michael/zephyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

crypto: remove deprecated tinycrypt

Browse Source 
Remove tinycrypt, it was deprecated in 4.0.

Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This commit is contained in:
Anas Nashif
2025-07-11 10:37:14 -04:00
parent 0fde156b9c
commit fec22fd85b
30 changed files with 2 additions and 14218 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
MAINTAINERS.yml
View File

@@ -5774,13 +5774,6 @@ West:
tests:
- thrift
"West project: tinycrypt":
status: odd fixes
files:
- modules/Kconfig.tinycrypt
labels:
- "area: Crypto / RNG"
"West project: trusted-firmware-a":
status: maintained
maintainers:

1
boards/st/stm32mp257f_ev1/stm32mp257f_ev1_stm32mp257fxx_m33.yaml
View File

@@ -14,7 +14,6 @@ testing:
- cmsis_rtos_v2
- net
- mpu
- tinycrypt
- crypto
- aes
- cmm

2
doc/_scripts/redirects.py
View File

@@ -96,7 +96,6 @@ REDIRECTS = [
('guides/coccinelle', 'develop/tools/coccinelle'),
('guides/code-relocation', 'kernel/code-relocation'),
('guides/crypto/index', 'services/crypto/index'),
('guides/crypto/tinycrypt', 'services/crypto/tinycrypt'),
('guides/device_mgmt/dfu', 'services/device_mgmt/dfu'),
('guides/device_mgmt/index', 'services/device_mgmt/index'),
('guides/device_mgmt/mcumgr', 'services/device_mgmt/mcumgr'),
@@ -307,7 +306,6 @@ REDIRECTS = [
('samples/subsys/video/capture/README', 'samples/drivers/video/capture/README'),
('samples/subsys/video/tcpserversink/README', 'samples/drivers/video/tcpserversink/README'),
('samples/subsys/video/video', 'samples/drivers/video/video'),
('services/crypto/tinycrypt', 'services/crypto/psa_crypto'),
('services/portability/posix', 'services/portability/posix/index'),
('services/secure_storage', 'services/storage/secure_storage/index'),
('services/settings/index', 'services/storage/settings/index'),

5
doc/services/crypto/random/index.rst
View File

@@ -14,9 +14,8 @@ FIPS 140-2 [NIST02]_ recommended algorithms. Hardware based random-number
generators (RNG) can be used on platforms with appropriate hardware support.
Platforms without hardware RNG support shall use the `CTR-DRBG algorithm
<https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf>`_.
The algorithm can be provided by `TinyCrypt <https://01.org/tinycrypt>`_
or `mbedTLS <https://tls.mbed.org/ctr-drbg-source-code>`_ depending on
your application performance and resource requirements.
The algorithm can be provided by `mbedTLS <https://tls.mbed.org/ctr-drbg-source-code>`_.
.. note::

1
modules/Kconfig
View File

@@ -41,7 +41,6 @@ source "modules/Kconfig.stm32"
source "modules/Kconfig.syst"
source "modules/Kconfig.telink"
source "modules/thrift/Kconfig"
source "modules/Kconfig.tinycrypt"
source "modules/Kconfig.vega"
source "modules/Kconfig.wurthelektronik"
source "modules/Kconfig.xtensa"

89
modules/Kconfig.tinycrypt
View File

@@ -1,89 +0,0 @@
# Cryptography primitive options for TinyCrypt version 2.0
# Copyright (c) 2015 Intel Corporation
# SPDX-License-Identifier: Apache-2.0
config ZEPHYR_TINYCRYPT_MODULE
bool
config TINYCRYPT
bool "TinyCrypt Support"
depends on ZEPHYR_TINYCRYPT_MODULE
select DEPRECATED
help
This option enables the TinyCrypt cryptography library.
if TINYCRYPT
config TINYCRYPT_CTR_PRNG
bool "PRNG in counter mode"
help
This option enables support for the pseudo-random number
generator in counter mode.
config TINYCRYPT_SHA256
bool "SHA-256 Hash function support"
help
This option enables support for SHA-256
hash function primitive.
config TINYCRYPT_SHA256_HMAC
bool "HMAC (via SHA256) message auth support"
depends on TINYCRYPT_SHA256
help
This option enables support for HMAC using SHA-256
message authentication code.
config TINYCRYPT_SHA256_HMAC_PRNG
bool "PRNG (via HMAC-SHA256) support"
depends on TINYCRYPT_SHA256_HMAC
help
This option enables support for pseudo-random number
generator.
config TINYCRYPT_ECC_DH
bool "ECC_DH anonymous key agreement protocol"
help
This option enables support for the Elliptic curve
Diffie-Hellman anonymous key agreement protocol.
Enabling ECC requires a cryptographically secure random number
generator.
config TINYCRYPT_ECC_DSA
bool "ECC_DSA digital signature algorithm"
help
This option enables support for the Elliptic Curve Digital
Signature Algorithm (ECDSA).
Enabling ECC requires a cryptographically secure random number
generator.
config TINYCRYPT_AES
bool "AES-128 decrypt/encrypt"
help
This option enables support for AES-128 decrypt and encrypt.
config TINYCRYPT_AES_CBC
bool "AES-128 block cipher"
depends on TINYCRYPT_AES
help
This option enables support for AES-128 block cipher mode.
config TINYCRYPT_AES_CTR
bool "AES-128 counter mode"
depends on TINYCRYPT_AES
help
This option enables support for AES-128 counter mode.
config TINYCRYPT_AES_CCM
bool "AES-128 CCM mode"
depends on TINYCRYPT_AES
help
This option enables support for AES-128 CCM mode.
config TINYCRYPT_AES_CMAC
bool "AES-128 CMAC mode"
depends on TINYCRYPT_AES
help
This option enables support for AES-128 CMAC mode.
endif

85
subsys/testsuite/include/zephyr/test_utils.h
View File

@@ -1,85 +0,0 @@
/* test_utils.h - TinyCrypt interface to common functions for tests */
/*
* Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* - Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef __TEST_UTILS_H__
#define __TEST_UTILS_H__
#include <zephyr/tc_util.h>
#include <tinycrypt/constants.h>
static inline void show_str(const char *label, const uint8_t *s, size_t len)
{
uint32_t i;
TC_PRINT("%s = ", label);
for (i = 0U; i < (uint32_t)len; ++i) {
TC_PRINT("%02x", s[i]);
}
TC_PRINT("\n");
}
static inline
void fatal(uint32_t testnum, const void *expected, size_t expectedlen,
const void *computed, size_t computedlen)
{
TC_ERROR("\tTest #%d Failed!\n", testnum);
show_str("\t\tExpected", expected, expectedlen);
show_str("\t\tComputed ", computed, computedlen);
TC_PRINT("\n");
}
static inline
uint32_t check_result(uint32_t testnum, const void *expected,
size_t expectedlen, const void *computed,
size_t computedlen, uint32_t verbose)
{
uint32_t result = TC_PASS;
ARG_UNUSED(verbose);
if (expectedlen != computedlen) {
TC_ERROR("The length of the computed buffer (%zu)",
computedlen);
TC_ERROR("does not match the expected length (%zu).",
expectedlen);
result = TC_FAIL;
} else {
if (memcmp(computed, expected, computedlen) != 0) {
fatal(testnum, expected, expectedlen,
computed, computedlen);
result = TC_FAIL;
}
}
return result;
}
#endif

8
tests/crypto/tinycrypt/CMakeLists.txt
View File

@@ -1,8 +0,0 @@
# SPDX-License-Identifier: Apache-2.0
cmake_minimum_required(VERSION 3.20.0)
find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
project(tinycrypt)
FILE(GLOB app_sources src/*.c)
target_sources(app PRIVATE ${app_sources})

60
tests/crypto/tinycrypt/README.txt
View File

@@ -1,60 +0,0 @@
Title: test_aes_ccm
Description:
This test verifies that the TinyCrypt AES APIs operate as expected.
--------------------------------------------------------------------------------
Building and Running Project:
This project outputs to the console. It can be built and executed
on QEMU as follows:
make run
--------------------------------------------------------------------------------
Troubleshooting:
Problems caused by out-dated project information can be addressed by
issuing one of the following commands then rebuilding the project:
make clean # discard results of previous builds
# but keep existing configuration info
or
make pristine # discard results of previous builds
# and restore pre-defined configuration info
--------------------------------------------------------------------------------
Sample Output:
tc_start() - Performing CCM tests:
Performing CCM test #1 (RFC 3610 test vector #1):
===================================================================
PASS - do_test.
Performing CCM test #2 (RFC 3610 test vector #2):
===================================================================
PASS - do_test.
Performing CCM test #3 (RFC 3610 test vector #3):
===================================================================
PASS - do_test.
Performing CCM test #4 (RFC 3610 test vector #7):
===================================================================
PASS - do_test.
Performing CCM test #5 (RFC 3610 test vector #8):
===================================================================
PASS - do_test.
Performing CCM test #6 (RFC 3610 test vector #9):
===================================================================
PASS - do_test.
Performing CCM test #7 (no associated data):
===================================================================
PASS - test_ccm_vector_7.
Performing CCM test #8 (no payload data):
===================================================================
PASS - test_ccm_vector_8.
All CCM tests succeeded!
===================================================================
PASS - main.
===================================================================
PROJECT EXECUTION SUCCESSFUL

15
tests/crypto/tinycrypt/prj.conf
View File

@@ -1,15 +0,0 @@
CONFIG_TINYCRYPT=y
CONFIG_TINYCRYPT_AES=y
CONFIG_TINYCRYPT_SHA256=y
CONFIG_TINYCRYPT_SHA256_HMAC=y
CONFIG_TINYCRYPT_AES_CCM=y
CONFIG_TINYCRYPT_AES_CTR=y
CONFIG_TINYCRYPT_AES_CBC=y
CONFIG_TINYCRYPT_AES_CMAC=y
CONFIG_TINYCRYPT_CTR_PRNG=y
CONFIG_ENTROPY_GENERATOR=y
CONFIG_TEST_RANDOM_GENERATOR=y
CONFIG_TINYCRYPT_ECC_DH=y
CONFIG_TINYCRYPT_ECC_DSA=y
CONFIG_ZTEST_STACK_SIZE=5120
CONFIG_ZTEST=y

2032
tests/crypto/tinycrypt/src/aes.c
View File

File diff suppressed because it is too large Load Diff

149
tests/crypto/tinycrypt/src/cbc_mode.c
View File

@@ -1,149 +0,0 @@
/* test_cbc_mode.c - TinyCrypt implementation of some AES-CBC tests */
/*
* Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* - Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* DESCRIPTION
* This module tests the following AES-CBC Mode routines:
* Scenarios tested include:
* - AES128 CBC mode encryption SP 800-38a tests
*/
#include <tinycrypt/cbc_mode.h>
#include <tinycrypt/constants.h>
#include <zephyr/test_utils.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <zephyr/ztest.h>
/*
* NIST test vectors from SP 800-38a:
*
* Block #1
* Plaintext 6bc1bee22e409f96e93d7e117393172a
* Input Block 6bc0bce12a459991e134741a7f9e1925
* Output Block 7649abac8119b246cee98e9b12e9197d
* Ciphertext 7649abac8119b246cee98e9b12e9197d
* Block #2
* Plaintext ae2d8a571e03ac9c9eb76fac45af8e51
* Input Block d86421fb9f1a1eda505ee1375746972c
* Output Block 5086cb9b507219ee95db113a917678b2
* Ciphertext 5086cb9b507219ee95db113a917678b2
* Block #3
* Plaintext 30c81c46a35ce411e5fbc1191a0a52ef
* Input Block 604ed7ddf32efdff7020d0238b7c2a5d
* Output Block 73bed6b8e3c1743b7116e69e22229516
* Ciphertext 73bed6b8e3c1743b7116e69e22229516
* Block #4
* Plaintext f69f2445df4f9b17ad2b417be66c3710
* Input Block 8521f2fd3c8eef2cdc3da7e5c44ea206
* Output Block 3ff1caa1681fac09120eca307586e1a7
* Ciphertext 3ff1caa1681fac09120eca307586e1a7
*/
const uint8_t key[16] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88,
0x09, 0xcf, 0x4f, 0x3c
};
const uint8_t iv[16] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
0x0c, 0x0d, 0x0e, 0x0f
};
const uint8_t plaintext[64] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11,
0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46,
0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b,
0xe6, 0x6c, 0x37, 0x10
};
const uint8_t ciphertext[80] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
0x0c, 0x0d, 0x0e, 0x0f, 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46,
0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d, 0x50, 0x86, 0xcb, 0x9b,
0x50, 0x72, 0x19, 0xee, 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b, 0x71, 0x16, 0xe6, 0x9e,
0x22, 0x22, 0x95, 0x16, 0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7
};
/*
* NIST SP 800-38a CBC Test for encryption and decryption.
*/
ZTEST(tinycrypt, test_cbc_sp_800_38a_encrypt_decrypt)
{
TC_PRINT("Performing CBC tests:\n");
struct tc_aes_key_sched_struct a;
uint8_t iv_buffer[16];
uint8_t encrypted[80];
uint8_t decrypted[64];
uint8_t *p;
uint32_t length;
int result = TC_PASS;
(void)tc_aes128_set_encrypt_key(&a, key);
(void)memcpy(iv_buffer, iv, TC_AES_BLOCK_SIZE);
TC_PRINT("CBC test #1 (encryption SP 800-38a tests):\n");
/**TESTPOINT: Check test 1*/
zassert_true(tc_cbc_mode_encrypt(encrypted,
sizeof(plaintext) + TC_AES_BLOCK_SIZE,
plaintext, sizeof(plaintext), iv_buffer, &a),
"CBC test #1 (encryption SP 800-38a tests) failed");
result = check_result(1, ciphertext, sizeof(encrypted),
encrypted, sizeof(encrypted), 1);
zassert_false(result, "CBC test #1 failed.");
TC_PRINT("CBC test #2 (decryption SP 800-38a tests):\n");
(void)tc_aes128_set_decrypt_key(&a, key);
p = &encrypted[TC_AES_BLOCK_SIZE];
length = ((uint32_t) sizeof(encrypted)) - TC_AES_BLOCK_SIZE;
/**TESTPOINT: Check test 2*/
zassert_true(tc_cbc_mode_decrypt(decrypted,
length, p, length, encrypted,
&a), "CBC test #2 (decryption SP 800-38a tests) failed");
result = check_result(2, plaintext, sizeof(decrypted),
decrypted, sizeof(decrypted), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "CBC test #2 failed.");
}

