suite_pkcs12.data
 create mode 100644 tests/suites/test_suite_pkcs12.function

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 41dceed93..909046d37 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -216,6 +216,7 @@ add_test_suite(pk)
 add_test_suite(pkcs1_v15)
 add_test_suite(pkcs1_v21)
 add_test_suite(pkcs5)
+add_test_suite(pkcs12)
 add_test_suite(pkparse)
 add_test_suite(pkwrite)
 add_test_suite(poly1305)
diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data
new file mode 100644
index 000000000..e9e7339dc
--- /dev/null
+++ b/tests/suites/test_suite_pkcs12.data
@@ -0,0 +1,33 @@
+Pkcs12 derive key : Zero length password and hash
+depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C
+pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"":1:3:0
+
+Pkcs12 derive key: NULL password and hash
+depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C
+pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"":0:3:0
+
+Pkcs12 derive key: Zero length password
+depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C
+pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0
+
+Pkcs12 derive key: NULL password
+depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C
+pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0
+
+Pkcs12 derive key: Invalid length NULL password
+depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C
+pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA
+
+Pkcs12 derive key: Zero length hash
+depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C
+pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0
+
+Pkcs12 derive key: NULL hash
+depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C
+pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0
+
+Pkcs12 derive key: Invalid length NULL hash
+depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C
+pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA
+
+
diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function
new file mode 100644
index 000000000..e49e5805d
--- /dev/null
+++ b/tests/suites/test_suite_pkcs12.function
@@ -0,0 +1,72 @@
+/* BEGIN_HEADER */
+#include "mbedtls/pkcs12.h"
+
+typedef enum
+{
+   USE_NULL_INPUT = 0,
+   USE_GIVEN_INPUT = 1,
+   USE_NULL_INPUT_WITH_SIZE = 2,
+} input_usage_method_t;
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ASN1_PARSE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void pkcs12_derive_key_test( int md_type, int key_size_arg,
+                             data_t *password_arg, int password_usage,
+                             data_t *salt_arg, int salt_usage,
+                             int iterations, int expected_status )
+
+{
+   int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+   unsigned char *output_data = NULL;
+
+   unsigned char *password = NULL;
+   size_t password_len = 0;
+   unsigned char *salt = NULL;
+   size_t salt_len = 0;
+   size_t key_size = key_size_arg;
+
+   if( password_usage == USE_GIVEN_INPUT )
+   {
+      password = password_arg->x;
+      password_len = password_arg->len;
+   }
+   else if( password_usage == USE_NULL_INPUT_WITH_SIZE )
+   {
+      password_len = password_arg->len;
+   }
+
+   if( salt_usage == USE_GIVEN_INPUT )
+   {
+      salt = salt_arg->x;
+      salt_len = salt_arg->len;
+   }
+   else if( salt_usage == USE_NULL_INPUT_WITH_SIZE )
+   {
+      salt_len = salt_arg->len;
+   }
+
+   ASSERT_ALLOC( output_data, key_size );
+
+   ret = mbedtls_pkcs12_derivation( output_data,
+                                    key_size,
+                                    password,
+                                    password_len,
+                                    salt,
+                                    salt_len,
+                                    md_type,
+                                    MBEDTLS_PKCS12_DERIVE_KEY,
+                                    iterations );
+
+   TEST_EQUAL( ret, expected_status );
+
+exit:
+   mbedtls_free( output_data );
+
+}
+/* END_CASE */