MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG: negative tests
Under MBEDTLS_ERR_RSA_RNG_FAILED, add tests where the random generator failed. This commit tests the following operations: * psa_generate_random() * psa_generate_key() for a symmetric key * Deterministic signatures that use blinding (RSA PKCS#1v1.5, deterministic ECDSA). * Randomized signatures (RSA PSS, randomized ECDSA). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
ae3741e8a4
commit
f547ce8daa
2 changed files with 101 additions and 0 deletions
|
@ -1,3 +1,26 @@
|
|||
PSA external RNG failure: generate random and key
|
||||
external_rng_failure_generate:
|
||||
|
||||
PSA external RNG failure: randomized ECDSA
|
||||
depends_on:PSA_WANT_ALG_ECDSA
|
||||
external_rng_failure_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:32
|
||||
|
||||
PSA external RNG failure: deterministic ECDSA (software implementation)
|
||||
# Depend on the built-in implementation which we know uses blinding.
|
||||
# An external implementation might not use blinding.
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA:MBEDTLS_SHA256_C:PSA_WANT_ALG_SHA256
|
||||
external_rng_failure_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):32
|
||||
|
||||
PSA external RNG failure: RSA-PSS
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256
|
||||
external_rng_failure_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):32
|
||||
|
||||
PSA external RNG failure: RSA PKCS#1v1.5 (software implementation)
|
||||
# Depend on the built-in implementation which we know uses blinding.
|
||||
# An external implementation might not use blinding.
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN
|
||||
external_rng_failure_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:32
|
||||
|
||||
PSA validate entropy injection: good, minimum size
|
||||
validate_entropy_seed_injection:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_ERROR_NOT_PERMITTED
|
||||
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
/* BEGIN_HEADER */
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <psa/crypto.h>
|
||||
|
||||
#include "mbedtls/entropy.h"
|
||||
#include "mbedtls/entropy_poll.h"
|
||||
|
@ -35,6 +38,81 @@ psa_status_t remove_seed_file( void )
|
|||
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
|
||||
void external_rng_failure_generate( )
|
||||
{
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
|
||||
psa_set_key_bits( &attributes, 128 );
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
uint8_t output[1];
|
||||
|
||||
PSA_ASSERT( psa_crypto_init( ) );
|
||||
|
||||
PSA_ASSERT( psa_generate_random( output, sizeof( output ) ) );
|
||||
PSA_ASSERT( psa_generate_key( &attributes, &key ) );
|
||||
PSA_ASSERT( psa_destroy_key( key ) );
|
||||
|
||||
mbedtls_test_disable_insecure_external_rng( );
|
||||
TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
|
||||
psa_generate_random( output, sizeof( output ) ) );
|
||||
TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
|
||||
psa_generate_key( &attributes, &key ) );
|
||||
|
||||
exit:
|
||||
psa_destroy_key( key );
|
||||
PSA_DONE( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
|
||||
void external_rng_failure_sign( int key_type, data_t *key_data, int alg,
|
||||
int input_size_arg )
|
||||
{
|
||||
/* This test case is only expected to pass if the signature mechanism
|
||||
* requires randomness, either because it is a randomized signature
|
||||
* or because the implementation uses blinding. */
|
||||
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_set_key_type( &attributes, key_type );
|
||||
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN );
|
||||
psa_set_key_algorithm( &attributes, alg );
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
size_t input_size = input_size_arg;
|
||||
uint8_t signature[PSA_SIGNATURE_MAX_SIZE];
|
||||
size_t signature_length;
|
||||
|
||||
TEST_ASSERT( input_size <= sizeof( signature ) );
|
||||
|
||||
PSA_ASSERT( psa_crypto_init( ) );
|
||||
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
|
||||
&key ) );
|
||||
memset( signature, 0, input_size );
|
||||
PSA_ASSERT( psa_sign_hash( key, alg,
|
||||
signature, input_size,
|
||||
signature, sizeof( signature ),
|
||||
&signature_length ) );
|
||||
PSA_ASSERT( psa_destroy_key( key ) );
|
||||
|
||||
mbedtls_test_disable_insecure_external_rng( );
|
||||
/* Import the key again, because for RSA Mbed TLS caches blinding values
|
||||
* in the key object and this could perturb the test. */
|
||||
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
|
||||
&key ) );
|
||||
memset( signature, 0, input_size );
|
||||
TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
|
||||
psa_sign_hash( key, alg,
|
||||
signature, input_size,
|
||||
signature, sizeof( signature ),
|
||||
&signature_length ) );
|
||||
PSA_ASSERT( psa_destroy_key( key ) );
|
||||
|
||||
exit:
|
||||
psa_destroy_key( key );
|
||||
PSA_DONE( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */
|
||||
void validate_entropy_seed_injection( int seed_length_a,
|
||||
int expected_status_a,
|
||||
|
|
Loading…
Reference in a new issue