470
tests/crypto/tinycrypt/src/ccm_mode.c
View File

@@ -1,470 +0,0 @@
/* test_ccm_mode.c - TinyCrypt AES-CCM tests (RFC 3610 tests) */
/*
* Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* - Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* DESCRIPTION
* This module tests the following AES-CCM Mode routines:
*
* Scenarios tested include:
* - AES128 CCM mode encryption RFC 3610 test vector #1
* - AES128 CCM mode encryption RFC 3610 test vector #2
* - AES128 CCM mode encryption RFC 3610 test vector #3
* - AES128 CCM mode encryption RFC 3610 test vector #7
* - AES128 CCM mode encryption RFC 3610 test vector #8
* - AES128 CCM mode encryption RFC 3610 test vector #9
* - AES128 CCM mode encryption No associated data
* - AES128 CCM mode encryption No payload data
*/
#include <tinycrypt/ccm_mode.h>
#include <tinycrypt/constants.h>
#include <zephyr/test_utils.h>
#include <zephyr/ztest.h>
#include <string.h>
#define CIPHERTEXT_LEN 50
#define DECRYPTED_LEN 25
#define NUM_NIST_KEYS 16
#define NONCE_LEN 13
#define HEADER_LEN 8
#define M_LEN8 8
#define M_LEN10 10
#define DATA_BUF_LEN23 23
#define DATA_BUF_LEN24 24
#define DATA_BUF_LEN25 25
#define EXPECTED_BUF_LEN31 31
#define EXPECTED_BUF_LEN32 32
#define EXPECTED_BUF_LEN33 33
#define EXPECTED_BUF_LEN34 34
#define EXPECTED_BUF_LEN35 35
uint32_t do_test(const uint8_t *key,
uint8_t *nonce, size_t nlen,
const uint8_t *hdr, size_t hlen,
const uint8_t *data, size_t dlen,
const uint8_t *expected, size_t elen,
const int mlen)
{
uint32_t result = TC_PASS;
uint8_t ciphertext[CIPHERTEXT_LEN];
uint8_t decrypted[DECRYPTED_LEN];
struct tc_ccm_mode_struct c;
struct tc_aes_key_sched_struct sched;
tc_aes128_set_encrypt_key(&sched, key);
result = tc_ccm_config(&c, &sched, nonce, nlen, mlen);
/**TESTPOINT: Check CCM config*/
zassert_true(result, "CCM config failed");
result = tc_ccm_generation_encryption(ciphertext, sizeof(ciphertext),
hdr, hlen, data, dlen, &c);
/**TESTPOINT: Check CCM encrypt*/
zassert_true(result, "ccm_encrypt failed");
/**TESTPOINT: Verify ciphertext*/
if (memcmp(expected, ciphertext, elen) != 0) {
show_str("\t\tExpected", expected, elen);
show_str("\t\tComputed", ciphertext, elen);
/**ASSERTION: Signal wrong output and assert*/
zassert_true(0, "ccm_encrypt produced wrong ciphertext");
}
result = tc_ccm_decryption_verification(decrypted, sizeof(decrypted),
hdr, hlen, ciphertext,
dlen + mlen, &c);
/**TESTPOINT: Check decryption*/
if (result == 0U) {
show_str("\t\tExpected", data, dlen);
show_str("\t\tComputed", decrypted, sizeof(decrypted));
/**ASSERTION: Decrypt failed, so exit by assert*/
zassert_true(0, "ccm_decrypt failed");
}
result = TC_PASS;
return result;
}
ZTEST(tinycrypt, test_ccm_vector_1)
{
uint32_t result = TC_PASS;
/* RFC 3610 test vector #1 */
const uint8_t key[NUM_NIST_KEYS] = {
0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
};
uint8_t nonce[NONCE_LEN] = {
0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0,
0xa1, 0xa2, 0xa3, 0xa4, 0xa5
};
const uint8_t hdr[HEADER_LEN] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
};
const uint8_t data[DATA_BUF_LEN23] = {
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e
};
const uint8_t expected[EXPECTED_BUF_LEN31] = {
0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2,
0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80,
0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84, 0x17,
0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0
};
uint16_t mlen = M_LEN8;
TC_PRINT("%s: Performing CCM test #1 (RFC 3610 test vector #1):\n",
__func__);
result = do_test(key, nonce, sizeof(nonce), hdr, sizeof(hdr),
data, sizeof(data), expected, sizeof(expected), mlen);
/**TESTPOINT: Check result*/
zassert_false(result, "CCM test #1 (RFC 3610 test vector #1) failed.");
}
ZTEST(tinycrypt, test_ccm_vector_2)
{
uint32_t result = TC_PASS;
/* RFC 3610 test vector #2 */
const uint8_t key[NUM_NIST_KEYS] = {
0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
};
uint8_t nonce[NONCE_LEN] = {
0x00, 0x00, 0x00, 0x04, 0x03, 0x02, 0x01, 0xa0,
0xa1, 0xa2, 0xa3, 0xa4, 0xa5
};
const uint8_t hdr[HEADER_LEN] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
};
const uint8_t data[DATA_BUF_LEN24] = {
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
};
const uint8_t expected[EXPECTED_BUF_LEN32] = {
0x72, 0xc9, 0x1a, 0x36, 0xe1, 0x35, 0xf8, 0xcf,
0x29, 0x1c, 0xa8, 0x94, 0x08, 0x5c, 0x87, 0xe3,
0xcc, 0x15, 0xc4, 0x39, 0xc9, 0xe4, 0x3a, 0x3b,
0xa0, 0x91, 0xd5, 0x6e, 0x10, 0x40, 0x09, 0x16
};
uint16_t mlen = M_LEN8;
TC_PRINT("%s: Performing CCM test #2 (RFC 3610 test vector #2):\n",
__func__);
result = do_test(key, nonce, sizeof(nonce), hdr, sizeof(hdr),
data, sizeof(data), expected, sizeof(expected), mlen);
/**TESTPOINT: Check result*/
zassert_false(result, "CCM test #2 failed.");
}
ZTEST(tinycrypt, test_ccm_vector_3)
{
uint32_t result = TC_PASS;
/* RFC 3610 test vector #3 */
const uint8_t key[NUM_NIST_KEYS] = {
0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
};
uint8_t nonce[NONCE_LEN] = {
0x00, 0x00, 0x00, 0x05, 0x04, 0x03, 0x02, 0xa0,
0xa1, 0xa2, 0xa3, 0xa4, 0xa5
};
const uint8_t hdr[HEADER_LEN] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
};
const uint8_t data[DATA_BUF_LEN25] = {
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
0x20
};
const uint8_t expected[EXPECTED_BUF_LEN33] = {
0x51, 0xb1, 0xe5, 0xf4, 0x4a, 0x19, 0x7d, 0x1d,
0xa4, 0x6b, 0x0f, 0x8e, 0x2d, 0x28, 0x2a, 0xe8,
0x71, 0xe8, 0x38, 0xbb, 0x64, 0xda, 0x85, 0x96,
0x57, 0x4a, 0xda, 0xa7, 0x6f, 0xbd, 0x9f, 0xb0,
0xc5
};
uint16_t mlen = M_LEN8;
TC_PRINT("%s: Performing CCM test #3 (RFC 3610 test vector #3):\n",
__func__);
result = do_test(key, nonce, sizeof(nonce), hdr, sizeof(hdr), data,
sizeof(data), expected, sizeof(expected), mlen);
/**TESTPOINT: Check result*/
zassert_false(result, "CCM test #3 failed.");
}
ZTEST(tinycrypt, test_ccm_vector_4)
{
uint32_t result = TC_PASS;
/* RFC 3610 test vector #7 */
const uint8_t key[NUM_NIST_KEYS] = {
0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
};
uint8_t nonce[NONCE_LEN] = {
0x00, 0x00, 0x00, 0x09, 0x08, 0x07, 0x06, 0xa0,
0xa1, 0xa2, 0xa3, 0xa4, 0xa5
};
const uint8_t hdr[HEADER_LEN] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
};
const uint8_t data[DATA_BUF_LEN23] = {
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e
};
const uint8_t expected[EXPECTED_BUF_LEN33] = {
0x01, 0x35, 0xD1, 0xB2, 0xC9, 0x5F, 0x41, 0xD5,
0xD1, 0xD4, 0xFE, 0xC1, 0x85, 0xD1, 0x66, 0xB8,
0x09, 0x4E, 0x99, 0x9D, 0xFE, 0xD9, 0x6C, 0x04,
0x8C, 0x56, 0x60, 0x2C, 0x97, 0xAC, 0xBB, 0x74,
0x90
};
uint16_t mlen = M_LEN10;
TC_PRINT("%s: Performing CCM test #4 (RFC 3610 test vector #7):\n",
__func__);
result = do_test(key, nonce, sizeof(nonce), hdr, sizeof(hdr),
data, sizeof(data), expected, sizeof(expected), mlen);
/**TESTPOINT: Check result*/
zassert_false(result, "CCM test #4 failed.");
}
ZTEST(tinycrypt, test_ccm_vector_5)
{
uint32_t result = TC_PASS;
/* RFC 3610 test vector #8 */
const uint8_t key[NUM_NIST_KEYS] = {
0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7,
0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF
};
uint8_t nonce[NONCE_LEN] = {
0x00, 0x00, 0x00, 0x0A, 0x09, 0x08, 0x07, 0xA0,
0xA1, 0xA2, 0xA3, 0xA4, 0xA5
};
const uint8_t hdr[HEADER_LEN] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
};
const uint8_t data[DATA_BUF_LEN24] = {
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
};
const uint8_t expected[EXPECTED_BUF_LEN34] = {
0x7B, 0x75, 0x39, 0x9A, 0xC0, 0x83, 0x1D, 0xD2,
0xF0, 0xBB, 0xD7, 0x58, 0x79, 0xA2, 0xFD, 0x8F,
0x6C, 0xAE, 0x6B, 0x6C, 0xD9, 0xB7, 0xDB, 0x24,
0xC1, 0x7B, 0x44, 0x33, 0xF4, 0x34, 0x96, 0x3F,
0x34, 0xB4
};
uint16_t mlen = M_LEN10;
TC_PRINT("%s: Performing CCM test #5 (RFC 3610 test vector #8):\n",
__func__);
result = do_test(key, nonce, sizeof(nonce), hdr, sizeof(hdr),
data, sizeof(data), expected, sizeof(expected), mlen);
/**TESTPOINT: Check result*/
zassert_false(result, "CCM test #5 failed.");
}
ZTEST(tinycrypt, test_ccm_vector_6)
{
uint32_t result = TC_PASS;
/* RFC 3610 test vector #9 */
const uint8_t key[NUM_NIST_KEYS] = {
0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7,
0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF
};
uint8_t nonce[NONCE_LEN] = {
0x00, 0x00, 0x00, 0x0B, 0x0A, 0x09, 0x08, 0xA0,
0xA1, 0xA2, 0xA3, 0xA4, 0xA5
};
const uint8_t hdr[HEADER_LEN] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
};
const uint8_t data[DATA_BUF_LEN25] = {
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
0x20
};
const uint8_t expected[EXPECTED_BUF_LEN35] = {
0x82, 0x53, 0x1a, 0x60, 0xCC, 0x24, 0x94, 0x5a,
0x4b, 0x82, 0x79, 0x18, 0x1a, 0xb5, 0xc8, 0x4d,
0xf2, 0x1c, 0xe7, 0xf9, 0xb7, 0x3f, 0x42, 0xe1,
0x97, 0xea, 0x9c, 0x07, 0xe5, 0x6b, 0x5e, 0xb1,
0x7e, 0x5f, 0x4e
};
uint16_t mlen = M_LEN10;
TC_PRINT("%s: Performing CCM test #6 (RFC 3610 test vector #9):\n",
__func__);
result = do_test(key, nonce, sizeof(nonce), hdr, sizeof(hdr),
data, sizeof(data), expected, sizeof(expected), mlen);
/**TESTPOINT: Check result*/
zassert_false(result, "CCM test #6 failed.");
}
ZTEST(tinycrypt, test_ccm_vector_7)
{
uint32_t result = TC_PASS;
/* Test based on RFC 3610 test vector #9 but with no associated data */
const uint8_t key[NUM_NIST_KEYS] = {
0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7,
0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF
};
uint8_t nonce[NONCE_LEN] = {
0x00, 0x00, 0x00, 0x0B, 0x0A, 0x09, 0x08, 0xA0,
0xA1, 0xA2, 0xA3, 0xA4, 0xA5
};
uint8_t *hdr = NULL;
uint8_t data[DATA_BUF_LEN25] = {
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
0x20
};
struct tc_ccm_mode_struct c;
struct tc_aes_key_sched_struct sched;
uint8_t decrypted[DECRYPTED_LEN];
uint8_t ciphertext[CIPHERTEXT_LEN];
uint16_t mlen = M_LEN10;
TC_PRINT("%s: Performing CCM test #7 (no associated data):\n",
__func__);
tc_aes128_set_encrypt_key(&sched, key);
/**TESTPOINT: Check CCM configuration*/
zassert_true(tc_ccm_config(&c, &sched, nonce, sizeof(nonce), mlen),
"ccm_config failed");
result = tc_ccm_generation_encryption(ciphertext, sizeof(ciphertext),
hdr, 0, data, sizeof(data), &c);
/**TESTPOINT: Check CCM encryption*/
zassert_true(result, "ccm_encryption failed");
result = tc_ccm_decryption_verification(decrypted, sizeof(decrypted),
hdr, 0, ciphertext,
sizeof(data) + mlen, &c);
if (result == 0U) {
TC_ERROR("ccm_decrypt failed in %s.\n", __func__);
show_str("\t\tExpected", data, sizeof(data));
show_str("\t\tComputed", decrypted, sizeof(decrypted));
/**TESTPOINT: Check CCM decryption, and assert*/
zassert_true(result, "ccm_decryption failed");
}
result = TC_PASS;
/**TESTPOINT: Check result*/
zassert_false(result, "CCM test #7 failed.");
}
ZTEST(tinycrypt, test_ccm_vector_8)
{
uint32_t result = TC_PASS;
/* Test based on RFC 3610 test vector #9 but with no payload data */
const uint8_t key[NUM_NIST_KEYS] = {
0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7,
0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF
};
uint8_t nonce[NONCE_LEN] = {
0x00, 0x00, 0x00, 0x0B, 0x0A, 0x09, 0x08, 0xA0,
0xA1, 0xA2, 0xA3, 0xA4, 0xA5
};
const uint8_t hdr[8] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
};
uint8_t data[] = {};
struct tc_ccm_mode_struct c;
struct tc_aes_key_sched_struct sched;
uint8_t decrypted[DECRYPTED_LEN];
uint8_t ciphertext[CIPHERTEXT_LEN];
uint16_t mlen = M_LEN10;
TC_PRINT("%s: Performing CCM test #8 (no payload data):\n", __func__);
tc_aes128_set_encrypt_key(&sched, key);
/**TESTPOINT: Check CCM configuration*/
zassert_true(tc_ccm_config(&c, &sched, nonce, sizeof(nonce), mlen),
"CCM config failed");
result = tc_ccm_generation_encryption(ciphertext, sizeof(ciphertext),
hdr, sizeof(hdr), data,
sizeof(data), &c);
/**TESTPOINT: Check CCM encryption*/
zassert_true(result, "ccm_encrypt failed");
result = tc_ccm_decryption_verification(decrypted, sizeof(decrypted),
hdr, sizeof(hdr),
ciphertext, mlen, &c);
/**TESTPOINT: Check CCM decryption*/
if (result == 0U) {
show_str("\t\tExpected", data, sizeof(data));
show_str("\t\tComputed", decrypted, sizeof(decrypted));
/**ASSERTION: Decrypt failed, so exit by assert*/
zassert_true(0, "ccm_decrypt failed");
}
result = TC_PASS;
/**TESTPOINT: Check result*/
zassert_false(result, "CCM test #8 (no payload data) failed.");
}

295
tests/crypto/tinycrypt/src/cmac_mode.c
View File

@@ -1,295 +0,0 @@
/* test_cmac_mode.c - TinyCrypt AES-CMAC tests (including SP 800-38B tests) */
/*
* Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* - Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* DESCRIPTION
* This module tests the following AES-CMAC test (including SP 800-38B):
*
* Scenarios tested include:
* - CMAC test #1 (GF(2^128) double))
* - CMAC test #2 null msg (SP 800-38B test vector #1)
* - CMAC test #3 1 block msg (SP 800-38B test vector #2)
* - CMAC test #4 320 bit msg (SP 800-38B test vector #3)
* - CMAC test #5 512 bit msg(SP 800-38B test vector #4)
*/
#include <tinycrypt/cmac_mode.h>
#include <tinycrypt/constants.h>
#include <tinycrypt/aes.h>
#include <zephyr/test_utils.h>
#include <stdio.h>
#include <string.h>
#include <zephyr/ztest.h>
#define BUF_LEN 16
static void show(const char *label, const uint8_t *s, size_t slen)
{
uint32_t i;
TC_PRINT("%s\t", label);
for (i = 0U; i < slen; ++i) {
TC_PRINT("%02x", s[i]);
}
TC_PRINT("\n");
}
extern void gf_double(uint8_t *out, uint8_t *in);
static uint32_t verify_gf_2_128_double(uint8_t *K1, uint8_t *K2, struct tc_cmac_struct s)
{
uint32_t result = TC_PASS;
TC_PRINT("Performing CMAC test #1 (GF(2^128) double):\n");
uint8_t zero[BUF_LEN];
uint8_t L[BUF_LEN];
const uint8_t l[BUF_LEN] = {
0x7d, 0xf7, 0x6b, 0x0c, 0x1a, 0xb8, 0x99, 0xb3,
0x3e, 0x42, 0xf0, 0x47, 0xb9, 0x1b, 0x54, 0x6f
};
const uint8_t k1[BUF_LEN] = {
0xfb, 0xee, 0xd6, 0x18, 0x35, 0x71, 0x33, 0x66,
0x7c, 0x85, 0xe0, 0x8f, 0x72, 0x36, 0xa8, 0xde
};
const uint8_t k2[BUF_LEN] = {
0xf7, 0xdd, 0xac, 0x30, 0x6a, 0xe2, 0x66, 0xcc,
0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b
};
(void) memset(zero, '\0', sizeof(zero));
tc_aes_encrypt(L, zero, s.sched);
if (memcmp(L, l, BUF_LEN) != 0) {
TC_ERROR("%s: AES encryption failed\n", __func__);
show("expected L =", l, sizeof(l));
show("computed L =", L, sizeof(L));
return TC_FAIL;
}
gf_double(K1, L);
if (memcmp(K1, k1, BUF_LEN) != 0) {
TC_ERROR("%s: gf_2_128_double failed when msb = 0\n", __func__);
show("expected K1 =", k1, sizeof(k1));
show("computed K1 =", K1, sizeof(k1));
return TC_FAIL;
}
gf_double(K2, K1);
if (memcmp(K2, k2, BUF_LEN) != 0) {
TC_ERROR("%s: gf_2_128_double failed when msb = 1\n", __func__);
show("expected K2 =", k2, sizeof(k2));
show("computed K2 =", K2, sizeof(k2));
return TC_FAIL;
}
return result;
}
static uint32_t verify_cmac_null_msg(TCCmacState_t s)
{
uint32_t result = TC_PASS;
TC_PRINT("Performing CMAC test #2 (SP 800-38B test vector #1):\n");
const uint8_t tag[BUF_LEN] = {
0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
};
uint8_t Tag[BUF_LEN];
(void) tc_cmac_init(s);
(void) tc_cmac_update(s, (const uint8_t *) 0, 0);
(void) tc_cmac_final(Tag, s);
if (memcmp(Tag, tag, BUF_LEN) != 0) {
TC_ERROR("%s: aes_cmac failed with null msg = 1\n", __func__);
show("expected Tag =", tag, sizeof(tag));
show("computed Tag =", Tag, sizeof(Tag));
return TC_FAIL;
}
return result;
}
static uint32_t verify_cmac_1_block_msg(TCCmacState_t s)
{
uint32_t result = TC_PASS;
TC_PRINT("Performing CMAC test #3 (SP 800-38B test vector #2):\n");
const uint8_t msg[BUF_LEN] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
};
const uint8_t tag[BUF_LEN] = {
0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
};
uint8_t Tag[BUF_LEN];
(void) tc_cmac_init(s);
(void) tc_cmac_update(s, msg, sizeof(msg));
(void) tc_cmac_final(Tag, s);
if (memcmp(Tag, tag, BUF_LEN) != 0) {
TC_ERROR("%s: aes_cmac failed with 1 block msg\n", __func__);
show("aes_cmac failed with 1 block msg =", msg, sizeof(msg));
show("expected Tag =", tag, sizeof(tag));
show("computed Tag =", Tag, sizeof(Tag));
return TC_FAIL;
}
return result;
}
static uint32_t verify_cmac_320_bit_msg(TCCmacState_t s)
{
uint32_t result = TC_PASS;
TC_PRINT("Performing CMAC test #4 (SP 800-38B test vector #3):\n");
const uint8_t msg[40] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
};
const uint8_t tag[BUF_LEN] = {
0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27
};
uint8_t Tag[BUF_LEN];
(void) tc_cmac_init(s);
(void) tc_cmac_update(s, msg, sizeof(msg));
(void) tc_cmac_final(Tag, s);
if (memcmp(Tag, tag, BUF_LEN) != 0) {
TC_ERROR("%s: aes_cmac failed with 320 bit msg\n", __func__);
show("aes_cmac failed with 320 bit msg =", msg, sizeof(msg));
show("expected Tag =", tag, sizeof(tag));
show("computed Tag =", Tag, sizeof(Tag));
return TC_FAIL;
}
return result;
}
static uint32_t verify_cmac_512_bit_msg(TCCmacState_t s)
{
uint32_t result = TC_PASS;
TC_PRINT("Performing CMAC test #5 (SP 800-38B test vector #4)\n");
const uint8_t msg[64] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
};
const uint8_t tag[BUF_LEN] = {
0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
};
uint8_t Tag[BUF_LEN];
(void)tc_cmac_init(s);
(void)tc_cmac_update(s, msg, sizeof(msg));
(void)tc_cmac_final(Tag, s);
if (memcmp(Tag, tag, BUF_LEN) != 0) {
TC_ERROR("%s: aes_cmac failed with 512 bit msg\n", __func__);
show("aes_cmac failed with 512 bit msg =", msg, sizeof(msg));
show("expected Tag =", tag, sizeof(tag));
show("computed Tag =", Tag, sizeof(Tag));
return TC_FAIL;
}
return result;
}
/*
* Main task to test CMAC
*/
ZTEST(tinycrypt, test_cmac_mode)
{
uint32_t result = TC_PASS;
struct tc_cmac_struct state;
struct tc_aes_key_sched_struct sched;
const uint8_t key[BUF_LEN] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
};
uint8_t K1[BUF_LEN], K2[BUF_LEN];
(void) tc_cmac_setup(&state, key, &sched);
result = verify_gf_2_128_double(K1, K2, state);
/**TESTPOINT: Check result - test 1*/
zassert_false(result, "CMAC test #1 (128 double) failed");
(void) tc_cmac_setup(&state, key, &sched);
result = verify_cmac_null_msg(&state);
/**TESTPOINT: Check result - test 2*/
zassert_false(result, "CMAC test #2 (null msg) failed");
(void) tc_cmac_setup(&state, key, &sched);
result = verify_cmac_1_block_msg(&state);
/**TESTPOINT: Check result - test 3*/
zassert_false(result, "CMAC test #1 (1 block msg) failed");
(void) tc_cmac_setup(&state, key, &sched);
result = verify_cmac_320_bit_msg(&state);
/**TESTPOINT: Check result - test 4*/
zassert_false(result, "CMAC test #1 (320 bit msg) failed");
(void) tc_cmac_setup(&state, key, &sched);
result = verify_cmac_512_bit_msg(&state);
/**TESTPOINT: Check result - test 5*/
zassert_false(result, "CMAC test #1 (512 bit msg) failed");
TC_PRINT("All CMAC tests succeeded!\n");
}

128
tests/crypto/tinycrypt/src/ctr_mode.c
View File

@@ -1,128 +0,0 @@
/* test_ctr_mode.c - TinyCrypt implementation of some AES-CTR tests */
/*
* Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* - Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* DESCRIPTION
* This module tests the following AES-CTR Mode routines:
* Scenarios tested include:
* - AES128 CTR mode encryption SP 800-38a tests
*/
#include <tinycrypt/ctr_mode.h>
#include <tinycrypt/constants.h>
#include <zephyr/test_utils.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <zephyr/ztest.h>
/*
* NIST SP 800-38a CTR Test for encryption and decryption.
*/
void test_ctr_sp_800_38a_encrypt_decrypt(void)
{
TC_PRINT("Performing CTR tests:\n");
const uint8_t key[16] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7,
0x15, 0x88,
0x09, 0xcf, 0x4f, 0x3c
};
uint8_t ctr[16] = {
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9,
0xfa, 0xfb,
0xfc, 0xfd, 0xfe, 0xff
};
const uint8_t plaintext[64] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d,
0x7e, 0x11,
0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03,
0xac, 0x9c,
0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8,
0x1c, 0x46,
0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a,
0x52, 0xef,
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b,
0x41, 0x7b,
0xe6, 0x6c, 0x37, 0x10
};
const uint8_t ciphertext[80] = {
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9,
0xfa, 0xfb,
0xfc, 0xfd, 0xfe, 0xff, 0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20,
0xe3, 0x26,
0x1b, 0xef, 0x68, 0x64, 0x99, 0x0d, 0xb6, 0xce, 0x98, 0x06,
0xf6, 0x6b,
0x79, 0x70, 0xfd, 0xff, 0x86, 0x17, 0x18, 0x7b, 0xb9, 0xff,
0xfd, 0xff,
0x5a, 0xe4, 0xdf, 0x3e, 0xdb, 0xd5, 0xd3, 0x5e, 0x5b, 0x4f,
0x09, 0x02,
0x0d, 0xb0, 0x3e, 0xab, 0x1e, 0x03, 0x1d, 0xda, 0x2f, 0xbe,
0x03, 0xd1,
0x79, 0x21, 0x70, 0xa0, 0xf3, 0x00, 0x9c, 0xee
};
struct tc_aes_key_sched_struct sched;
uint8_t out[80];
uint8_t decrypted[64];
uint32_t result = TC_PASS;
TC_PRINT("CTR test #1 (encryption SP 800-38a tests):\n");
(void)tc_aes128_set_encrypt_key(&sched, key);
(void)memcpy(out, ctr, sizeof(ctr));
/**TESTPOINT: Check test 1 result*/
zassert_true(tc_ctr_mode(&out[TC_AES_BLOCK_SIZE],
sizeof(plaintext), plaintext, sizeof(plaintext),
ctr, &sched),
"CTR test #1 (encryption SP 800-38a tests) failed");
result = check_result(1, ciphertext, sizeof(out), out, sizeof(out), 1);
TC_PRINT("CTR test #2 (decryption SP 800-38a tests):\n");
(void)memcpy(ctr, out, sizeof(ctr));
/**TESTPOINT: Check test 2 result*/
zassert_true(tc_ctr_mode(decrypted, sizeof(decrypted),
&out[TC_AES_BLOCK_SIZE], sizeof(decrypted),
ctr, &sched),
"CTR test #2 (decryption SP 800-38a tests) failed");
result = check_result(2, plaintext, sizeof(plaintext),
decrypted, sizeof(plaintext), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "CBC test #1 failed");
TC_PRINT("All CTR tests succeeded!\n");
}

