mbedtls/tests/suites/test_suite_random.function
Mateusz Starzyk 72f60dfcc1 Remove MBEDTLS_TEST_NULL_ENTROPY config option.
Building the library without entropy sources negates any and all security
provided by the library.
This option was originally requested a relatively long time ago and it
does not provide any tangible benefit for users any more.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-11 13:15:19 +02:00

202 lines
6.5 KiB
C

/* BEGIN_HEADER */
/* Test random generation as a whole. */
#include "mbedtls/bignum.h"
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/ecdsa.h"
#include "mbedtls/entropy.h"
#include "mbedtls/hmac_drbg.h"
#include "mbedtls/psa_util.h"
#include "psa/crypto.h"
/* How many bytes to generate in each test case for repeated generation.
* This must be high enough that the probability of generating the same
* output twice is infinitesimal, but low enough that random generators
* are willing to deliver that much. */
#define OUTPUT_SIZE 32
/* END_HEADER */
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
void random_twice_with_ctr_drbg( )
{
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context drbg;
unsigned char output1[OUTPUT_SIZE];
unsigned char output2[OUTPUT_SIZE];
/* First round */
mbedtls_entropy_init( &entropy );
mbedtls_ctr_drbg_init( &drbg );
TEST_EQUAL( 0, mbedtls_ctr_drbg_seed( &drbg,
mbedtls_entropy_func, &entropy,
NULL, 0 ) );
TEST_EQUAL( 0, mbedtls_ctr_drbg_random( &drbg,
output1, sizeof( output1 ) ) );
mbedtls_ctr_drbg_free( &drbg );
mbedtls_entropy_free( &entropy );
/* Second round */
mbedtls_entropy_init( &entropy );
mbedtls_ctr_drbg_init( &drbg );
TEST_EQUAL( 0, mbedtls_ctr_drbg_seed( &drbg,
mbedtls_entropy_func, &entropy,
NULL, 0 ) );
TEST_EQUAL( 0, mbedtls_ctr_drbg_random( &drbg,
output2, sizeof( output2 ) ) );
mbedtls_ctr_drbg_free( &drbg );
mbedtls_entropy_free( &entropy );
/* The two rounds must generate different random data. */
TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
exit:
mbedtls_ctr_drbg_free( &drbg );
mbedtls_entropy_free( &entropy );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_HMAC_DRBG_C */
void random_twice_with_hmac_drbg( int md_type )
{
mbedtls_entropy_context entropy;
mbedtls_hmac_drbg_context drbg;
unsigned char output1[OUTPUT_SIZE];
unsigned char output2[OUTPUT_SIZE];
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type );
/* First round */
mbedtls_entropy_init( &entropy );
mbedtls_hmac_drbg_init( &drbg );
TEST_EQUAL( 0, mbedtls_hmac_drbg_seed( &drbg, md_info,
mbedtls_entropy_func, &entropy,
NULL, 0 ) );
TEST_EQUAL( 0, mbedtls_hmac_drbg_random( &drbg,
output1, sizeof( output1 ) ) );
mbedtls_hmac_drbg_free( &drbg );
mbedtls_entropy_free( &entropy );
/* Second round */
mbedtls_entropy_init( &entropy );
mbedtls_hmac_drbg_init( &drbg );
TEST_EQUAL( 0, mbedtls_hmac_drbg_seed( &drbg, md_info,
mbedtls_entropy_func, &entropy,
NULL, 0 ) );
TEST_EQUAL( 0, mbedtls_hmac_drbg_random( &drbg,
output2, sizeof( output2 ) ) );
mbedtls_hmac_drbg_free( &drbg );
mbedtls_entropy_free( &entropy );
/* The two rounds must generate different random data. */
TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
exit:
mbedtls_hmac_drbg_free( &drbg );
mbedtls_entropy_free( &entropy );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
void random_twice_with_psa_from_classic( )
{
unsigned char output1[OUTPUT_SIZE];
unsigned char output2[OUTPUT_SIZE];
/* First round */
PSA_ASSERT( psa_crypto_init( ) );
TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
output1, sizeof( output1 ) ) );
PSA_DONE( );
/* Second round */
PSA_ASSERT( psa_crypto_init( ) );
TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
output2, sizeof( output2 ) ) );
PSA_DONE( );
/* The two rounds must generate different random data. */
TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
exit:
PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
void random_twice_with_psa_from_psa( )
{
unsigned char output1[OUTPUT_SIZE];
unsigned char output2[OUTPUT_SIZE];
/* First round */
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_generate_random( output1, sizeof( output1 ) ) );
PSA_DONE( );
/* Second round */
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_generate_random( output2, sizeof( output2 ) ) );
PSA_DONE( );
/* The two rounds must generate different random data. */
TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 );
exit:
PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
void mbedtls_psa_get_random_no_init( )
{
unsigned char output[1];
TEST_ASSERT( mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
output, sizeof( output ) ) != 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */
void mbedtls_psa_get_random_length( int n )
{
unsigned char *output = NULL;
PSA_ASSERT( psa_crypto_init( ) );
ASSERT_ALLOC( output, n );
TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
output, n ) );
exit:
mbedtls_free( output );
PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ECDSA_C */
void mbedtls_psa_get_random_ecdsa_sign( int curve )
{
mbedtls_ecp_group grp;
mbedtls_mpi d, r, s;
unsigned char buf[] = "This is not a hash.";
mbedtls_ecp_group_init( &grp );
mbedtls_mpi_init( &d );
mbedtls_mpi_init( &r );
mbedtls_mpi_init( &s );
TEST_EQUAL( 0, mbedtls_mpi_lset( &d, 123456789 ) );
TEST_EQUAL( 0, mbedtls_ecp_group_load( &grp, curve ) );
PSA_ASSERT( psa_crypto_init( ) );
TEST_EQUAL( 0, mbedtls_ecdsa_sign( &grp, &r, &s, &d,
buf, sizeof( buf ),
mbedtls_psa_get_random,
MBEDTLS_PSA_RANDOM_STATE ) );
exit:
mbedtls_mpi_free( &d );
mbedtls_mpi_free( &r );
mbedtls_mpi_free( &s );
mbedtls_ecp_group_free( &grp );
PSA_DONE( );
}
/* END_CASE */