558
tests/crypto/tinycrypt/src/ctr_prng.c
View File

@@ -1,558 +0,0 @@
/* test_ctr_prng.c - TinyCrypt implementation of some CTR-PRNG tests */
/*
* Copyright (c) 2016, Chris Morrison, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* * Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* * Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* DESCRIPTION
* This module tests the CTR-PRNG routines
*/
#include <tinycrypt/ctr_prng.h>
#include <tinycrypt/aes.h>
#include <tinycrypt/constants.h>
#include <zephyr/test_utils.h>
#include <stdio.h>
#include <string.h>
#include <zephyr/ztest.h>
#define MAX_EXPECTED_STRING 128
#define MAX_BIN_SIZE (MAX_EXPECTED_STRING / 2)
uint8_t per[MAX_BIN_SIZE];
uint8_t ai1[MAX_BIN_SIZE];
uint8_t ai2[MAX_BIN_SIZE];
struct prng_vector {
char *entropy;
char *personal; /* may be null */
char *extra1; /* may be null */
char *extra2; /* may be null */
char *expected;
};
/* vectors taken from NIST CAVS 14.3 CTR_DRBG.rsp */
struct prng_vector vectors[] = {
/*
* AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
* NonceLen = 0, PersonalizationStringLen = 0, AdditionalInputLen = 0,
* ReturnedBitsLen = 512
*/
{ /* Count 0 */
"ce50f33da5d4c1d3d4004eb35244b7f2cd7f2e5076fbf6780a7ff634b249a5fc",
0,
0,
0,
"6545c0529d372443b392ceb3ae3a99a30f963eaf313280f1d1a1e87f9db373d361e75d"
"18018266499cccd64d9bbb8de0185f213383080faddec46bae1f784e5a",
},
{ /* Count 1 */
"a385f70a4d450321dfd18d8379ef8e7736fee5fbf0a0aea53b76696094e8aa93",
0,
0,
0,
"1a062553ab60457ed1f1c52f5aca5a3be564a27545358c112ed92c6eae2cb7597cfcc2"
"e0a5dd81c5bfecc941da5e8152a9010d4845170734676c8c1b6b3073a5",
},
/*
* AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
* NonceLen = 0, PersonalizationStringLen = 0, AdditionalInputLen = 256,
* ReturnedBitsLen = 512
*/
{ /* Count 0 */
"6bd4f2ae649fc99350951ff0c5d460c1a9214154e7384975ee54b34b7cae0704",
0,
"ecd4893b979ac92db1894ae3724518a2f78cf2dbe2f6bbc6fda596df87c7a4ae",
"b23e9188687c88768b26738862c4791fa52f92502e1f94bf66af017c4228a0dc",
"5b2bf7a5c60d8ab6591110cbd61cd387b02de19784f496d1a109123d8b3562a5de2dd6"
"d5d1aef957a6c4f371cecd93c15799d82e34d6a0dba7e915a27d8e65f3",
},
{ /* Count 1 */
"e2addbde2a76e769fc7aa3f45b31402f482b73bbe7067ad6254621f06d3ef68b",
0,
"ad11643b019e31245e4ea41f18f7680458310580fa6efad275c5833e7f800dae",
"b5d849616b3123c9725d188cd0005003220768d1200f9e7cc29ef6d88afb7b9a",
"132d0d50c8477a400bb8935be5928f916a85da9ffcf1a8f6e9f9a14cca861036cda14c"
"f66d8953dab456b632cf687cd539b4b807926561d0b3562b9d3334fb61",
},
/*
* AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
* NonceLen = 0, PersonalizationStringLen = 256, AdditionalInputLen = 0,
* ReturnedBitsLen = 512
*/
{ /* Count 0 */
"cee23de86a69c7ef57f6e1e12bd16e35e51624226fa19597bf93ec476a44b0f2",
"a2ef16f226ea324f23abd59d5e3c660561c25e73638fe21c87566e86a9e04c3e",
0,
0,
"2a76d71b329f449c98dc08fff1d205a2fbd9e4ade120c7611c225c984eac8531288dd3"
"049f3dc3bb3671501ab8fbf9ad49c86cce307653bd8caf29cb0cf07764",
},
{ /* Count 1 */
"b09eb4a82a39066ec945bb7c6aef6a0682a62c3e674bd900297d4271a5f25b49",
"a3b768adcfe76d61c972d900da8dffeeb2a42e740247aa719ed1c924d2d10bd4",
0,
0,
"5a1c26803f3ffd4daf32042fdcc32c3812bb5ef13bc208cef82ea047d2890a6f5dcecf"
"32bcc32a2585775ac5e1ffaa8de00664c54fe00a7674b985619e953c3a",
},
/*
* AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
* NonceLen = 0, PersonalizationStringLen = 256,
* AdditionalInputLen = 256,
* ReturnedBitsLen = 512
*/
{ /* Count 0 */
"50b96542a1f2b8b05074051fe8fb0e45adbbd5560e3594e12d485fe1bfcb741f",
"820c3030f97b3ead81a93b88b871937278fd3d711d2085d9280cba394673b17e",
"1f1632058806d6d8e231288f3b15a3c324e90ccef4891bd595f09c3e80e27469",
"5cadc8bfd86d2a5d44f921f64c7d153001b9bdd7caa6618639b948ebfad5cb8a",
"02b76a66f103e98d450e25e09c35337747d987471d2b3d81e03be24c7e985417a32acd"
"72bc0a6eddd9871410dacb921c659249b4e2b368c4ac8580fb5db559bc",
},
{ /* Count 1 */
"ff5f4b754e8b364f6df0c5effba5f1c036de49c4b38cd8d230ee1f14d7234ef5",
"994eb339f64034005d2e18352899e77df446e285c3430631d557498aac4f4280",
"e1824832d5fc2a6dea544cac2ab73306d6566bde98cc8f9425d064b860a9b218",
"c08b42433a78fd393a34ffc24724d479af08c36882799c134165d98b2866dc0a",
"1efa34aed07dd57bde9741b8d1907d28e8c1ac71601df37ef4295e6ffb67f6a1c4c13e"
"5def65d505e2408aeb82948999ca1f9c9113b99a6b59ff7f0cc3dc6e92",
},
/*
* AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
* NonceLen = 0, PersonalizationStringLen = 0, AdditionalInputLen = 0,
* ReturnedBitsLen = 512
*/
{ /* Count 0 */
"69a09f6bf5dda15cd4af29e14cf5e0cddd7d07ac39bba587f8bc331104f9c448",
0,
0,
0,
"f78a4919a6ec899f7b6c69381febbbe083315f3d289e70346db0e4ec4360473ae0b3d9"
"16e9b6b964309f753ed66ae59de48da316cc1944bc8dfd0e2575d0ff6d",
},
{ /* Count 1 */
"80bfbd340d79888f34f043ed6807a9f28b72b6644d9d9e9d777109482b80788a",
0,
0,
0,
"80db048d2f130d864b19bfc547c92503e580cb1a8e1f74f3d97fdda6501fb1aa81fced"
"ac0dd18b6ccfdc183ca28a44fc9f3a08834ba8751a2f4495367c54a185",
},
/*
* AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
* NonceLen = 0, PersonalizationStringLen = 0, AdditionalInputLen = 256,
* ReturnedBitsLen = 512
*/
{ /* Count 0 */
"7f40804693552e317523fda6935a5bc814353b1fbb7d334964ac4d1d12ddccce",
0,
"95c04259f64fcd1fe00c183aa3fb76b8a73b4d1243b800d770e38515bc41143c",
"5523102dbd7fe1228436b91a765b165ae6405eb0236e237afad4759cf0888941",
"1abf6bccb4c2d64e5187b1e2e34e493eca204ee4eef0d964267e38228f5f20efba3764"
"30a266f3832916d0a45b2703f46401dfd145e447a0a1667ebd8b6ee748",
},
{ /* Count 1 */
"350df677409a1dc297d01d3716a2abdfa6272cd030ab75f76839648582b47113",
0,
"ba5709a12ae6634a5436b7ea06838b48f7b847a237f6654a0e27c776ebee9511",
"f1b2c717c5e3a934127e10471d67accc65f4a45010ca53b35f54c88833dbd8e7",
"1ef1ea279812e8abe54f7ffd12d04c80ae40741f4ccfe232a5fba3a78dfd3e2ed419b8"
"8ee9188df724160cbb3aea0f276e84a3c0ff01e3b89fe30ebcfa64cb86",
},
/*
* AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
* NonceLen = 0, PersonalizationStringLen = 256, AdditionalInputLen = 0,
* ReturnedBitsLen = 512
*/
{ /* Count 0 */
"3fef762f0aa0677f61c65d749eeb10b013ff68ccc6314f150cfee752dcd8f987",
"f56db099240c7590dac396372b8737404d418b2864a3df96a8a397967245735f",
0,
0,
"af0afe0837442136fbb1959a1c91a9291c1d8188ede07c67d0e4dd6541303415e7a679"
"99c302ba0df555324c26077514592a9b6db6be2f153fad2250161164e4",
},
{ /* Count 1 */
"3eebe77db4631862e3eb7e39370515b8baa1cdd71a5b1b0cda79c14d0b5f48ea",
"4be56a9b9c21242739c985ef12aa4d98e8c7da07c4c1dc6829f2e06833cfa148",
0,
0,
"be9e18a753df261927473c8bb5fb7c3ea6e821df5ab49adc566a4ebf44f75fa825b1f9"
"d8c154bcd469134c0bb688e07e3c3e45407ca350d540e1528cc2e64068",
},
/*
* AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
* NonceLen = 0, PersonalizationStringLen = 256,
* AdditionalInputLen = 256,
* ReturnedBitsLen = 512
*/
{ /* Count 0 */
"c129c2732003bbf1d1dec244a933cd04cb47199bbce98fe080a1be880afb2155",
"64e2b9ac5c20642e3e3ee454b7463861a7e93e0dd1bbf8c4a0c28a6cb3d811ba",
"f94f0975760d52f47bd490d1623a9907e4df701f601cf2d573aba803a29d2b51",
"6f99720b186e2028a5fcc586b3ea518458e437ff449c7c5a318e6d13f75b5db7",
"7b8b3378b9031ab3101cec8af5b8ba5a9ca2a9af41432cd5f2e5e19716140bb219ed7f"
"4ba88fc37b2d7e146037d2cac1128ffe14131c8691e581067a29cacf80",
},
{ /* Count 1 */
"7667643670254b3530e80a17b16b22406e84efa6a4b5ceef3ebc877495fc6048",
"40b92969953acde756747005117e46eff6893d7132a8311ffb1062280367326b",
"797a02ffbe8ff2c94ed0e5d39ebdc7847adaa762a88238242ed8f71f5635b194",
"d617f0f0e609e90d814192ba2e5214293d485402cdf9f789cc78b05e8c374f18",
"e8d6f89dca9825aed8927b43187492a98ca8648db30f0ac709556d401a8ac2b959c813"
"50fc64332c4c0deb559a286a72e65dbb462bd872f9b28c0728f353dc10",
}
};
/* utility function to convert hex character representation
* to their nibble (4 bit) values
*/
static uint8_t char_to_nibble(char c)
{
if (c >= '0' && c <= '9') {
return c - '0';
}
if (c >= 'a' && c <= 'f') {
return c - 'a' + 10U;
}
if (c >= 'A' && c <= 'F') {
return c - 'A' + 10U;
}
return 255U;
}
/*
* Convert a string of characters representing a hex buffer into a series of
* bytes of that real value
*/
static void hex_str_to_num(uint8_t *buf, char *in)
{
int len;
int i;
len = strlen(in) / 2;
for (i = 0; i < len; i++) {
buf[i] = (char_to_nibble(*in) << 4) | char_to_nibble(*(in+1));
in += 2;
}
}
static int test_prng_vector(struct prng_vector *v)
{
TCCtrPrng_t ctx;
uint8_t entropy[MAX_BIN_SIZE];
uint8_t expected[MAX_BIN_SIZE];
uint8_t output[MAX_BIN_SIZE];
uint8_t *personal = NULL;
uint8_t *extra1 = NULL;
uint8_t *extra2 = NULL;
int extra1_len = 0;
int extra2_len = 0;
int plen = 0;
int ent_len;
int exp_len;
int rc;
hex_str_to_num(entropy, v->entropy);
hex_str_to_num(expected, v->expected);
ent_len = strlen(v->entropy) / 2;
exp_len = strlen(v->expected) / 2;
if (v->personal != 0) {
personal = per;
hex_str_to_num(personal, v->personal);
plen = strlen(v->personal) / 2;
}
if (v->extra1 != 0) {
extra1 = ai1;
hex_str_to_num(extra1, v->extra1);
extra1_len = strlen(v->extra1) / 2;
}
if (v->extra2 != 0) {
extra2 = ai2;
hex_str_to_num(extra2, v->extra2);
extra2_len = strlen(v->extra2) / 2;
}
rc = tc_ctr_prng_init(&ctx, entropy, ent_len, personal, plen);
/**TESTPOINT: Check if init works*/
zassert_equal(rc, TC_CRYPTO_SUCCESS, "CTR PRNG init failed");
rc = tc_ctr_prng_generate(&ctx, extra1, extra1_len, output, exp_len);
/**TESTPOINT: Check if generate works*/
zassert_equal(rc, TC_CRYPTO_SUCCESS, "CTR PRNG generate failed");
rc = tc_ctr_prng_generate(&ctx, extra2, extra2_len, output, exp_len);
/**TESTPOINT: Check if generate works*/
zassert_equal(rc, TC_CRYPTO_SUCCESS, "CTR PRNG generate failed");
rc = memcmp(output, expected, exp_len);
/**TESTPOINT: Check results*/
zassert_false(rc, "expected value different - check failed");
rc = TC_PASS;
return rc;
}
ZTEST(tinycrypt, test_ctr_prng_reseed)
{
uint8_t expectedV1[] = {0x7E, 0xE3, 0xA0, 0xCB, 0x6D, 0x5C, 0x4B, 0xC2,
0x4B, 0x7E, 0x3C, 0x48, 0x88, 0xC3, 0x69, 0x70};
uint8_t expectedV2[] = {0x5E, 0xC1, 0x84, 0xED, 0x45, 0x76, 0x67, 0xEC,
0x7B, 0x4C, 0x08, 0x7E, 0xB0, 0xF9, 0x55, 0x4E};
uint8_t extra_input[32] = {0};
uint8_t entropy[32] = {0}; /* value not important */
uint8_t output[32];
TCCtrPrng_t ctx;
uint32_t i;
int rc;
rc = tc_ctr_prng_init(&ctx, entropy, sizeof(entropy), 0, 0U);
/**TESTPOINT: Check if init works*/
zassert_equal(rc, TC_CRYPTO_SUCCESS, "CTR PRNG init failed");
/* force internal state to max allowed count */
ctx.reseedCount = 0x1000000000000ULL;
rc = tc_ctr_prng_generate(&ctx, 0, 0, output, sizeof(output));
/**TESTPOINT: Check if generate works*/
zassert_equal(rc, TC_CRYPTO_SUCCESS, "CTR PRNG generate failed");
/* expect further attempts to fail due to reaching reseed threshold */
rc = tc_ctr_prng_generate(&ctx, 0, 0, output, sizeof(output));
/**TESTPOINT: Check if generate works*/
zassert_equal(rc, TC_CTR_PRNG_RESEED_REQ, "CTR PRNG generate failed");
/* reseed and confirm generate works again
* make entropy different from original value - not really important
* for the purpose of this test
*/
(void)memset(entropy, 0xFF, sizeof(entropy));
rc = tc_ctr_prng_reseed(&ctx, entropy, sizeof(entropy), extra_input,
sizeof(extra_input));
/**TESTPOINT: Recheck if the functions work*/
zassert_equal(rc, TC_CRYPTO_SUCCESS, "CTR PRNG reseed failed");
rc = tc_ctr_prng_generate(&ctx, 0, 0, output, sizeof(output));
/**TESTPOINT: Check if generate works again*/
zassert_equal(rc, TC_CRYPTO_SUCCESS, "CTR PRNG generate failed");
/* confirm entropy and additional_input are being used correctly
* first, entropy only
*/
(void)memset(&ctx, 0x0, sizeof(ctx));
for (i = 0U; i < sizeof(entropy); i++) {
entropy[i] = i;
}
rc = tc_ctr_prng_reseed(&ctx, entropy, sizeof(entropy), 0, 0);
/**TESTPOINT: Check if reseed works*/
zassert_equal(rc, 1, "CTR PRNG reseed failed");
/**TESTPOINT: Check results*/
zassert_false(memcmp(ctx.V, expectedV1, sizeof(expectedV1)),
"expected value different - check failed");
/* now, entropy and additional_input */
(void)memset(&ctx, 0x00, sizeof(ctx));
for (i = 0U; i < sizeof(extra_input); i++) {
extra_input[i] = i * 2U;
}
rc = tc_ctr_prng_reseed(&ctx, entropy, sizeof(entropy),
extra_input, sizeof(extra_input));
/**TESTPOINT: Check if reseed works*/
zassert_equal(rc, 1, "CTR PRNG reseed failed");
/**TESTPOINT: Check results*/
zassert_false(memcmp(ctx.V, expectedV2, sizeof(expectedV2)),
"expected value different - check failed");
TC_PRINT("CTR PRNG reseed test succeeded\n");
}
ZTEST(tinycrypt, test_ctr_prng_uninstantiate)
{
uint8_t entropy[32] = {0}; /* value not important */
TCCtrPrng_t ctx;
size_t words;
size_t i;
int rc;
rc = tc_ctr_prng_init(&ctx, entropy, sizeof(entropy), 0, 0);
/**TESTPOINT: Check if init works*/
zassert_equal(rc, TC_CRYPTO_SUCCESS, "CTR PRNG init failed");
tc_ctr_prng_uninstantiate(&ctx);
/* show that state has been zeroised */
for (i = 0; i < sizeof(ctx.V); i++) {
/**TESTPOINT: Check if states have been zeroised*/
zassert_false(ctx.V[i], "some states have not been zeroised");
}
words = sizeof(ctx.key.words) / sizeof(ctx.key.words[0]);
for (i = 0; i < words; i++) {
/**TESTPOINT: Check words*/
zassert_false(ctx.key.words[i],
"expected value wrong - check failed");
}
/**TESTPOINT: Check if uninstantiation passed*/
zassert_false(ctx.reseedCount, "CTR PRNG uninstantiate test failed");
TC_PRINT("CTR PRNG uninstantiate test succeeded\n");
}
ZTEST(tinycrypt, test_ctr_prng_robustness)
{
uint8_t entropy[32] = {0}; /* value not important */
uint8_t output[32];
TCCtrPrng_t ctx;
int rc;
/* show that the CTR PRNG is robust to invalid inputs */
tc_ctr_prng_uninstantiate(0);
rc = tc_ctr_prng_generate(&ctx, 0, 0, 0, 0);
/**TESTPOINT: Check if invalid input test works*/
zassert_equal(rc, TC_CRYPTO_FAIL, "CTR PRNG invalid input test failed");
rc = tc_ctr_prng_generate(0, 0, 0, output, sizeof(output));
/**TESTPOINT: Check if invalid input test works*/
zassert_equal(rc, TC_CRYPTO_FAIL, "CTR PRNG invalid input test failed");
rc = tc_ctr_prng_generate(0, 0, 0, 0, 0);
/**TESTPOINT: Check if invalid input test works*/
zassert_equal(rc, TC_CRYPTO_FAIL, "CTR PRNG invalid input test failed");
rc = tc_ctr_prng_reseed(&ctx, 0, 0, 0, 0);
/**TESTPOINT: Check if invalid input test works*/
zassert_equal(rc, TC_CRYPTO_FAIL, "CTR PRNG invalid input test failed");
/* too little entropy */
rc = tc_ctr_prng_reseed(&ctx, entropy, sizeof(entropy) - 1, 0, 0);
/**TESTPOINT: Check if invalid input test works*/
zassert_equal(rc, TC_CRYPTO_FAIL, "CTR PRNG invalid input test failed");
rc = tc_ctr_prng_reseed(0, entropy, sizeof(entropy), 0, 0);
/**TESTPOINT: Check if invalid input test works*/
zassert_equal(rc, TC_CRYPTO_FAIL, "CTR PRNG invalid input test failed");
rc = tc_ctr_prng_reseed(0, 0, 0, 0, 0);
/**TESTPOINT: Check if invalid input test works*/
zassert_equal(rc, TC_CRYPTO_FAIL, "CTR PRNG invalid input test failed");
rc = tc_ctr_prng_init(&ctx, 0, 0, 0, 0);
/**TESTPOINT: Check if invalid input test works*/
zassert_equal(rc, TC_CRYPTO_FAIL, "CTR PRNG invalid input test failed");
/* too little entropy */
rc = tc_ctr_prng_init(&ctx, entropy, sizeof(entropy) - 1, 0, 0);
/**TESTPOINT: Check if invalid input test works*/
zassert_equal(rc, TC_CRYPTO_FAIL, "CTR PRNG invalid input test failed");
rc = tc_ctr_prng_init(0, entropy, sizeof(entropy), 0, 0);
/**TESTPOINT: Check if invalid input test works*/
zassert_equal(rc, TC_CRYPTO_FAIL, "CTR PRNG invalid input test failed");
rc = tc_ctr_prng_init(0, 0, 0, 0, 0);
/**TESTPOINT: Check if invalid input test works*/
zassert_equal(rc, TC_CRYPTO_FAIL, "CTR PRNG invalid input test failed");
TC_PRINT("CTR PRNG robustness test succeeded\n");
}
/*
* Main task to test CTR PRNG
*/
ZTEST(tinycrypt, test_ctr_prng_vector)
{
int elements;
int rc;
int i;
elements = (int)sizeof(vectors) / sizeof(vectors[0]);
for (i = 0; i < elements; i++) {
rc = test_prng_vector(&vectors[i]);
TC_PRINT("[%s] test_prng_vector #%d\n",
TC_RESULT_TO_STR(rc), i);
/**TESTPOINT: Check if test passed*/
zassert_false(rc, "CTR PRNG vector test failed");
}
TC_PRINT("CTR PRNG vector test succeeded\n");
}

484
tests/crypto/tinycrypt/src/ecc_dh.c
View File

@@ -1,484 +0,0 @@
/* test_ecc_dh.c - TinyCrypt implementation of some EC-DH tests */
/* Copyright (c) 2014, Kenneth MacKay
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* * Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* Copyright (C) 2017 by Intel Corporation, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* - Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* test_ecc_ecdh.c -- Implementation of some EC-DH tests
*
*/
#include <tinycrypt/ecc.h>
#include <tinycrypt/ecc_dh.h>
#include <tinycrypt/ecc_platform_specific.h>
#include "test_ecc_utils.h"
#include <zephyr/test_utils.h>
#include <tinycrypt/constants.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <zephyr/ztest.h>
int ecdh_vectors(char **qx_vec, char **qy_vec, char **d_vec, char **z_vec,
int tests, int verbose)
{
unsigned int pub[2 * NUM_ECC_WORDS];
unsigned int prv[NUM_ECC_WORDS];
unsigned int z[NUM_ECC_WORDS];
unsigned int result = TC_PASS;
int rc;
unsigned int exp_z[NUM_ECC_WORDS];
const struct uECC_Curve_t *curve = uECC_secp256r1();
for (int i = 0; i < tests; i++) {
string2scalar(pub + NUM_ECC_WORDS, NUM_ECC_WORDS, qx_vec[i]);
string2scalar(pub, NUM_ECC_WORDS, qy_vec[i]);
string2scalar(exp_z, NUM_ECC_WORDS, z_vec[i]);
string2scalar(prv, NUM_ECC_WORDS, d_vec[i]);
uint8_t pub_bytes[2 * NUM_ECC_BYTES];
uECC_vli_nativeToBytes(pub_bytes, 2 * NUM_ECC_BYTES, pub);
uint8_t private_bytes[NUM_ECC_BYTES];
uECC_vli_nativeToBytes(private_bytes, NUM_ECC_BYTES, prv);
uint8_t z_bytes[NUM_ECC_BYTES];
uECC_vli_nativeToBytes(z_bytes, NUM_ECC_BYTES, exp_z);
rc = uECC_shared_secret(pub_bytes, private_bytes, z_bytes, curve);
/**TESTPOINT: Check for ECDH failure*/
zassert_equal(rc, TC_CRYPTO_SUCCESS, "ECDH failure, exit");
uECC_vli_bytesToNative(z, z_bytes, NUM_ECC_BYTES);
result = check_ecc_result(i, "Z", exp_z, z, NUM_ECC_WORDS, verbose);
/**TESTPOINT: Check result*/
zassert_false(result, "ECDH test failed");
}
return result;
}
int cavp_ecdh(bool verbose)
{
unsigned int result = TC_PASS;
/*
* P-256
*/
char *d[] = {
"7d7dc5f71eb29ddaf80d6214632eeae03d9058af1fb6d22ed80badb62bc1a534",
"38f65d6dce47676044d58ce5139582d568f64bb16098d179dbab07741dd5caf5",
"1accfaf1b97712b85a6f54b148985a1bdc4c9bec0bd258cad4b3d603f49f32c8",
"207c43a79bfee03db6f4b944f53d2fb76cc49ef1c9c4d34d51b6c65c4db6932d",
"59137e38152350b195c9718d39673d519838055ad908dd4757152fd8255c09bf",
"f5f8e0174610a661277979b58ce5c90fee6c9b3bb346a90a7196255e40b132ef",
"3b589af7db03459c23068b64f63f28d3c3c6bc25b5bf76ac05f35482888b5190",
"d8bf929a20ea7436b2461b541a11c80e61d826c0a4c9d322b31dd54e7f58b9c8",
"0f9883ba0ef32ee75ded0d8bda39a5146a29f1f2507b3bd458dbea0b2bb05b4d",
"2beedb04b05c6988f6a67500bb813faf2cae0d580c9253b6339e4a3337bb6c08",
"77c15dcf44610e41696bab758943eff1409333e4d5a11bbe72c8f6c395e9f848",
"42a83b985011d12303db1a800f2610f74aa71cdf19c67d54ce6c9ed951e9093e",
"ceed35507b5c93ead5989119b9ba342cfe38e6e638ba6eea343a55475de2800b",
"43e0e9d95af4dc36483cdd1968d2b7eeb8611fcce77f3a4e7d059ae43e509604",
"b2f3600df3368ef8a0bb85ab22f41fc0e5f4fdd54be8167a5c3cd4b08db04903",
"4002534307f8b62a9bf67ff641ddc60fef593b17c3341239e95bdb3e579bfdc8",
"4dfa12defc60319021b681b3ff84a10a511958c850939ed45635934ba4979147",
"1331f6d874a4ed3bc4a2c6e9c74331d3039796314beee3b7152fcdba5556304e",
"dd5e9f70ae740073ca0204df60763fb6036c45709bf4a7bb4e671412fad65da3",
"5ae026cfc060d55600717e55b8a12e116d1d0df34af831979057607c2d9c2f76",
"b601ac425d5dbf9e1735c5e2d5bdb79ca98b3d5be4a2cfd6f2273f150e064d9d",
"fefb1dda1845312b5fce6b81b2be205af2f3a274f5a212f66c0d9fc33d7ae535",
"334ae0c4693d23935a7e8e043ebbde21e168a7cba3fa507c9be41d7681e049ce",
"2c4bde40214fcc3bfc47d4cf434b629acbe9157f8fd0282540331de7942cf09d",
"85a268f9d7772f990c36b42b0a331adc92b5941de0b862d5d89a347cbf8faab0",
};
char *x[] = {
"700c48f77f56584c5cc632ca65640db91b6bacce3a4df6b42ce7cc838833d287",
"809f04289c64348c01515eb03d5ce7ac1a8cb9498f5caa50197e58d43a86a7ae",
"a2339c12d4a03c33546de533268b4ad667debf458b464d77443636440ee7fec3",
"df3989b9fa55495719b3cf46dccd28b5153f7808191dd518eff0c3cff2b705ed",
"41192d2813e79561e6a1d6f53c8bc1a433a199c835e141b05a74a97b0faeb922",
"33e82092a0f1fb38f5649d5867fba28b503172b7035574bf8e5b7100a3052792",
"6a9e0c3f916e4e315c91147be571686d90464e8bf981d34a90b6353bca6eeba7",
"a9c0acade55c2a73ead1a86fb0a9713223c82475791cd0e210b046412ce224bb",
"94e94f16a98255fff2b9ac0c9598aac35487b3232d3231bd93b7db7df36f9eb9",
"e099bf2a4d557460b5544430bbf6da11004d127cb5d67f64ab07c94fcdf5274f",
"f75a5fe56bda34f3c1396296626ef012dc07e4825838778a645c8248cff01658",
"2db4540d50230756158abf61d9835712b6486c74312183ccefcaef2797b7674d",
"cd94fc9497e8990750309e9a8534fd114b0a6e54da89c4796101897041d14ecb",
"15b9e467af4d290c417402e040426fe4cf236bae72baa392ed89780dfccdb471",
"49c503ba6c4fa605182e186b5e81113f075bc11dcfd51c932fb21e951eee2fa1",
"19b38de39fdd2f70f7091631a4f75d1993740ba9429162c2a45312401636b29c",
"2c91c61f33adfe9311c942fdbff6ba47020feff416b7bb63cec13faf9b099954",
"a28a2edf58025668f724aaf83a50956b7ac1cfbbff79b08c3bf87dfd2828d767",
"a2ef857a081f9d6eb206a81c4cf78a802bdf598ae380c8886ecd85fdc1ed7644",
"ccd8a2d86bc92f2e01bce4d6922cf7fe1626aed044685e95e2eebd464505f01f",
"c188ffc8947f7301fb7b53e36746097c2134bf9cc981ba74b4e9c4361f595e4e",
"317e1020ff53fccef18bf47bb7f2dd7707fb7b7a7578e04f35b3beed222a0eb6",
"45fb02b2ceb9d7c79d9c2fa93e9c7967c2fa4df5789f9640b24264b1e524fcb1",
"a19ef7bff98ada781842fbfc51a47aff39b5935a1c7d9625c8d323d511c92de6",
"356c5a444c049a52fee0adeb7e5d82ae5aa83030bfff31bbf8ce2096cf161c4b",
};
char *y[] = {
"db71e509e3fd9b060ddb20ba5c51dcc5948d46fbf640dfe0441782cab85fa4ac",
"b29d84e811197f25eba8f5194092cb6ff440e26d4421011372461f579271cda3",
"ef48a3ab26e20220bcda2c1851076839dae88eae962869a497bf73cb66faf536",
"422294ff46003429d739a33206c8752552c8ba54a270defc06e221e0feaf6ac4",
"1af98cc45e98a7e041b01cf35f462b7562281351c8ebf3ffa02e33a0722a1328",
"f2cf6b601e0a05945e335550bf648d782f46186c772c0f20d3cd0d6b8ca14b2f",
"40f9bead39c2f2bcc2602f75b8a73ec7bdffcbcead159d0174c6c4d3c5357f05",
"f6de0afa20e93e078467c053d241903edad734c6b403ba758c2b5ff04c9d4229",
"d8049a43579cfa90b8093a94416cbefbf93386f15b3f6e190b6e3455fedfe69a",
"d9c50dbe70d714edb5e221f4e020610eeb6270517e688ca64fb0e98c7ef8c1c5",
"33bbdf1b1772d8059df568b061f3f1122f28a8d819167c97be448e3dc3fb0c3c",
"62f57f314e3f3495dc4e099012f5e0ba71770f9660a1eada54104cdfde77243e",
"c3def4b5fe04faee0a11932229fff563637bfdee0e79c6deeaf449f85401c5c4",
"cdf4e9170fb904302b8fd93a820ba8cc7ed4efd3a6f2d6b05b80b2ff2aee4e77",
"8af706ff0922d87b3f0c5e4e31d8b259aeb260a9269643ed520a13bb25da5924",
"09aed7232b28e060941741b6828bcdfa2bc49cc844f3773611504f82a390a5ae",
"6cab31b06419e5221fca014fb84ec870622a1b12bab5ae43682aa7ea73ea08d0",
"dfa7bfffd4c766b86abeaf5c99b6e50cb9ccc9d9d00b7ffc7804b0491b67bc03",
"563c4c20419f07bc17d0539fade1855e34839515b892c0f5d26561f97fa04d1a",
"e9ddd583a9635a667777d5b8a8f31b0f79eba12c75023410b54b8567dddc0f38",
"bf7d2f2056e72421ef393f0c0f2b0e00130e3cac4abbcc00286168e85ec55051",
"09420ce5a19d77c6fe1ee587e6a49fbaf8f280e8df033d75403302e5a27db2ae",
"5c6e8ecf1f7d3023893b7b1ca1e4d178972ee2a230757ddc564ffe37f5c5a321",
"e9c184df75c955e02e02e400ffe45f78f339e1afe6d056fb3245f4700ce606ef",
"57d128de8b2a57a094d1a001e572173f96e8866ae352bf29cddaf92fc85b2f92",
};
char *Z[] = {
"46fc62106420ff012e54a434fbdd2d25ccc5852060561e68040dd7778997bd7b",
"057d636096cb80b67a8c038c890e887d1adfa4195e9b3ce241c8a778c59cda67",
"2d457b78b4614132477618a5b077965ec90730a8c81a1c75d6d4ec68005d67ec",
"96441259534b80f6aee3d287a6bb17b5094dd4277d9e294f8fe73e48bf2a0024",
"19d44c8d63e8e8dd12c22a87b8cd4ece27acdde04dbf47f7f27537a6999a8e62",
"664e45d5bba4ac931cd65d52017e4be9b19a515f669bea4703542a2c525cd3d3",
"ca342daa50dc09d61be7c196c85e60a80c5cb04931746820be548cdde055679d",
"35aa9b52536a461bfde4e85fc756be928c7de97923f0416c7a3ac8f88b3d4489",
"605c16178a9bc875dcbff54d63fe00df699c03e8a888e9e94dfbab90b25f39b4",
"f96e40a1b72840854bb62bc13c40cc2795e373d4e715980b261476835a092e0b",
"8388fa79c4babdca02a8e8a34f9e43554976e420a4ad273c81b26e4228e9d3a3",
"72877cea33ccc4715038d4bcbdfe0e43f42a9e2c0c3b017fc2370f4b9acbda4a",
"e4e7408d85ff0e0e9c838003f28cdbd5247cdce31f32f62494b70e5f1bc36307",
"ed56bcf695b734142c24ecb1fc1bb64d08f175eb243a31f37b3d9bb4407f3b96",
"bc5c7055089fc9d6c89f83c1ea1ada879d9934b2ea28fcf4e4a7e984b28ad2cf",
"9a4e8e657f6b0e097f47954a63c75d74fcba71a30d83651e3e5a91aa7ccd8343",
"3ca1fc7ad858fb1a6aba232542f3e2a749ffc7203a2374a3f3d3267f1fc97b78",
"1aaabe7ee6e4a6fa732291202433a237df1b49bc53866bfbe00db96a0f58224f",
"430e6a4fba4449d700d2733e557f66a3bf3d50517c1271b1ddae1161b7ac798c",
"1ce9e6740529499f98d1f1d71329147a33df1d05e4765b539b11cf615d6974d3",
"4690e3743c07d643f1bc183636ab2a9cb936a60a802113c49bb1b3f2d0661660",
"30c2261bd0004e61feda2c16aa5e21ffa8d7e7f7dbf6ec379a43b48e4b36aeb0",
"2adae4a138a239dcd93c243a3803c3e4cf96e37fe14e6a9b717be9599959b11c",
"2e277ec30f5ea07d6ce513149b9479b96e07f4b6913b1b5c11305c1444a1bc0b",
"1e51373bd2c6044c129c436e742a55be2a668a85ae08441b6756445df5493857",
};
TC_PRINT("Test #1: ECDH");
TC_PRINT("NIST-p256\n");
result = ecdh_vectors(x, y, d, Z, 25, verbose);
/**TESTPOINT: Check result*/
zassert_false(result, "ECDH test failed");
return result;
}
int cavp_keygen(bool verbose)
{
unsigned int result = TC_PASS;
/*
* [P-256, B.4.2 Key Pair Generation by Testing Candidates]
*/
char *d[] = {
"c9806898a0334916c860748880a541f093b579a9b1f32934d86c363c39800357",
"710735c8388f48c684a97bd66751cc5f5a122d6b9a96a2dbe73662f78217446d",
"78d5d8b7b3e2c16b3e37e7e63becd8ceff61e2ce618757f514620ada8a11f6e4",
"2a61a0703860585fe17420c244e1de5a6ac8c25146b208ef88ad51ae34c8cb8c",
"01b965b45ff386f28c121c077f1d7b2710acc6b0cb58d8662d549391dcf5a883",
"fac92c13d374c53a085376fe4101618e1e181b5a63816a84a0648f3bdc24e519",
"f257a192dde44227b3568008ff73bcf599a5c45b32ab523b5b21ca582fef5a0a",
"add67e57c42a3d28708f0235eb86885a4ea68e0d8cfd76eb46134c596522abfd",
"4494860fd2c805c5c0d277e58f802cff6d731f76314eb1554142a637a9bc5538",
"d40b07b1ea7b86d4709ef9dc634c61229feb71abd63dc7fc85ef46711a87b210",
};
char *x[] = {
"d0720dc691aa80096ba32fed1cb97c2b620690d06de0317b8618d5ce65eb728f",
"f6836a8add91cb182d8d258dda6680690eb724a66dc3bb60d2322565c39e4ab9",
"76711126cbb2af4f6a5fe5665dad4c88d27b6cb018879e03e54f779f203a854e",
"e1aa7196ceeac088aaddeeba037abb18f67e1b55c0a5c4e71ec70ad666fcddc8",
"1f038c5422e88eec9e88b815e8f6b3e50852333fc423134348fc7d79ef8e8a10",
"7258f2ab96fc84ef6ccb33e308cd392d8b568ea635730ceb4ebd72fa870583b9",
"d2e01411817b5512b79bbbe14d606040a4c90deb09e827d25b9f2fc068997872",
"55bed2d9c029b7f230bde934c7124ed52b1330856f13cbac65a746f9175f85d7",
"5190277a0c14d8a3d289292f8a544ce6ea9183200e51aec08440e0c1a463a4e4",
"fbcea7c2827e0e8085d7707b23a3728823ea6f4878b24747fb4fd2842d406c73",
};
char *y[] = {
"9681b517b1cda17d0d83d335d9c4a8a9a9b0b1b3c7106d8f3c72bc5093dc275f",
"1f837aa32864870cb8e8d0ac2ff31f824e7beddc4bb7ad72c173ad974b289dc2",
"a26df39960ab5248fd3620fd018398e788bd89a3cea509b352452b69811e6856",
"d7d35bdce6dedc5de98a7ecb27a9cd066a08f586a733b59f5a2cdb54f971d5c8",
"43a047cb20e94b4ffb361ef68952b004c0700b2962e0c0635a70269bc789b849",
"489807ca55bdc29ca5c8fe69b94f227b0345cccdbe89975e75d385cc2f6bb1e2",
"503f138f8bab1df2c4507ff663a1fdf7f710e7adb8e7841eaa902703e314e793",
"32805e311d583b4e007c40668185e85323948e21912b6b0d2cda8557389ae7b0",
"ecd98514821bd5aaf3419ab79b71780569470e4fed3da3c1353b28fe137f36eb",
"2393c85f1f710c5afc115a39ba7e18abe03f19c9d4bb3d47d19468b818efa535",
};
TC_PRINT("Test #2: ECC KeyGen ");
TC_PRINT("NIST-p256\n");
result = keygen_vectors(d, x, y, 10, verbose);
/**TESTPOINT: Check result*/
zassert_false(result, "ECC KeyGen test failed");
return result;
}
/* Test ecc_make_keys, and also as keygen part of other tests */
int pkv_vectors(char **qx_vec, char **qy_vec, int res_vec[], int tests,
bool verbose)
{
unsigned int pub[2 * NUM_ECC_WORDS];
uint8_t _public[2 * NUM_ECC_BYTES];
int rc;
int exp_rc;
unsigned int result = TC_PASS;
const struct uECC_Curve_t *curve = uECC_secp256r1();
for (int i = 0; i < tests; i++) {
exp_rc = res_vec[i];
if (strlen(qx_vec[i]) > 2 * NUM_ECC_BYTES ||
strlen(qy_vec[i]) > 2 * NUM_ECC_BYTES) {
/* invalid input to ECC digit conversion (string2native()) */
rc = -2;
} else {
string2scalar(pub, NUM_ECC_WORDS, qx_vec[i]);
string2scalar(pub + NUM_ECC_WORDS, NUM_ECC_WORDS, qy_vec[i]);
uECC_vli_nativeToBytes(_public, NUM_ECC_BYTES, pub);
uECC_vli_nativeToBytes(_public + NUM_ECC_BYTES,
NUM_ECC_BYTES, pub + NUM_ECC_WORDS);
rc = uECC_valid_public_key(_public, curve);
}
/*
* map to CAVP error codes
* 0 => 0 - success
* -1 => ? - (x,y) = (0,0) (not covered)
* -2 => 1 - out of bounds (pubverify or ecc import)
* -3 => 2 - not on curve
* -4 => ? - public key is the group generator
*/
if (rc == -3) {
rc = 2;
}
if (rc == -2) {
rc = 1;
}
result = check_code(i, exp_rc, rc, verbose);
/**TESTPOINT: Check result*/
zassert_false(result, "PubKey verification failed");
}
return result;
}
int cavp_pkv(bool verbose)
{
/*
* [P-256]
*/
char *x[] = {
"e0f7449c5588f24492c338f2bc8f7865f755b958d48edb0f2d0056e50c3fd5b7",
"d17c446237d9df87266ba3a91ff27f45abfdcb77bfd83536e92903efb861a9a9",
"17875397ae87369365656d490e8ce956911bd97607f2aff41b56f6f3a61989826",
"f2d1c0dc0852c3d8a2a2500a23a44813ccce1ac4e58444175b440469ffc12273",
"10b0ca230fff7c04768f4b3d5c75fa9f6c539bea644dffbec5dc796a213061b58",
"2c1052f25360a15062d204a056274e93cbe8fc4c4e9b9561134ad5c15ce525da",
"a40d077a87dae157d93dcccf3fe3aca9c6479a75aa2669509d2ef05c7de6782f",
"2633d398a3807b1895548adbb0ea2495ef4b930f91054891030817df87d4ac0a",
"14bf57f76c260b51ec6bbc72dbd49f02a56eaed070b774dc4bad75a54653c3d56",
"2fa74931ae816b426f484180e517f5050c92decfc8daf756cd91f54d51b302f1",
"f8c6dd3181a76aa0e36c2790bba47041acbe7b1e473ff71eee39a824dc595ff0",
"7a81a7e0b015252928d8b36e4ca37e92fdc328eb25c774b4f872693028c4be38",
};
char *y[] = {
"86d7e9255d0f4b6f44fa2cd6f8ba3c0aa828321d6d8cc430ca6284ce1d5b43a0",
"1eabb6a349ce2cd447d777b6739c5fc066add2002d2029052c408d0701066231c",
"980a3c4f61b9692633fbba5ef04c9cb546dd05cdec9fa8428b8849670e2fba92",
"32bfe992831b305d8c37b9672df5d29fcb5c29b4a40534683e3ace23d24647dd",
"f5edf37c11052b75f771b7f9fa050e353e464221fec916684ed45b6fead38205",
"ced9783713a8a2a09eff366987639c625753295d9a85d0f5325e32dedbcada0b",
"503d86b87d743ba20804fd7e7884aa017414a7b5b5963e0d46e3a9611419ddf3",
"d6b2f738e3873cc8364a2d364038ce7d0798bb092e3dd77cbdae7c263ba618d2",
"7a231a23bf8b3aa31d9600d888a0678677a30e573decd3dc56b33f365cc11236",
"5b994346137988c58c14ae2152ac2f6ad96d97decb33099bd8a0210114cd1141",
"9c965f227f281b3072b95b8daf29e88b35284f3574462e268e529bbdc50e9e52",
"08862f7335147261e7b1c3d055f9a316e4cab7daf99cc09d1c647f5dd6e7d5bb",
};
int results[] = { 0, 1, 1, 2, 1, 0, 2, 0, 1, 0, 2, 2 };
TC_PRINT("Test #3: PubKeyVerify ");
TC_PRINT("NIST-p256-SHA2-256\n");
return pkv_vectors(x, y, results, 12, verbose);
}
int montecarlo_ecdh(int num_tests, bool verbose)
{
int i;
uint8_t private1[NUM_ECC_BYTES] = { 0 };
uint8_t private2[NUM_ECC_BYTES] = { 0 };
uint8_t public1[2 * NUM_ECC_BYTES] = { 0 };
uint8_t public2[2 * NUM_ECC_BYTES] = { 0 };
uint8_t secret1[NUM_ECC_BYTES] = { 0 };
uint8_t secret2[NUM_ECC_BYTES] = { 0 };
const struct uECC_Curve_t *curve = uECC_secp256r1();
TC_PRINT("Test #4: Monte Carlo (%d Randomized EC-DH key-exchange) ", num_tests);
TC_PRINT("NIST-p256\n ");
for (i = 0; i < num_tests; ++i) {
if (verbose) {
TC_PRINT(".");
}
if (!uECC_make_key(public1, private1, curve) ||
!uECC_make_key(public2, private2, curve)) {
zassert_true(0, "uECC_make_key() failed");
}
if (!uECC_shared_secret(public2, private1, secret1, curve)) {
zassert_true(0, "shared_secret() failed (1)");
}
if (!uECC_shared_secret(public1, private2, secret2, curve)) {
zassert_true(0, "shared_secret() failed (2)");
}
if (memcmp(secret1, secret2, sizeof(secret1)) != 0) {
TC_PRINT("Shared secrets are not identical!\n");
TC_PRINT("Private key 1 = ");
vli_print_bytes(private1, 32);
TC_PRINT("\nPrivate key 2 = ");
vli_print_bytes(private2, 32);
TC_PRINT("\nPublic key 1 = ");
vli_print_bytes(public1, 64);
TC_PRINT("\nPublic key 2 = ");
vli_print_bytes(public2, 64);
TC_PRINT("\nShared secret 1 = ");
vli_print_bytes(secret1, 32);
TC_PRINT("\nShared secret 2 = ");
vli_print_bytes(secret2, 32);
TC_PRINT("\n");
}
}
TC_PRINT("\n");
return TC_PASS;
}
ZTEST(tinycrypt, test_ecc_dh)
{
unsigned int result = TC_PASS;
/* Setup of the Cryptographically Secure PRNG. */
uECC_set_rng(&default_CSPRNG);
bool verbose = true;
TC_PRINT("Performing cavp_ecdh test:\n");
result = cavp_ecdh(verbose);
/**TESTPOINT: Check cavp_ecdh*/
zassert_false(result, "cavp_ecdh test failed");
TC_PRINT("Performing cavp_keygen test:\n");
result = cavp_keygen(verbose);
/**TESTPOINT: Check cavp_keygen*/
zassert_false(result, "cavp_keygen test failed");
TC_PRINT("Performing cavp_pkv test:\n");
result = cavp_pkv(verbose);
/**TESTPOINT: Check cavp_pkv*/
zassert_false(result, "cavp_pkv test failed");
TC_PRINT("Performing montecarlo_ecdh test:\n");
result = montecarlo_ecdh(10, verbose);
/**TESTPOINT: Check cavp_ecdh*/
zassert_false(result, "montecarlo_ecdh test failed");
TC_PRINT("All EC-DH tests succeeded!\n");
}

652
tests/crypto/tinycrypt/src/ecc_dsa.c
View File

@@ -1,652 +0,0 @@
/* test_ecc_ecdsa.c - TinyCrypt implementation of some EC-DSA tests */
/* Copyright (c) 2014, Kenneth MacKay
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* * Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.*/
/*
* Copyright (C) 2017 by Intel Corporation, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* - Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* test_ecc_ecdsa.c -- Implementation of some EC-DSA tests
*
*/
#define ENABLE_TESTS 1
#include <tinycrypt/ecc.h>
#include <tinycrypt/ecc_platform_specific.h>
#include <tinycrypt/ecc_dsa.h>
#include <tinycrypt/ecc_dh.h>
#include <tinycrypt/constants.h>
#include <tinycrypt/sha256.h>
#include <zephyr/test_utils.h>
#include "test_ecc_utils.h"
#include <zephyr/sys/util.h>
#include <zephyr/random/random.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <zephyr/ztest.h>
/* Maximum size of message to be signed. */
#define BUF_SIZE 256
int sign_vectors(TCSha256State_t hash, char **d_vec, char **k_vec,
char **msg_vec, char **qx_vec, char **qy_vec, char **r_vec,
char **s_vec, int tests, bool verbose)
{
unsigned int k[NUM_ECC_WORDS];
unsigned int private[NUM_ECC_WORDS];
uint8_t private_bytes[NUM_ECC_BYTES];
unsigned int sig[2 * NUM_ECC_WORDS];
uint8_t sig_bytes[2 * NUM_ECC_BYTES];
unsigned int digest[TC_SHA256_DIGEST_SIZE / 4];
uint8_t digest_bytes[TC_SHA256_DIGEST_SIZE];
unsigned int result = TC_PASS;
/* expected outputs (converted input vectors) */
unsigned int exp_r[NUM_ECC_WORDS];
unsigned int exp_s[NUM_ECC_WORDS];
uint8_t msg[BUF_SIZE];
size_t msglen;
for (int i = 0; i < tests; i++) {
/* use keygen test to generate and validate pubkey */
keygen_vectors(d_vec + i, qx_vec + i, qy_vec + i, 1, false);
string2scalar(private, NUM_ECC_WORDS, d_vec[i]);
uECC_vli_nativeToBytes(private_bytes, NUM_ECC_BYTES, private);
/* validate ECDSA: hash message, sign digest, check r+s */
(void)memset(k, 0, NUM_ECC_BYTES);
string2scalar(k, NUM_ECC_WORDS, k_vec[i]);
string2scalar(exp_r, NUM_ECC_WORDS, r_vec[i]);
string2scalar(exp_s, NUM_ECC_WORDS, s_vec[i]);
msglen = hex2bin(msg_vec[i], strlen(msg_vec[i]), msg, BUF_SIZE);
/**TESTPOINT: Check if msg imported*/
zassert_true(msglen, "failed to import message!");
tc_sha256_init(hash);
tc_sha256_update(hash, msg, msglen);
tc_sha256_final(digest_bytes, hash);
/* if digest larger than ECC scalar, drop the end
* if digest smaller than ECC scalar, zero-pad front */
int hash_dwords = TC_SHA256_DIGEST_SIZE / 4;
if (NUM_ECC_WORDS < hash_dwords) {
hash_dwords = NUM_ECC_WORDS;
}
(void)memset(digest, 0, NUM_ECC_BYTES - 4 * hash_dwords);
uECC_vli_bytesToNative(digest + (NUM_ECC_WORDS - hash_dwords),
digest_bytes, TC_SHA256_DIGEST_SIZE);
/**TESTPOINT: Check ECDSA_sign*/
zassert_true(uECC_sign_with_k(private_bytes, digest_bytes,
sizeof(digest_bytes), k, sig_bytes, uECC_secp256r1()),
"ECDSA_sign failed!");
uECC_vli_bytesToNative(sig, sig_bytes, NUM_ECC_BYTES);
uECC_vli_bytesToNative(sig + NUM_ECC_WORDS, sig_bytes + NUM_ECC_BYTES, NUM_ECC_BYTES);
result = check_ecc_result(i, "sig.r", exp_r, sig, NUM_ECC_WORDS, verbose);
/**TESTPOINT: Check ECC result*/
zassert_false(result, "ECC check failed");
result = check_ecc_result(i, "sig.s", exp_s, sig + NUM_ECC_WORDS, NUM_ECC_WORDS, verbose);
/**TESTPOINT: Check ECC result*/
zassert_false(result, "ECC check failed");
}
result = TC_PASS;
return result;
}
int cavp_sign(bool verbose)
{
/*
* [P-256,SHA-256]
*/
char *d[] = {
"519b423d715f8b581f4fa8ee59f4771a5b44c8130b4e3eacca54a56dda72b464",
"0f56db78ca460b055c500064824bed999a25aaf48ebb519ac201537b85479813",
"e283871239837e13b95f789e6e1af63bf61c918c992e62bca040d64cad1fc2ef",
"a3d2d3b7596f6592ce98b4bfe10d41837f10027a90d7bb75349490018cf72d07",
"53a0e8a8fe93db01e7ae94e1a9882a102ebd079b3a535827d583626c272d280d",
"4af107e8e2194c830ffb712a65511bc9186a133007855b49ab4b3833aefc4a1d",
"78dfaa09f1076850b3e206e477494cddcfb822aaa0128475053592c48ebaf4ab",
"80e692e3eb9fcd8c7d44e7de9f7a5952686407f90025a1d87e52c7096a62618a",
"5e666c0db0214c3b627a8e48541cc84a8b6fd15f300da4dff5d18aec6c55b881",
"f73f455271c877c4d5334627e37c278f68d143014b0a05aa62f308b2101c5308",
"b20d705d9bd7c2b8dc60393a5357f632990e599a0975573ac67fd89b49187906",
"d4234bebfbc821050341a37e1240efe5e33763cbbb2ef76a1c79e24724e5a5e7",
"b58f5211dff440626bb56d0ad483193d606cf21f36d9830543327292f4d25d8c",
"54c066711cdb061eda07e5275f7e95a9962c6764b84f6f1f3ab5a588e0a2afb1",
"34fa4682bf6cb5b16783adcd18f0e6879b92185f76d7c920409f904f522db4b1",
};
char *k[] = {
"94a1bbb14b906a61a280f245f9e93c7f3b4a6247824f5d33b9670787642a68de",
"6d3e71882c3b83b156bb14e0ab184aa9fb728068d3ae9fac421187ae0b2f34c6",
"ad5e887eb2b380b8d8280ad6e5ff8a60f4d26243e0124c2f31a297b5d0835de2",
"24fc90e1da13f17ef9fe84cc96b9471ed1aaac17e3a4bae33a115df4e5834f18",
"5d833e8d24cc7a402d7ee7ec852a3587cddeb48358cea71b0bedb8fabe84e0c4",
"e18f96f84dfa2fd3cdfaec9159d4c338cd54ad314134f0b31e20591fc238d0ab",
"295544dbb2da3da170741c9b2c6551d40af7ed4e891445f11a02b66a5c258a77",
"7c80fd66d62cc076cef2d030c17c0a69c99611549cb32c4ff662475adbe84b22",
"2e7625a48874d86c9e467f890aaa7cd6ebdf71c0102bfdcfa24565d6af3fdce9",
"62f8665fd6e26b3fa069e85281777a9b1f0dfd2c0b9f54a086d0c109ff9fd615",
"72b656f6b35b9ccbc712c9f1f3b1a14cbbebaec41c4bca8da18f492a062d6f6f",
"d926fe10f1bfd9855610f4f5a3d666b1a149344057e35537373372ead8b1a778",
"e158bf4a2d19a99149d9cdb879294ccb7aaeae03d75ddd616ef8ae51a6dc1071",
"646fe933e96c3b8f9f507498e907fdd201f08478d0202c752a7c2cfebf4d061a",
"a6f463ee72c9492bc792fe98163112837aebd07bab7a84aaed05be64db3086f4",
};
char *Msg[] = {
"5905238877c77421f73e43ee3da6f2d9e2ccad5fc942dcec0cbd25482935faaf416983fe16"
"5b1a045ee2bcd2e6dca3bdf46c4310a7461f9a37960ca672d3feb5473e253605fb1ddfd280"
"65b53cb5858a8ad28175bf9bd386a5e471ea7a65c17cc934a9d791e91491eb3754d0379979"
"0fe2d308d16146d5c9b0d0debd97d79ce8",
"c35e2f092553c55772926bdbe87c9796827d17024dbb9233a545366e2e5987dd344deb72df"
"987144b8c6c43bc41b654b94cc856e16b96d7a821c8ec039b503e3d86728c494a967d83011"
"a0e090b5d54cd47f4e366c0912bc808fbb2ea96efac88fb3ebec9342738e225f7c7c2b011c"
"e375b56621a20642b4d36e060db4524af1",
"3c054e333a94259c36af09ab5b4ff9beb3492f8d5b4282d16801daccb29f70fe61a0b37ffe"
"f5c04cd1b70e85b1f549a1c4dc672985e50f43ea037efa9964f096b5f62f7ffdf8d6bfb2cc"
"859558f5a393cb949dbd48f269343b5263dcdb9c556eca074f2e98e6d94c2c29a677afaf80"
"6edf79b15a3fcd46e7067b7669f83188ee",
"0989122410d522af64ceb07da2c865219046b4c3d9d99b01278c07ff63eaf1039cb787ae9e"
"2dd46436cc0415f280c562bebb83a23e639e476a02ec8cff7ea06cd12c86dcc3adefbf1a9e"
"9a9b6646c7599ec631b0da9a60debeb9b3e19324977f3b4f36892c8a38671c8e1cc8e50fcd"
"50f9e51deaf98272f9266fc702e4e57c30",
"dc66e39f9bbfd9865318531ffe9207f934fa615a5b285708a5e9c46b7775150e818d7f24d2"
"a123df3672fff2094e3fd3df6fbe259e3989dd5edfcccbe7d45e26a775a5c4329a084f057c"
"42c13f3248e3fd6f0c76678f890f513c32292dd306eaa84a59abe34b16cb5e38d0e885525d"
"10336ca443e1682aa04a7af832b0eee4e7",
"600974e7d8c5508e2c1aab0783ad0d7c4494ab2b4da265c2fe496421c4df238b0be25f2565"
"9157c8a225fb03953607f7df996acfd402f147e37aee2f1693e3bf1c35eab3ae360a2bd91d"
"04622ea47f83d863d2dfecb618e8b8bdc39e17d15d672eee03bb4ce2cc5cf6b217e5faf3f3"
"36fdd87d972d3a8b8a593ba85955cc9d71",
"dfa6cb9b39adda6c74cc8b2a8b53a12c499ab9dee01b4123642b4f11af336a91a5c9ce0520"
"eb2395a6190ecbf6169c4cba81941de8e76c9c908eb843b98ce95e0da29c5d4388040264e0"
"5e07030a577cc5d176387154eabae2af52a83e85c61c7c61da930c9b19e45d7e34c8516dc3"
"c238fddd6e450a77455d534c48a152010b",
"51d2547cbff92431174aa7fc7302139519d98071c755ff1c92e4694b58587ea560f72f32fc"
"6dd4dee7d22bb7387381d0256e2862d0644cdf2c277c5d740fa089830eb52bf79d1e75b859"
"6ecf0ea58a0b9df61e0c9754bfcd62efab6ea1bd216bf181c5593da79f10135a9bc6e164f1"
"854bc8859734341aad237ba29a81a3fc8b",
"558c2ac13026402bad4a0a83ebc9468e50f7ffab06d6f981e5db1d082098065bcff6f21a7a"
"74558b1e8612914b8b5a0aa28ed5b574c36ac4ea5868432a62bb8ef0695d27c1e3ceaf75c7"
"b251c65ddb268696f07c16d2767973d85beb443f211e6445e7fe5d46f0dce70d58a4cd9fe7"
"0688c035688ea8c6baec65a5fc7e2c93e8",
"4d55c99ef6bd54621662c3d110c3cb627c03d6311393b264ab97b90a4b15214a5593ba2510"
"a53d63fb34be251facb697c973e11b665cb7920f1684b0031b4dd370cb927ca7168b0bf8ad"
"285e05e9e31e34bc24024739fdc10b78586f29eff94412034e3b606ed850ec2c1900e8e681"
"51fc4aee5adebb066eb6da4eaa5681378e",
"f8248ad47d97c18c984f1f5c10950dc1404713c56b6ea397e01e6dd925e903b4fadfe2c9e8"
"77169e71ce3c7fe5ce70ee4255d9cdc26f6943bf48687874de64f6cf30a012512e787b8805"
"9bbf561162bdcc23a3742c835ac144cc14167b1bd6727e940540a9c99f3cbb41fb1dcb00d7"
"6dda04995847c657f4c19d303eb09eb48a",
"3b6ee2425940b3d240d35b97b6dcd61ed3423d8e71a0ada35d47b322d17b35ea0472f35edd"
"1d252f87b8b65ef4b716669fc9ac28b00d34a9d66ad118c9d94e7f46d0b4f6c2b2d339fd6b"
"cd351241a387cc82609057048c12c4ec3d85c661975c45b300cb96930d89370a327c98b67d"
"efaa89497aa8ef994c77f1130f752f94a4",
"c5204b81ec0a4df5b7e9fda3dc245f98082ae7f4efe81998dcaa286bd4507ca840a53d21b0"
"1e904f55e38f78c3757d5a5a4a44b1d5d4e480be3afb5b394a5d2840af42b1b4083d40afbf"
"e22d702f370d32dbfd392e128ea4724d66a3701da41ae2f03bb4d91bb946c7969404cb544f"
"71eb7a49eb4c4ec55799bda1eb545143a7",
"72e81fe221fb402148d8b7ab03549f1180bcc03d41ca59d7653801f0ba853add1f6d29edd7"
"f9abc621b2d548f8dbf8979bd16608d2d8fc3260b4ebc0dd42482481d548c7075711b57596"
"49c41f439fad69954956c9326841ea6492956829f9e0dc789f73633b40f6ac77bcae6dfc79"
"30cfe89e526d1684365c5b0be2437fdb01",
"21188c3edd5de088dacc1076b9e1bcecd79de1003c2414c3866173054dc82dde85169baa77"
"993adb20c269f60a5226111828578bcc7c29e6e8d2dae81806152c8ba0c6ada1986a1983eb"
"eec1473a73a04795b6319d48662d40881c1723a706f516fe75300f92408aa1dc6ae4288d20"
"46f23c1aa2e54b7fb6448a0da922bd7f34",
};
char *Qx[] = {
"1ccbe91c075fc7f4f033bfa248db8fccd3565de94bbfb12f3c59ff46c271bf83",
"e266ddfdc12668db30d4ca3e8f7749432c416044f2d2b8c10bf3d4012aeffa8a",
"74ccd8a62fba0e667c50929a53f78c21b8ff0c3c737b0b40b1750b2302b0bde8",
"322f80371bf6e044bc49391d97c1714ab87f990b949bc178cb7c43b7c22d89e1",
"1bcec4570e1ec2436596b8ded58f60c3b1ebc6a403bc5543040ba82963057244",
"a32e50be3dae2c8ba3f5e4bdae14cf7645420d425ead94036c22dd6c4fc59e00",
"8bcfe2a721ca6d753968f564ec4315be4857e28bef1908f61a366b1f03c97479",
"a88bc8430279c8c0400a77d751f26c0abc93e5de4ad9a4166357952fe041e767",
"1bc487570f040dc94196c9befe8ab2b6de77208b1f38bdaae28f9645c4d2bc3a",
"b8188bd68701fc396dab53125d4d28ea33a91daf6d21485f4770f6ea8c565dde",
"51f99d2d52d4a6e734484a018b7ca2f895c2929b6754a3a03224d07ae61166ce",
"8fb287f0202ad57ae841aea35f29b2e1d53e196d0ddd9aec24813d64c0922fb7",
"68229b48c2fe19d3db034e4c15077eb7471a66031f28a980821873915298ba76",
"0a7dbb8bf50cb605eb2268b081f26d6b08e012f952c4b70a5a1e6e7d46af98bb",
"105d22d9c626520faca13e7ced382dcbe93498315f00cc0ac39c4821d0d73737",
};
char *Qy[] = {
"ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9",
"bfa86404a2e9ffe67d47c587ef7a97a7f456b863b4d02cfc6928973ab5b1cb39",
"29074e21f3a0ef88b9efdf10d06aa4c295cc1671f758ca0e4cd108803d0f2614",
"3c15d54a5cc6b9f09de8457e873eb3deb1fceb54b0b295da6050294fae7fd999",
"8af62a4c683f096b28558320737bf83b9959a46ad2521004ef74cf85e67494e1",
"d623bf641160c289d6742c6257ae6ba574446dd1d0e74db3aaa80900b78d4ae9",
"0f67576a30b8e20d4232d8530b52fb4c89cbc589ede291e499ddd15fe870ab96",
"2d365a1eef25ead579cc9a069b6abc1b16b81c35f18785ce26a10ba6d1381185",
"ec81602abd8345e71867c8210313737865b8aa186851e1b48eaca140320f5d8f",
"423f058810f277f8fe076f6db56e9285a1bf2c2a1dae145095edd9c04970bc4a",
"4737da963c6ef7247fb88d19f9b0c667cac7fe12837fdab88c66f10d3c14cad1",
"1f6daff1aa2dd2d6d3741623eecb5e7b612997a1039aab2e5cf2de969cfea573",
"303e8ee3742a893f78b810991da697083dd8f11128c47651c27a56740a80c24c",
"f26dd7d799930062480849962ccf5004edcfd307c044f4e8f667c9baa834eeae",
"6c47f3cbbfa97dfcebe16270b8c7d5d3a5900b888c42520d751e8faf3b401ef4",
};
char *R[] = {
"f3ac8061b514795b8843e3d6629527ed2afd6b1f6a555a7acabb5e6f79c8c2ac",
"976d3a4e9d23326dc0baa9fa560b7c4e53f42864f508483a6473b6a11079b2db",
"35fb60f5ca0f3ca08542fb3cc641c8263a2cab7a90ee6a5e1583fac2bb6f6bd1",
"d7c562370af617b581c84a2468cc8bd50bb1cbf322de41b7887ce07c0e5884ca",
"18caaf7b663507a8bcd992b836dec9dc5703c080af5e51dfa3a9a7c387182604",
"8524c5024e2d9a73bde8c72d9129f57873bbad0ed05215a372a84fdbc78f2e68",
"c5a186d72df452015480f7f338970bfe825087f05c0088d95305f87aacc9b254",
"9d0c6afb6df3bced455b459cc21387e14929392664bb8741a3693a1795ca6902",
"2f9e2b4e9f747c657f705bffd124ee178bbc5391c86d056717b140c153570fd9",
"1cc628533d0004b2b20e7f4baad0b8bb5e0673db159bbccf92491aef61fc9620",
"9886ae46c1415c3bc959e82b760ad760aab66885a84e620aa339fdf102465c42",
"490efd106be11fc365c7467eb89b8d39e15d65175356775deab211163c2504cb",
"e67a9717ccf96841489d6541f4f6adb12d17b59a6bef847b6183b8fcf16a32eb",
"b53ce4da1aa7c0dc77a1896ab716b921499aed78df725b1504aba1597ba0c64b",
"542c40a18140a6266d6f0286e24e9a7bad7650e72ef0e2131e629c076d962663",
};
char *S[] = {
"8bf77819ca05a6b2786c76262bf7371cef97b218e96f175a3ccdda2acc058903",
"1b766e9ceb71ba6c01dcd46e0af462cd4cfa652ae5017d4555b8eeefe36e1932",
"ee59d81bc9db1055cc0ed97b159d8784af04e98511d0a9a407b99bb292572e96",
"b46d9f2d8c4bf83546ff178f1d78937c008d64e8ecc5cbb825cb21d94d670d89",
"77c68928ac3b88d985fb43fb615fb7ff45c18ba5c81af796c613dfa98352d29c",
"d18c2caf3b1072f87064ec5e8953f51301cada03469c640244760328eb5a05cb",
"84a58f9e9d9e735344b316b1aa1ab5185665b85147dc82d92e969d7bee31ca30",
"d7f9ddd191f1f412869429209ee3814c75c72fa46a9cccf804a2f5cc0b7e739f",
"f5413bfd85949da8d83de83ab0d19b2986613e224d1901d76919de23ccd03199",
"880e0bbf82a8cf818ed46ba03cf0fc6c898e36fca36cc7fdb1d2db7503634430",
"2bf3a80bc04faa35ebecc0f4864ac02d349f6f126e0f988501b8d3075409a26c",
"644300fc0da4d40fb8c6ead510d14f0bd4e1321a469e9c0a581464c7186b7aa7",
"9ae6ba6d637706849a6a9fc388cf0232d85c26ea0d1fe7437adb48de58364333",
"d7c246dc7ad0e67700c373edcfdd1c0a0495fc954549ad579df6ed1438840851",
"4f7f65305e24a6bbb5cff714ba8f5a2cee5bdc89ba8d75dcbf21966ce38eb66f",
};
struct tc_sha256_state_struct sha256_ctx;
TC_PRINT("Test #1: ECDSAsign ");
TC_PRINT("NIST-p256, SHA2-256\n");
return sign_vectors(&sha256_ctx, d, k, Msg, Qx, Qy, R, S, 15, verbose);
}
int vrfy_vectors(TCSha256State_t hash, char **msg_vec, char **qx_vec, char **qy_vec,
char **r_vec, char **s_vec, int res_vec[], int tests, bool verbose)
{
const struct uECC_Curve_t *curve = uECC_secp256r1();
unsigned int pub[2 * NUM_ECC_WORDS];
uint8_t pub_bytes[2 * NUM_ECC_BYTES];
unsigned int sig[2 * NUM_ECC_WORDS];
uint8_t sig_bytes[2 * NUM_ECC_BYTES];
uint8_t digest_bytes[TC_SHA256_DIGEST_SIZE];
unsigned int digest[TC_SHA256_DIGEST_SIZE / 4];
unsigned int result = TC_PASS;
int rc;
int exp_rc;
uint8_t msg[BUF_SIZE];
size_t msglen;
for (int i = 0; i < tests; i++) {
string2scalar(pub, NUM_ECC_WORDS, qx_vec[i]);
string2scalar(pub + NUM_ECC_WORDS, NUM_ECC_WORDS, qy_vec[i]);
string2scalar(sig, NUM_ECC_WORDS, r_vec[i]);
string2scalar(sig + NUM_ECC_WORDS, NUM_ECC_WORDS, s_vec[i]);
exp_rc = res_vec[i];
/* validate ECDSA: hash message, verify r+s */
msglen = hex2bin(msg_vec[i], strlen(msg_vec[i]), msg, BUF_SIZE);
/**TESTPOINT: Check if msg imported*/
zassert_true(msglen, "failed to import message!");
tc_sha256_init(hash);
tc_sha256_update(hash, msg, msglen);
tc_sha256_final(digest_bytes, hash);
/* if digest larger than ECC scalar, drop the end
* if digest smaller than ECC scalar, zero-pad front */
int hash_dwords = TC_SHA256_DIGEST_SIZE / 4;
if (NUM_ECC_WORDS < hash_dwords) {
hash_dwords = NUM_ECC_WORDS;
}
(void)memset(digest, 0, NUM_ECC_BYTES - 4 * hash_dwords);
uECC_vli_bytesToNative(digest + (NUM_ECC_WORDS - hash_dwords), digest_bytes,
TC_SHA256_DIGEST_SIZE);
uECC_vli_nativeToBytes(pub_bytes, NUM_ECC_BYTES, pub);
uECC_vli_nativeToBytes(pub_bytes + NUM_ECC_BYTES, NUM_ECC_BYTES,
pub + NUM_ECC_WORDS);
/* adapt return codes to match CAVP error: */
if (0 != uECC_valid_public_key(pub_bytes, curve)) {
/* error 4 - Q changed */
rc = 4;
} else {
uECC_vli_nativeToBytes(sig_bytes, NUM_ECC_BYTES, sig);
uECC_vli_nativeToBytes(sig_bytes + NUM_ECC_BYTES, NUM_ECC_BYTES,
sig + NUM_ECC_WORDS);
rc = uECC_verify(pub_bytes, digest_bytes, sizeof(digest_bytes), sig_bytes,
uECC_secp256r1());
/* CAVP expects 0 for success, others for fail */
rc = !rc;
if (exp_rc != 0 && rc != 0) {
/* mimic CAVP code on errors. */
rc = exp_rc;
}
}
result = check_code(i, exp_rc, rc, verbose);
/**TESTPOINT: Check result*/
zassert_false(result, "check_code failed");
}
return result;
}
int cavp_verify(bool verbose)
{
/*
* [P-256,SHA-256]
*/
char *Msg[] = {
"e4796db5f785f207aa30d311693b3702821dff1168fd2e04c0836825aefd850d9aa60326d8"
"8cde1a23c7745351392ca2288d632c264f197d05cd424a30336c19fd09bb229654f0222fcb"
"881a4b35c290a093ac159ce13409111ff0358411133c24f5b8e2090d6db6558afc36f06ca1"
"f6ef779785adba68db27a409859fc4c4a0",
"069a6e6b93dfee6df6ef6997cd80dd2182c36653cef10c655d524585655462d683877f95ec"
"c6d6c81623d8fac4e900ed0019964094e7de91f1481989ae1873004565789cbf5dc56c62ae"
"dc63f62f3b894c9c6f7788c8ecaadc9bd0e81ad91b2b3569ea12260e93924fdddd3972af52"
"73198f5efda0746219475017557616170e",
"df04a346cf4d0e331a6db78cca2d456d31b0a000aa51441defdb97bbeb20b94d8d746429a3"
"93ba88840d661615e07def615a342abedfa4ce912e562af714959896858af817317a840dcf"
"f85a057bb91a3c2bf90105500362754a6dd321cdd86128cfc5f04667b57aa78c112411e42d"
"a304f1012d48cd6a7052d7de44ebcc01de",
"e1130af6a38ccb412a9c8d13e15dbfc9e69a16385af3c3f1e5da954fd5e7c45fd75e2b8c36"
"699228e92840c0562fbf3772f07e17f1add56588dd45f7450e1217ad239922dd9c32695dc7"
"1ff2424ca0dec1321aa47064a044b7fe3c2b97d03ce470a592304c5ef21eed9f93da56bb23"
"2d1eeb0035f9bf0dfafdcc4606272b20a3",
"73c5f6a67456ae48209b5f85d1e7de7758bf235300c6ae2bdceb1dcb27a7730fb68c950b7f"
"cada0ecc4661d3578230f225a875e69aaa17f1e71c6be5c831f22663bac63d0c7a9635edb0"
"043ff8c6f26470f02a7bc56556f1437f06dfa27b487a6c4290d8bad38d4879b334e341ba09"
"2dde4e4ae694a9c09302e2dbf443581c08",
"666036d9b4a2426ed6585a4e0fd931a8761451d29ab04bd7dc6d0c5b9e38e6c2b263ff6cb8"
"37bd04399de3d757c6c7005f6d7a987063cf6d7e8cb38a4bf0d74a282572bd01d0f41e3fd0"
"66e3021575f0fa04f27b700d5b7ddddf50965993c3f9c7118ed78888da7cb221849b326059"
"2b8e632d7c51e935a0ceae15207bedd548",
"7e80436bce57339ce8da1b5660149a20240b146d108deef3ec5da4ae256f8f894edcbbc57b"
"34ce37089c0daa17f0c46cd82b5a1599314fd79d2fd2f446bd5a25b8e32fcf05b76d644573"
"a6df4ad1dfea707b479d97237a346f1ec632ea5660efb57e8717a8628d7f82af50a4e84b11"
"f21bdff6839196a880ae20b2a0918d58cd",
"1669bfb657fdc62c3ddd63269787fc1c969f1850fb04c933dda063ef74a56ce13e3a649700"
"820f0061efabf849a85d474326c8a541d99830eea8131eaea584f22d88c353965dabcdc4bf"
"6b55949fd529507dfb803ab6b480cd73ca0ba00ca19c438849e2cea262a1c57d8f81cd257f"
"b58e19dec7904da97d8386e87b84948169",
"3fe60dd9ad6caccf5a6f583b3ae65953563446c4510b70da115ffaa0ba04c076115c7043ab"
"8733403cd69c7d14c212c655c07b43a7c71b9a4cffe22c2684788ec6870dc2013f269172c8"
"22256f9e7cc674791bf2d8486c0f5684283e1649576efc982ede17c7b74b214754d70402fb"
"4bb45ad086cf2cf76b3d63f7fce39ac970",
"983a71b9994d95e876d84d28946a041f8f0a3f544cfcc055496580f1dfd4e312a2ad418fe6"
"9dbc61db230cc0c0ed97e360abab7d6ff4b81ee970a7e97466acfd9644f828ffec538abc38"
"3d0e92326d1c88c55e1f46a668a039beaa1be631a89129938c00a81a3ae46d4aecbf9707f7"
"64dbaccea3ef7665e4c4307fa0b0a3075c",
"4a8c071ac4fd0d52faa407b0fe5dab759f7394a5832127f2a3498f34aac287339e043b4ffa"
"79528faf199dc917f7b066ad65505dab0e11e6948515052ce20cfdb892ffb8aa9bf3f1aa5b"
"e30a5bbe85823bddf70b39fd7ebd4a93a2f75472c1d4f606247a9821f1a8c45a6cb80545de"
"2e0c6c0174e2392088c754e9c8443eb5af",
"0a3a12c3084c865daf1d302c78215d39bfe0b8bf28272b3c0b74beb4b7409db0718239de70"
"0785581514321c6440a4bbaea4c76fa47401e151e68cb6c29017f0bce4631290af5ea5e2bf"
"3ed742ae110b04ade83a5dbd7358f29a85938e23d87ac8233072b79c94670ff0959f9c7f45"
"17862ff829452096c78f5f2e9a7e4e9216",
"785d07a3c54f63dca11f5d1a5f496ee2c2f9288e55007e666c78b007d95cc28581dce51f49"
"0b30fa73dc9e2d45d075d7e3a95fb8a9e1465ad191904124160b7c60fa720ef4ef1c5d2998"
"f40570ae2a870ef3e894c2bc617d8a1dc85c3c55774928c38789b4e661349d3f84d2441a3b"
"856a76949b9f1f80bc161648a1cad5588e",
"76f987ec5448dd72219bd30bf6b66b0775c80b394851a43ff1f537f140a6e7229ef8cd72ad"
"58b1d2d20298539d6347dd5598812bc65323aceaf05228f738b5ad3e8d9fe4100fd767c2f0"
"98c77cb99c2992843ba3eed91d32444f3b6db6cd212dd4e5609548f4bb62812a920f6e2bf1"
"581be1ebeebdd06ec4e971862cc42055ca",
"60cd64b2cd2be6c33859b94875120361a24085f3765cb8b2bf11e026fa9d8855dbe435acf7"
"882e84f3c7857f96e2baab4d9afe4588e4a82e17a78827bfdb5ddbd1c211fbc2e6d884cddd"
"7cb9d90d5bf4a7311b83f352508033812c776a0e00c003c7e0d628e50736c7512df0acfa9f"
"2320bd102229f46495ae6d0857cc452a84",
};
char *Qx[] = {
"87f8f2b218f49845f6f10eec3877136269f5c1a54736dbdf69f89940cad41555",
"5cf02a00d205bdfee2016f7421807fc38ae69e6b7ccd064ee689fc1a94a9f7d2",
"2ddfd145767883ffbb0ac003ab4a44346d08fa2570b3120dcce94562422244cb",
"e424dc61d4bb3cb7ef4344a7f8957a0c5134e16f7a67c074f82e6e12f49abf3c",
"e0fc6a6f50e1c57475673ee54e3a57f9a49f3328e743bf52f335e3eeaa3d2864",
"a849bef575cac3c6920fbce675c3b787136209f855de19ffe2e8d29b31a5ad86",
"3dfb6f40f2471b29b77fdccba72d37c21bba019efa40c1c8f91ec405d7dcc5df",
"69b7667056e1e11d6caf6e45643f8b21e7a4bebda463c7fdbc13bc98efbd0214",
"bf02cbcf6d8cc26e91766d8af0b164fc5968535e84c158eb3bc4e2d79c3cc682",
"224a4d65b958f6d6afb2904863efd2a734b31798884801fcab5a590f4d6da9de",
"43691c7795a57ead8c5c68536fe934538d46f12889680a9cb6d055a066228369",
"9157dbfcf8cf385f5bb1568ad5c6e2a8652ba6dfc63bc1753edf5268cb7eb596",
"072b10c081a4c1713a294f248aef850e297991aca47fa96a7470abe3b8acfdda",
"09308ea5bfad6e5adf408634b3d5ce9240d35442f7fe116452aaec0d25be8c24",
"2d98ea01f754d34bbc3003df5050200abf445ec728556d7ed7d5c54c55552b6d",
};
char *Qy[] = {
"e15f369036f49842fac7a86c8a2b0557609776814448b8f5e84aa9f4395205e9",
"ec530ce3cc5c9d1af463f264d685afe2b4db4b5828d7e61b748930f3ce622a85",
"5f70c7d11ac2b7a435ccfbbae02c3df1ea6b532cc0e9db74f93fffca7c6f9a64",
"970eed7aa2bc48651545949de1dddaf0127e5965ac85d1243d6f60e7dfaee927",
"7f59d689c91e463607d9194d99faf316e25432870816dde63f5d4b373f12f22a",
"bf5fe4f7858f9b805bd8dcc05ad5e7fb889de2f822f3d8b41694e6c55c16b471",
"f22f953f1e395a52ead7f3ae3fc47451b438117b1e04d613bc8555b7d6e6d1bb",
"d3f9b12eb46c7c6fda0da3fc85bc1fd831557f9abc902a3be3cb3e8be7d1aa2f",
"069ba6cb06b49d60812066afa16ecf7b51352f2c03bd93ec220822b1f3dfba03",
"178d51fddada62806f097aa615d33b8f2404e6b1479f5fd4859d595734d6d2b9",
"f8790110b3c3b281aa1eae037d4f1234aff587d903d93ba3af225c27ddc9ccac",
"972570f4313d47fc96f7c02d5594d77d46f91e949808825b3d31f029e8296405",
"9581145cca04a0fb94cedce752c8f0370861916d2a94e7c647c5373ce6a4c8f5",
"f40c93e023ef494b1c3079b2d10ef67f3170740495ce2cc57f8ee4b0618b8ee5",
"9b52672742d637a32add056dfd6d8792f2a33c2e69dafabea09b960bc61e230a",
};
char *R[] = {
"d19ff48b324915576416097d2544f7cbdf8768b1454ad20e0baac50e211f23b0",
"dc23d130c6117fb5751201455e99f36f59aba1a6a21cf2d0e7481a97451d6693",
"9913111cff6f20c5bf453a99cd2c2019a4e749a49724a08774d14e4c113edda8",
"bf96b99aa49c705c910be33142017c642ff540c76349b9dab72f981fd9347f4f",
"1d75830cd36f4c9aa181b2c4221e87f176b7f05b7c87824e82e396c88315c407",
"25acc3aa9d9e84c7abf08f73fa4195acc506491d6fc37cb9074528a7db87b9d6",
"548886278e5ec26bed811dbb72db1e154b6f17be70deb1b210107decb1ec2a5a",
"288f7a1cd391842cce21f00e6f15471c04dc182fe4b14d92dc18910879799790",
"f5acb06c59c2b4927fb852faa07faf4b1852bbb5d06840935e849c4d293d1bad",
"87b93ee2fecfda54deb8dff8e426f3c72c8864991f8ec2b3205bb3b416de93d2",
"8acd62e8c262fa50dd9840480969f4ef70f218ebf8ef9584f199031132c6b1ce",
"dfaea6f297fa320b707866125c2a7d5d515b51a503bee817de9faa343cc48eeb",
"09f5483eccec80f9d104815a1be9cc1a8e5b12b6eb482a65c6907b7480cf4f19",
"5cc8aa7c35743ec0c23dde88dabd5e4fcd0192d2116f6926fef788cddb754e73",
"06108e525f845d0155bf60193222b3219c98e3d49424c2fb2a0987f825c17959",
};
int results[] = { 3, 2, 4, 0, 0, 2, 4, 1, 3, 2, 3, 1, 4, 1, 0 };
char *S[] = {
"a3e81e59311cdfff2d4784949f7a2cb50ba6c3a91fa54710568e61aca3e847c6",
"d6ce7708c18dbf35d4f8aa7240922dc6823f2e7058cbc1484fcad1599db5018c",
"9467cd4cd21ecb56b0cab0a9a453b43386845459127a952421f5c6382866c5cc",
"17c55095819089c2e03b9cd415abdf12444e323075d98f31920b9e0f57ec871c",
"cb2acb01dac96efc53a32d4a0d85d0c2e48955214783ecf50a4f0414a319c05a",
"9b21d5b5259ed3f2ef07dfec6cc90d3a37855d1ce122a85ba6a333f307d31537",
"e93bfebd2f14f3d827ca32b464be6e69187f5edbd52def4f96599c37d58eee75",
"247b3c4e89a3bcadfea73c7bfd361def43715fa382b8c3edf4ae15d6e55e9979",
"049dab79c89cc02f1484c437f523e080a75f134917fda752f2d5ca397addfe5d",
"4044a24df85be0cc76f21a4430b75b8e77b932a87f51e4eccbc45c263ebf8f66",
"cfca7ed3d4347fb2a29e526b43c348ae1ce6c60d44f3191b6d8ea3a2d9c92154",
"8f780ad713f9c3e5a4f7fa4c519833dfefc6a7432389b1e4af463961f09764f2",
"a4f90e560c5e4eb8696cb276e5165b6a9d486345dedfb094a76e8442d026378d",
"9c9c045ebaa1b828c32f82ace0d18daebf5e156eb7cbfdc1eff4399a8a900ae7",
"62b5cdd591e5b507e560167ba8f6f7cda74673eb315680cb89ccbc4eec477dce",
};
struct tc_sha256_state_struct sha256_ctx;
printf("Test #2: ECDSAvrfy ");
printf("NIST-p256, SHA2-256\n");
return vrfy_vectors(&sha256_ctx, Msg, Qx, Qy, R, S, results, 15, verbose);
}
int montecarlo_signverify(int num_tests, bool verbose)
{
printf("Test #3: Monte Carlo (%d Randomized EC-DSA signatures) ", num_tests);
printf("NIST-p256, SHA2-256\n ");
int i;
uint8_t private[NUM_ECC_BYTES];
uint8_t public[2 * NUM_ECC_BYTES];
uint8_t hash[NUM_ECC_BYTES];
unsigned int hash_words[NUM_ECC_WORDS];
uint8_t sig[2 * NUM_ECC_BYTES];
const struct uECC_Curve_t *curve = uECC_secp256r1();
for (i = 0; i < num_tests; ++i) {
if (verbose) {
TC_PRINT(".");
}
uECC_generate_random_int(hash_words, curve->n, BITS_TO_WORDS(curve->num_n_bits));
uECC_vli_nativeToBytes(hash, NUM_ECC_BYTES, hash_words);
/**TESTPOINT: Check uECC_make_key*/
zassert_true(uECC_make_key(public, private, curve),
"uECC_make_key() failed");
/**TESTPOINT: Check uECC_sign*/
zassert_true(uECC_sign(private, hash, sizeof(hash), sig, curve),
"uECC_sign() failed");
/**TESTPOINT: Check uECC_verify*/
zassert_true(uECC_verify(public, hash, sizeof(hash), sig, curve),
"uECC_verify() failed");
if (verbose) {
printf(".");
}
}
TC_PRINT("\n");
return TC_PASS;
}
int default_CSPRNG(uint8_t *dest, unsigned int size)
{
/* This is not a CSPRNG, but it's the only thing available in the
* system at this point in time. */
sys_rand_get(dest, size);
return 1;
}
ZTEST(tinycrypt, test_ecc_dsa)
{
unsigned int result = TC_PASS;
/* Setup of the Cryptographically Secure PRNG. */
uECC_set_rng(&default_CSPRNG);
bool verbose = true;
TC_PRINT("Performing cavp_sign test:\n");
result = cavp_sign(verbose);
/**TESTPOINT: Verify cavp_sign*/
zassert_false(result, "cavp_sign test failed.");
TC_PRINT("Performing cavp_verify test:\n");
result = cavp_verify(verbose);
/**TESTPOINT: Verify cavp_verify*/
zassert_false(result, "cavp_verify test failed.");
TC_PRINT("Performing montecarlo_signverify test:\n");
result = montecarlo_signverify(10, verbose);
/**TESTPOINT: Verify montecarlo_signverify*/
zassert_false(result, "montecarlo_signverify test failed.");
TC_PRINT("\nAll ECC-DSA tests succeeded.\n");
}

376
tests/crypto/tinycrypt/src/hmac.c
View File

@@ -1,376 +0,0 @@
/* test_hmac.c - TinyCrypt implementation of some HMAC tests */
/*
* Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* - Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* DESCRIPTION
* This module tests the following HMAC routines:
* Scenarios tested include:
* - HMAC tests (RFC 4231 test vectors)
*/
#include <tinycrypt/hmac.h>
#include <tinycrypt/constants.h>
#include <zephyr/test_utils.h>
#include <zephyr/ztest.h>
static uint32_t do_hmac_test(TCHmacState_t h, uint32_t testnum, const uint8_t *data,
size_t datalen, const uint8_t *expected,
size_t expectedlen)
{
uint8_t digest[32];
uint32_t result = TC_PASS;
(void)tc_hmac_init(h);
(void)tc_hmac_update(h, data, datalen);
(void)tc_hmac_final(digest, TC_SHA256_DIGEST_SIZE, h);
result = check_result(testnum, expected, expectedlen,
digest, sizeof(digest), 1);
return result;
}
/*
* NIST test vectors for encryption.
*/
ZTEST(tinycrypt, test_hmac_1)
{
uint32_t result = TC_PASS;
TC_PRINT("HMAC %s:\n", __func__);
const uint8_t key[20] = {
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b
};
const uint8_t data[8] = {
0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65
};
const uint8_t expected[32] = {
0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8,
0xaf, 0xce,
0xaf, 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83,
0x3d, 0xa7,
0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7
};
struct tc_hmac_state_struct h;
(void)memset(&h, 0x00, sizeof(h));
(void)tc_hmac_set_key(&h, key, sizeof(key));
result = do_hmac_test(&h, 1, data, sizeof(data),
expected, sizeof(expected));
/**TESTPOINT: Check result*/
zassert_false(result, "HMAC test #7 failed");
}
ZTEST(tinycrypt, test_hmac_2)
{
uint32_t result = TC_PASS;
TC_PRINT("HMAC %s:\n", __func__);
const uint8_t key[4] = {
0x4a, 0x65, 0x66, 0x65
};
const uint8_t data[28] = {
0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20, 0x79, 0x61,
0x20, 0x77,
0x61, 0x6e, 0x74, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f,
0x74, 0x68,
0x69, 0x6e, 0x67, 0x3f
};
const uint8_t expected[32] = {
0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, 0x6a, 0x04,
0x24, 0x26,
0x08, 0x95, 0x75, 0xc7, 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27,
0x39, 0x83,
0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43
};
struct tc_hmac_state_struct h;
(void)memset(&h, 0x00, sizeof(h));
(void)tc_hmac_set_key(&h, key, sizeof(key));
result = do_hmac_test(&h, 2, data, sizeof(data),
expected, sizeof(expected));
/**TESTPOINT: Check result*/
zassert_false(result, "HMAC test #7 failed");
}
ZTEST(tinycrypt, test_hmac_3)
{
uint32_t result = TC_PASS;
TC_PRINT("HMAC %s:\n", __func__);
const uint8_t key[20] = {
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
};
const uint8_t data[50] = {
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
0xdd, 0xdd,
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
0xdd, 0xdd,
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
0xdd, 0xdd,
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
0xdd, 0xdd,
0xdd, 0xdd
};
const uint8_t expected[32] = {
0x77, 0x3e, 0xa9, 0x1e, 0x36, 0x80, 0x0e, 0x46, 0x85, 0x4d,
0xb8, 0xeb,
0xd0, 0x91, 0x81, 0xa7, 0x29, 0x59, 0x09, 0x8b, 0x3e, 0xf8,
0xc1, 0x22,
0xd9, 0x63, 0x55, 0x14, 0xce, 0xd5, 0x65, 0xfe
};
struct tc_hmac_state_struct h;
(void)memset(&h, 0x00, sizeof(h));
(void)tc_hmac_set_key(&h, key, sizeof(key));
result = do_hmac_test(&h, 3, data, sizeof(data),
expected, sizeof(expected));
/**TESTPOINT: Check result*/
zassert_false(result, "HMAC test #3 failed");
}
ZTEST(tinycrypt, test_hmac_4)
{
uint32_t result = TC_PASS;
TC_PRINT("HMAC %s:\n", __func__);
const uint8_t key[25] = {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
0x0b, 0x0c,
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
0x17, 0x18,
0x19
};
const uint8_t data[50] = {
0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
0xcd, 0xcd,
0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
0xcd, 0xcd,
0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
0xcd, 0xcd,
0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
0xcd, 0xcd,
0xcd, 0xcd
};
const uint8_t expected[32] = {
0x82, 0x55, 0x8a, 0x38, 0x9a, 0x44, 0x3c, 0x0e, 0xa4, 0xcc,
0x81, 0x98,
0x99, 0xf2, 0x08, 0x3a, 0x85, 0xf0, 0xfa, 0xa3, 0xe5, 0x78,
0xf8, 0x07,
0x7a, 0x2e, 0x3f, 0xf4, 0x67, 0x29, 0x66, 0x5b
};
struct tc_hmac_state_struct h;
(void)memset(&h, 0x00, sizeof(h));
(void)tc_hmac_set_key(&h, key, sizeof(key));
result = do_hmac_test(&h, 4, data, sizeof(data),
expected, sizeof(expected));
/**TESTPOINT: Check result*/
zassert_false(result, "HMAC test #4 failed");
}
ZTEST(tinycrypt, test_hmac_5)
{
uint32_t result = TC_PASS;
TC_PRINT("HMAC %s:\n", __func__);
const uint8_t key[20] = {
0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
0x0c, 0x0c,
0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c
};
const uint8_t data[20] = {
0x54, 0x65, 0x73, 0x74, 0x20, 0x57, 0x69, 0x74, 0x68, 0x20,
0x54, 0x72,
0x75, 0x6e, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e
};
const uint8_t expected[32] = {
0xa3, 0xb6, 0x16, 0x74, 0x73, 0x10, 0x0e, 0xe0, 0x6e, 0x0c,
0x79, 0x6c,
0x29, 0x55, 0x55, 0x2b, 0xfa, 0x6f, 0x7c, 0x0a, 0x6a, 0x8a,
0xef, 0x8b,
0x93, 0xf8, 0x60, 0xaa, 0xb0, 0xcd, 0x20, 0xc5
};
struct tc_hmac_state_struct h;
(void)memset(&h, 0x00, sizeof(h));
(void)tc_hmac_set_key(&h, key, sizeof(key));
result = do_hmac_test(&h, 5, data, sizeof(data),
expected, sizeof(expected));
/**TESTPOINT: Check result*/
zassert_false(result, "HMAC test #5 failed");
}
ZTEST(tinycrypt, test_hmac_6)
{
uint32_t result = TC_PASS;
TC_PRINT("HMAC %s:\n", __func__);
const uint8_t key[131] = {
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
};
const uint8_t data[54] = {
0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, 0x6e, 0x67,
0x20, 0x4c,
0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x54, 0x68, 0x61, 0x6e,
0x20, 0x42,
0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, 0x65, 0x20,
0x4b, 0x65,
0x79, 0x20, 0x2d, 0x20, 0x48, 0x61, 0x73, 0x68, 0x20, 0x4b,
0x65, 0x79,
0x20, 0x46, 0x69, 0x72, 0x73, 0x74
};
const uint8_t expected[32] = {
0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, 0x0d, 0x8a,
0x26, 0xaa,
0xcb, 0xf5, 0xb7, 0x7f, 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28,
0xc5, 0x14,
0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54
};
struct tc_hmac_state_struct h;
(void)memset(&h, 0x00, sizeof(h));
(void)tc_hmac_set_key(&h, key, sizeof(key));
result = do_hmac_test(&h, 6, data, sizeof(data),
expected, sizeof(expected));
/**TESTPOINT: Check result*/
zassert_false(result, "HMAC test #6 failed");
}
ZTEST(tinycrypt, test_hmac_7)
{
uint32_t result = TC_PASS;
TC_PRINT("HMAC %s:\n", __func__);
const uint8_t key[131] = {
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
};
const uint8_t data[152] = {
0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x61, 0x20,
0x74, 0x65,
0x73, 0x74, 0x20, 0x75, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x61,
0x20, 0x6c,
0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x74, 0x68, 0x61, 0x6e,
0x20, 0x62,
0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20,
0x6b, 0x65,
0x79, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x61, 0x20, 0x6c, 0x61,
0x72, 0x67,
0x65, 0x72, 0x20, 0x74, 0x68, 0x61, 0x6e, 0x20, 0x62, 0x6c,
0x6f, 0x63,
0x6b, 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20, 0x64, 0x61, 0x74,
0x61, 0x2e,
0x20, 0x54, 0x68, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x6e,
0x65, 0x65,
0x64, 0x73, 0x20, 0x74, 0x6f, 0x20, 0x62, 0x65, 0x20, 0x68,
0x61, 0x73,
0x68, 0x65, 0x64, 0x20, 0x62, 0x65, 0x66, 0x6f, 0x72, 0x65,
0x20, 0x62,
0x65, 0x69, 0x6e, 0x67, 0x20, 0x75, 0x73, 0x65, 0x64, 0x20,
0x62, 0x79,
0x20, 0x74, 0x68, 0x65, 0x20, 0x48, 0x4d, 0x41, 0x43, 0x20,
0x61, 0x6c,
0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x2e
};
const uint8_t expected[32] = {
0x9b, 0x09, 0xff, 0xa7, 0x1b, 0x94, 0x2f, 0xcb, 0x27, 0x63,
0x5f, 0xbc,
0xd5, 0xb0, 0xe9, 0x44, 0xbf, 0xdc, 0x63, 0x64, 0x4f, 0x07,
0x13, 0x93,
0x8a, 0x7f, 0x51, 0x53, 0x5c, 0x3a, 0x35, 0xe2
};
struct tc_hmac_state_struct h;
(void)memset(&h, 0x00, sizeof(h));
(void)tc_hmac_set_key(&h, key, sizeof(key));
result = do_hmac_test(&h, 7, data, sizeof(data),
expected, sizeof(expected));
/**TESTPOINT: Check result*/
zassert_false(result, "HMAC test #7 failed");
}

9
tests/crypto/tinycrypt/src/main.c
View File

@@ -1,9 +0,0 @@
/*
* Copyright (c) 2017 Intel Corporation
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <zephyr/ztest.h>
ZTEST_SUITE(tinycrypt, NULL, NULL, NULL, NULL, NULL);

482
tests/crypto/tinycrypt/src/sha256.c
View File

@@ -1,482 +0,0 @@
/* test_sha256.c - TinyCrypt implementation of some SHA-256 tests */
/*
* Copyright (C) 2015 by Intel Corporation, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* - Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* DESCRIPTION
* This module tests the following SHA256 routines:
* Scenarios tested include:
* - NIST SHA256 test vectors
*/
#include <tinycrypt/sha256.h>
#include <tinycrypt/constants.h>
#include <zephyr/test_utils.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <zephyr/types.h>
#include <zephyr/ztest.h>
/*
* NIST SHA256 test vector 1.
*/
ZTEST(tinycrypt, test_sha256_1)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #1:\n");
const uint8_t expected[32] = {
0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41,
0x40, 0xde,
0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17,
0x7a, 0x9c,
0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
};
const char *m = "abc";
uint8_t digest[32];
struct tc_sha256_state_struct s;
(void)tc_sha256_init(&s);
tc_sha256_update(&s, (const uint8_t *)m, strlen(m));
(void)tc_sha256_final(digest, &s);
result = check_result(1, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #1 failed.");
}
/*
* NIST SHA256 test vector 2.
*/
ZTEST(tinycrypt, test_sha256_2)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #2:\n");
const uint8_t expected[32] = {
0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8, 0xe5, 0xc0,
0x26, 0x93,
0x0c, 0x3e, 0x60, 0x39, 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff,
0x21, 0x67,
0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1
};
const char *m =
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
uint8_t digest[32];
struct tc_sha256_state_struct s;
(void)tc_sha256_init(&s);
tc_sha256_update(&s, (const uint8_t *)m, strlen(m));
(void)tc_sha256_final(digest, &s);
result = check_result(2, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #2 failed.");
}
ZTEST(tinycrypt, test_sha256_3)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #3:\n");
const uint8_t expected[32] = {
0x68, 0x32, 0x57, 0x20, 0xaa, 0xbd, 0x7c, 0x82, 0xf3, 0x0f,
0x55, 0x4b,
0x31, 0x3d, 0x05, 0x70, 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4,
0xb5, 0xaa,
0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x2b
};
const uint8_t m[1] = { 0xbd };
uint8_t digest[32];
struct tc_sha256_state_struct s;
(void)tc_sha256_init(&s);
tc_sha256_update(&s, m, sizeof(m));
(void)tc_sha256_final(digest, &s);
result = check_result(3, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #3 failed.");
}
ZTEST(tinycrypt, test_sha256_4)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #4:\n");
const uint8_t expected[32] = {
0x7a, 0xbc, 0x22, 0xc0, 0xae, 0x5a, 0xf2, 0x6c, 0xe9, 0x3d,
0xbb, 0x94,
0x43, 0x3a, 0x0e, 0x0b, 0x2e, 0x11, 0x9d, 0x01, 0x4f, 0x8e,
0x7f, 0x65,
0xbd, 0x56, 0xc6, 0x1c, 0xcc, 0xcd, 0x95, 0x04
};
const uint8_t m[4] = { 0xc9, 0x8c, 0x8e, 0x55 };
uint8_t digest[32];
struct tc_sha256_state_struct s;
(void)tc_sha256_init(&s);
tc_sha256_update(&s, m, sizeof(m));
(void)tc_sha256_final(digest, &s);
result = check_result(4, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #4 failed.");
}
ZTEST(tinycrypt, test_sha256_5)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #5:\n");
const uint8_t expected[32] = {
0x02, 0x77, 0x94, 0x66, 0xcd, 0xec, 0x16, 0x38, 0x11, 0xd0,
0x78, 0x81,
0x5c, 0x63, 0x3f, 0x21, 0x90, 0x14, 0x13, 0x08, 0x14, 0x49,
0x00, 0x2f,
0x24, 0xaa, 0x3e, 0x80, 0xf0, 0xb8, 0x8e, 0xf7
};
uint8_t m[55];
uint8_t digest[32];
struct tc_sha256_state_struct s;
(void)memset(m, 0x00, sizeof(m));
(void)tc_sha256_init(&s);
tc_sha256_update(&s, m, sizeof(m));
(void)tc_sha256_final(digest, &s);
result = check_result(5, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #5 failed.");
}
ZTEST(tinycrypt, test_sha256_6)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #6:\n");
const uint8_t expected[32] = {
0xd4, 0x81, 0x7a, 0xa5, 0x49, 0x76, 0x28, 0xe7, 0xc7, 0x7e,
0x6b, 0x60,
0x61, 0x07, 0x04, 0x2b, 0xbb, 0xa3, 0x13, 0x08, 0x88, 0xc5,
0xf4, 0x7a,
0x37, 0x5e, 0x61, 0x79, 0xbe, 0x78, 0x9f, 0xbb
};
uint8_t m[56];
uint8_t digest[32];
struct tc_sha256_state_struct s;
(void)memset(m, 0x00, sizeof(m));
(void)tc_sha256_init(&s);
tc_sha256_update(&s, m, sizeof(m));
(void)tc_sha256_final(digest, &s);
result = check_result(6, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #6 failed.");
}
ZTEST(tinycrypt, test_sha256_7)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #7:\n");
const uint8_t expected[32] = {
0x65, 0xa1, 0x6c, 0xb7, 0x86, 0x13, 0x35, 0xd5, 0xac, 0xe3,
0xc6, 0x07,
0x18, 0xb5, 0x05, 0x2e, 0x44, 0x66, 0x07, 0x26, 0xda, 0x4c,
0xd1, 0x3b,
0xb7, 0x45, 0x38, 0x1b, 0x23, 0x5a, 0x17, 0x85
};
uint8_t m[57];
uint8_t digest[32];
struct tc_sha256_state_struct s;
(void)memset(m, 0x00, sizeof(m));
(void)tc_sha256_init(&s);
tc_sha256_update(&s, m, sizeof(m));
(void)tc_sha256_final(digest, &s);
result = check_result(7, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #7 failed.");
}
ZTEST(tinycrypt, test_sha256_8)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #8:\n");
const uint8_t expected[32] = {
0xf5, 0xa5, 0xfd, 0x42, 0xd1, 0x6a, 0x20, 0x30, 0x27, 0x98,
0xef, 0x6e,
0xd3, 0x09, 0x97, 0x9b, 0x43, 0x00, 0x3d, 0x23, 0x20, 0xd9,
0xf0, 0xe8,
0xea, 0x98, 0x31, 0xa9, 0x27, 0x59, 0xfb, 0x4b
};
uint8_t m[64];
uint8_t digest[32];
struct tc_sha256_state_struct s;
(void)memset(m, 0x00, sizeof(m));
(void)tc_sha256_init(&s);
tc_sha256_update(&s, m, sizeof(m));
(void)tc_sha256_final(digest, &s);
result = check_result(8, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #8 failed.");
}
ZTEST(tinycrypt, test_sha256_9)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #9:\n");
const uint8_t expected[32] = {
0x54, 0x1b, 0x3e, 0x9d, 0xaa, 0x09, 0xb2, 0x0b, 0xf8, 0x5f,
0xa2, 0x73,
0xe5, 0xcb, 0xd3, 0xe8, 0x01, 0x85, 0xaa, 0x4e, 0xc2, 0x98,
0xe7, 0x65,
0xdb, 0x87, 0x74, 0x2b, 0x70, 0x13, 0x8a, 0x53
};
uint8_t m[1000];
uint8_t digest[32];
struct tc_sha256_state_struct s;
(void)memset(m, 0x00, sizeof(m));
(void)tc_sha256_init(&s);
tc_sha256_update(&s, m, sizeof(m));
(void)tc_sha256_final(digest, &s);
result = check_result(9, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #9 failed.");
}
ZTEST(tinycrypt, test_sha256_10)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #10:\n");
const uint8_t expected[32] = {
0xc2, 0xe6, 0x86, 0x82, 0x34, 0x89, 0xce, 0xd2, 0x01, 0x7f,
0x60, 0x59,
0xb8, 0xb2, 0x39, 0x31, 0x8b, 0x63, 0x64, 0xf6, 0xdc, 0xd8,
0x35, 0xd0,
0xa5, 0x19, 0x10, 0x5a, 0x1e, 0xad, 0xd6, 0xe4
};
uint8_t m[1000];
uint8_t digest[32];
struct tc_sha256_state_struct s;
(void)memset(m, 0x41, sizeof(m));
(void)tc_sha256_init(&s);
tc_sha256_update(&s, m, sizeof(m));
(void)tc_sha256_final(digest, &s);
result = check_result(10, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #10 failed.");
}
ZTEST(tinycrypt, test_sha256_11)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #11:\n");
const uint8_t expected[32] = {
0xf4, 0xd6, 0x2d, 0xde, 0xc0, 0xf3, 0xdd, 0x90, 0xea, 0x13,
0x80, 0xfa,
0x16, 0xa5, 0xff, 0x8d, 0xc4, 0xc5, 0x4b, 0x21, 0x74, 0x06,
0x50, 0xf2,
0x4a, 0xfc, 0x41, 0x20, 0x90, 0x35, 0x52, 0xb0
};
uint8_t m[1005];
uint8_t digest[32];
struct tc_sha256_state_struct s;
(void)memset(m, 0x55, sizeof(m));
(void)tc_sha256_init(&s);
tc_sha256_update(&s, m, sizeof(m));
(void)tc_sha256_final(digest, &s);
result = check_result(11, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #11 failed.");
}
ZTEST(tinycrypt, test_sha256_12)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #12:\n");
const uint8_t expected[32] = {
0xd2, 0x97, 0x51, 0xf2, 0x64, 0x9b, 0x32, 0xff, 0x57, 0x2b,
0x5e, 0x0a,
0x9f, 0x54, 0x1e, 0xa6, 0x60, 0xa5, 0x0f, 0x94, 0xff, 0x0b,
0xee, 0xdf,
0xb0, 0xb6, 0x92, 0xb9, 0x24, 0xcc, 0x80, 0x25
};
uint8_t m[1000];
uint8_t digest[32];
struct tc_sha256_state_struct s;
uint32_t i;
(void)memset(m, 0x00, sizeof(m));
(void)tc_sha256_init(&s);
for (i = 0U; i < 1000; ++i) {
tc_sha256_update(&s, m, sizeof(m));
}
(void)tc_sha256_final(digest, &s);
result = check_result(12, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #12 failed.");
}
#if EXTREME_SLOW
ZTEST(tinycrypt, test_sha256_13)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #13:\n");
const uint8_t expected[32] = {
0x15, 0xa1, 0x86, 0x8c, 0x12, 0xcc, 0x53, 0x95, 0x1e, 0x18,
0x23, 0x44,
0x27, 0x74, 0x47, 0xcd, 0x09, 0x79, 0x53, 0x6b, 0xad, 0xcc,
0x51, 0x2a,
0xd2, 0x4c, 0x67, 0xe9, 0xb2, 0xd4, 0xf3, 0xdd
};
uint8_t m[32768];
uint8_t digest[32];
struct tc_sha256_state_struct s;
uint32_t i;
(void)memset(m, 0x5a, sizeof(m));
(void)tc_sha256_init(&s);
for (i = 0U; i < 16384; ++i) {
tc_sha256_update(&s, m, sizeof(m));
}
(void)tc_sha256_final(digest, &s);
result = check_result(13, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #13 failed.");
}
ZTEST(tinycrypt, test_sha256_14)
{
uint32_t result = TC_PASS;
TC_PRINT("SHA256 test #14:\n");
const uint8_t expected[32] = {
0x46, 0x1c, 0x19, 0xa9, 0x3b, 0xd4, 0x34, 0x4f, 0x92, 0x15,
0xf5, 0xec,
0x64, 0x35, 0x70, 0x90, 0x34, 0x2b, 0xc6, 0x6b, 0x15, 0xa1,
0x48, 0x31,
0x7d, 0x27, 0x6e, 0x31, 0xcb, 0xc2, 0x0b, 0x53
};
uint8_t m[32768];
uint8_t digest[32];
struct tc_sha256_state_struct s;
uint32_t i;
(void)memset(m, 0x00, sizeof(m));
(void)tc_sha256_init(&s);
for (i = 0U; i < 33280; ++i) {
tc_sha256_update(&s, m, sizeof(m));
}
(void)tc_sha256_final(digest, &s);
result = check_result(14, expected, sizeof(expected),
digest, sizeof(digest), 1);
/**TESTPOINT: Check result*/
zassert_false(result, "SHA256 test #14 failed.");
}
#endif
ZTEST(tinycrypt, test_sha256_13_and_14)
{
#if EXTREME_SLOW
result = test_sha256_13();
result = test_sha256_14();
#endif
}

210
tests/crypto/tinycrypt/src/test_ecc_utils.c
View File

@@ -1,210 +0,0 @@
/* test_ecc_utils.c - TinyCrypt common functions for ECC tests */
/* Copyright (c) 2014, Kenneth MacKay
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* * Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.*/
/*
* Copyright (C) 2017 by Intel Corporation, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* - Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* test_ecc_utils.c -- Implementation of some common functions for ECC tests.
*
*/
#include "test_ecc_utils.h"
#include <tinycrypt/constants.h>
#include <zephyr/sys/util.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdbool.h>
/*
* Convert hex string to zero-padded nanoECC scalar
*/
void string2scalar(unsigned int *scalar, unsigned int num_word32, char *str)
{
unsigned int num_bytes = num_word32 * 4U;
uint8_t tmp[num_bytes];
size_t hexlen = strlen(str);
int padding;
padding = num_bytes * 2U - strlen(str);
if (0 > padding) {
printf("Error: 2 * num_bytes(%d) < strlen(hex) (%zu)\n",
num_bytes * 2U, strlen(str));
k_panic();
}
(void)memset(tmp, 0, padding / 2);
if (hex2bin(str, hexlen, tmp + padding / 2, num_bytes) == 0) {
k_panic();
}
uECC_vli_bytesToNative(scalar, tmp, num_bytes);
}
void vli_print_bytes(uint8_t *vli, unsigned int size)
{
for (unsigned i = 0; i < size; ++i) {
printf("%02X ", (unsigned)vli[i]);
}
}
void print_ecc_scalar(const char *label, const unsigned int *p_vli,
unsigned int num_word32)
{
unsigned int i;
if (label) {
printf("%s = { ", label);
}
for (i = 0U; i < num_word32 - 1; ++i) {
printf("0x%08lX, ", (unsigned long)p_vli[i]);
}
printf("0x%08lX", (unsigned long)p_vli[i]);
if (label) {
printf(" };\n");
}
}
int check_ecc_result(const int num, const char *name,
const unsigned int *expected,
const unsigned int *computed,
const unsigned int num_word32, const bool verbose)
{
uint32_t num_bytes = num_word32 * 4U;
if (memcmp(computed, expected, num_bytes)) {
TC_PRINT("\n Vector #%02d check %s - FAILURE:\n\n", num, name);
print_ecc_scalar("Expected", expected, num_word32);
print_ecc_scalar("Computed", computed, num_word32);
TC_PRINT("\n");
return TC_FAIL;
}
if (verbose) {
TC_PRINT(" Vector #%02d check %s - success\n", num, name);
}
return TC_PASS;
}
int check_code(const int num, const int expected,
const int computed, const int verbose)
{
if (expected != computed) {
TC_ERROR("\n Vector #%02d check - FAILURE:\n", num);
TC_ERROR("\n Expected: %d, computed: %d\n\n", expected, computed);
return TC_FAIL;
}
if (verbose) {
TC_PRINT(" Vector #%02d check - success (%d=%d)\n", num,
expected, computed);
}
return TC_PASS;
}
/* Test ecc_make_keys, and also as keygen part of other tests */
int keygen_vectors(char **d_vec, char **qx_vec, char **qy_vec, int tests,
bool verbose)
{
unsigned int pub[2 * NUM_ECC_WORDS];
unsigned int d[NUM_ECC_WORDS];
unsigned int prv[NUM_ECC_WORDS];
unsigned int result = TC_PASS;
/* expected outputs (converted input vectors) */
unsigned int exp_pub[2 * NUM_ECC_WORDS];
unsigned int exp_prv[NUM_ECC_WORDS];
for (int i = 0; i < tests; i++) {
string2scalar(exp_prv, NUM_ECC_WORDS, d_vec[i]);
string2scalar(exp_pub, NUM_ECC_WORDS, qx_vec[i]);
string2scalar(exp_pub + NUM_ECC_WORDS, NUM_ECC_WORDS, qy_vec[i]);
/*
* Feed prvkey vector as padded random seed into ecc_make_key.
* Internal mod-reduction will be zero-op and generate correct prv/pub
*/
(void)memset(d, 0, sizeof(d));
string2scalar(d, NUM_ECC_WORDS, d_vec[i]);
uint8_t pub_bytes[2 * NUM_ECC_BYTES];
uint8_t prv_bytes[NUM_ECC_BYTES];
uECC_make_key_with_d(pub_bytes, prv_bytes, d, uECC_secp256r1());
uECC_vli_bytesToNative(prv, prv_bytes, NUM_ECC_BYTES);
uECC_vli_bytesToNative(pub, pub_bytes, NUM_ECC_BYTES);
uECC_vli_bytesToNative(pub + NUM_ECC_WORDS, pub_bytes + NUM_ECC_BYTES, NUM_ECC_BYTES);
/* validate correctness of vector conversion and make_key() */
result = check_ecc_result(i, "prv ", exp_prv, prv, NUM_ECC_WORDS, verbose);
if (result == TC_FAIL) {
return result;
}
result = check_ecc_result(i, "pub.x", exp_pub, pub, NUM_ECC_WORDS, verbose);
if (result == TC_FAIL) {
return result;
}
result = check_ecc_result(i, "pub.y", exp_pub + NUM_ECC_WORDS, pub + NUM_ECC_WORDS, NUM_ECC_WORDS, verbose);
if (result == TC_FAIL) {
return result;
}
}
return result;
}

91
tests/crypto/tinycrypt/src/test_ecc_utils.h
View File

@@ -1,91 +0,0 @@
/* test_ecc_utils.h - TinyCrypt interface to common functions for ECC tests */
/* Copyright (c) 2014, Kenneth MacKay
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* * Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.*/
/*
* Copyright (C) 2017 by Intel Corporation, All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* - Neither the name of Intel Corporation nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* test_ecc_utils.h -- Interface to common functions for ECC tests.
*/
#ifndef __TEST_ECC_UTILS_H__
#define __TEST_ECC_UTILS_H__
#define ENABLE_TESTS 1
#include <tinycrypt/ecc_dh.h>
#include <tinycrypt/ecc.h>
#include <zephyr/test_utils.h>
/*
* Convert hex string to zero-padded nanoECC scalar
*/
void string2scalar(unsigned int *scalar, unsigned int num_word32, char *str);
void print_ecc_scalar(const char *label, const unsigned int *p_vli,
unsigned int num_word32);
int check_ecc_result(const int num, const char *name,
const unsigned int *expected,
const unsigned int *computed,
const unsigned int num_word32, const bool verbose);
/* Test ecc_make_keys, and also as keygen part of other tests */
int keygen_vectors(char **d_vec, char **qx_vec, char **qy_vec, int tests, bool verbose);
void vli_print_bytes(uint8_t *vli, unsigned int size);
int check_code(const int num, const int expected,
const int computed, const int verbose);
#endif /* __TEST_ECC_UTILS_H__ */

15
tests/crypto/tinycrypt/testcase.yaml
View File

@@ -1,15 +0,0 @@
tests:
crypto.tinycrypt:
tags:
- tinycrypt
- crypto
- aes
- ccm
platform_exclude:
- qemu_arc/qemu_arc_em
- qemu_arc/qemu_arc_hs
- m2gl025_miv
timeout: 500
integration_platforms:
- native_sim
toolchain_exclude: xcc

8
tests/crypto/tinycrypt_hmac_prng/CMakeLists.txt
View File

@@ -1,8 +0,0 @@
# SPDX-License-Identifier: Apache-2.0
cmake_minimum_required(VERSION 3.20.0)
find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
project(tinycrypt_hmac_prng)
FILE(GLOB app_sources src/*.c)
target_sources(app PRIVATE ${app_sources})

46
tests/crypto/tinycrypt_hmac_prng/README.txt
View File

@@ -1,46 +0,0 @@
Title: test_hmac_prng
Description:
This test verifies that the TinyCrypt PRNG APIs operate as expected.
--------------------------------------------------------------------------------
Building and Running Project:
This project outputs to the console. It can be built and executed
on QEMU as follows:
make run
--------------------------------------------------------------------------------
Troubleshooting:
Problems caused by out-dated project information can be addressed by
issuing one of the following commands then rebuilding the project:
make clean # discard results of previous builds
# but keep existing configuration info
or
make pristine # discard results of previous builds
# and restore pre-defined configuration info
--------------------------------------------------------------------------------
Sample Output:
tc_start() - Performing HMAC-PRNG tests:
HMAC-PRNG test#1 (init, reseed, generate):
HMAC-PRNG test#1 (init):
===================================================================
PASS - main.
HMAC-PRNG test#1 (reseed):
===================================================================
PASS - main.
HMAC-PRNG test#1 (generate):
===================================================================
PASS - main.
All HMAC tests succeeded!
===================================================================
PASS - main.
===================================================================
PROJECT EXECUTION SUCCESSFUL

6
tests/crypto/tinycrypt_hmac_prng/prj.conf
View File

@@ -1,6 +0,0 @@
CONFIG_ZTEST_STACK_SIZE=40960
CONFIG_TINYCRYPT=y
CONFIG_TINYCRYPT_SHA256=y
CONFIG_TINYCRYPT_SHA256_HMAC=y
CONFIG_TINYCRYPT_SHA256_HMAC_PRNG=y
CONFIG_ZTEST=y

7916
tests/crypto/tinycrypt_hmac_prng/src/hmac_prng.c
View File

File diff suppressed because it is too large Load Diff

15
tests/crypto/tinycrypt_hmac_prng/testcase.yaml
View File

@@ -1,15 +0,0 @@
tests:
crypto.tinycrypt.hmac_prng:
tags:
- tinycrypt
- crypto
- sha256
- hmac
- prng
platform_exclude:
- mec15xxevb_assy6853
- mec1501modular_assy6885
- m2gl025_miv
integration_platforms:
- native_sim
toolchain_exclude: xcc

5
west.yml
View File

@@ -352,11 +352,6 @@ manifest:
path: modules/debug/segger
groups:
- debug
- name: tinycrypt
revision: 1012a3ebee18c15ede5efc8332ee2fc37817670f
path: modules/crypto/tinycrypt
groups:
- crypto
- name: trusted-firmware-a
revision: 713ffbf96c5bcbdeab757423f10f73eb304eff07
path: modules/tee/tf-a/trusted-firmware-a