1a8e1175bSopenharmony_ci/* BEGIN_HEADER */ 2a8e1175bSopenharmony_ci 3a8e1175bSopenharmony_ci/* Test random generation as a whole. */ 4a8e1175bSopenharmony_ci 5a8e1175bSopenharmony_ci#include "mbedtls/bignum.h" 6a8e1175bSopenharmony_ci#include "mbedtls/ctr_drbg.h" 7a8e1175bSopenharmony_ci#include "mbedtls/ecdsa.h" 8a8e1175bSopenharmony_ci#include "mbedtls/entropy.h" 9a8e1175bSopenharmony_ci#include "mbedtls/hmac_drbg.h" 10a8e1175bSopenharmony_ci#include "mbedtls/psa_util.h" 11a8e1175bSopenharmony_ci#include "psa/crypto.h" 12a8e1175bSopenharmony_ci 13a8e1175bSopenharmony_ci/* How many bytes to generate in each test case for repeated generation. 14a8e1175bSopenharmony_ci * This must be high enough that the probability of generating the same 15a8e1175bSopenharmony_ci * output twice is infinitesimal, but low enough that random generators 16a8e1175bSopenharmony_ci * are willing to deliver that much. */ 17a8e1175bSopenharmony_ci#define OUTPUT_SIZE 32 18a8e1175bSopenharmony_ci 19a8e1175bSopenharmony_ci/* END_HEADER */ 20a8e1175bSopenharmony_ci 21a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_CTR_DRBG_C */ 22a8e1175bSopenharmony_civoid random_twice_with_ctr_drbg() 23a8e1175bSopenharmony_ci{ 24a8e1175bSopenharmony_ci mbedtls_entropy_context entropy; 25a8e1175bSopenharmony_ci mbedtls_ctr_drbg_context drbg; 26a8e1175bSopenharmony_ci unsigned char output1[OUTPUT_SIZE]; 27a8e1175bSopenharmony_ci unsigned char output2[OUTPUT_SIZE]; 28a8e1175bSopenharmony_ci 29a8e1175bSopenharmony_ci#if defined(MBEDTLS_AES_C) 30a8e1175bSopenharmony_ci MD_PSA_INIT(); 31a8e1175bSopenharmony_ci#else 32a8e1175bSopenharmony_ci USE_PSA_INIT(); 33a8e1175bSopenharmony_ci#endif 34a8e1175bSopenharmony_ci 35a8e1175bSopenharmony_ci 36a8e1175bSopenharmony_ci /* First round */ 37a8e1175bSopenharmony_ci mbedtls_entropy_init(&entropy); 38a8e1175bSopenharmony_ci mbedtls_ctr_drbg_init(&drbg); 39a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg, 40a8e1175bSopenharmony_ci mbedtls_entropy_func, &entropy, 41a8e1175bSopenharmony_ci NULL, 0)); 42a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg, 43a8e1175bSopenharmony_ci output1, sizeof(output1))); 44a8e1175bSopenharmony_ci mbedtls_ctr_drbg_free(&drbg); 45a8e1175bSopenharmony_ci mbedtls_entropy_free(&entropy); 46a8e1175bSopenharmony_ci 47a8e1175bSopenharmony_ci /* Second round */ 48a8e1175bSopenharmony_ci mbedtls_entropy_init(&entropy); 49a8e1175bSopenharmony_ci mbedtls_ctr_drbg_init(&drbg); 50a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg, 51a8e1175bSopenharmony_ci mbedtls_entropy_func, &entropy, 52a8e1175bSopenharmony_ci NULL, 0)); 53a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg, 54a8e1175bSopenharmony_ci output2, sizeof(output2))); 55a8e1175bSopenharmony_ci mbedtls_ctr_drbg_free(&drbg); 56a8e1175bSopenharmony_ci mbedtls_entropy_free(&entropy); 57a8e1175bSopenharmony_ci 58a8e1175bSopenharmony_ci /* The two rounds must generate different random data. */ 59a8e1175bSopenharmony_ci TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); 60a8e1175bSopenharmony_ci 61a8e1175bSopenharmony_ciexit: 62a8e1175bSopenharmony_ci mbedtls_ctr_drbg_free(&drbg); 63a8e1175bSopenharmony_ci mbedtls_entropy_free(&entropy); 64a8e1175bSopenharmony_ci#if defined(MBEDTLS_AES_C) 65a8e1175bSopenharmony_ci MD_PSA_DONE(); 66a8e1175bSopenharmony_ci#else 67a8e1175bSopenharmony_ci USE_PSA_DONE(); 68a8e1175bSopenharmony_ci#endif 69a8e1175bSopenharmony_ci} 70a8e1175bSopenharmony_ci/* END_CASE */ 71a8e1175bSopenharmony_ci 72a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_HMAC_DRBG_C */ 73a8e1175bSopenharmony_civoid random_twice_with_hmac_drbg(int md_type) 74a8e1175bSopenharmony_ci{ 75a8e1175bSopenharmony_ci mbedtls_entropy_context entropy; 76a8e1175bSopenharmony_ci mbedtls_hmac_drbg_context drbg; 77a8e1175bSopenharmony_ci unsigned char output1[OUTPUT_SIZE]; 78a8e1175bSopenharmony_ci unsigned char output2[OUTPUT_SIZE]; 79a8e1175bSopenharmony_ci const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type); 80a8e1175bSopenharmony_ci 81a8e1175bSopenharmony_ci MD_PSA_INIT(); 82a8e1175bSopenharmony_ci 83a8e1175bSopenharmony_ci /* First round */ 84a8e1175bSopenharmony_ci mbedtls_entropy_init(&entropy); 85a8e1175bSopenharmony_ci mbedtls_hmac_drbg_init(&drbg); 86a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info, 87a8e1175bSopenharmony_ci mbedtls_entropy_func, &entropy, 88a8e1175bSopenharmony_ci NULL, 0)); 89a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg, 90a8e1175bSopenharmony_ci output1, sizeof(output1))); 91a8e1175bSopenharmony_ci mbedtls_hmac_drbg_free(&drbg); 92a8e1175bSopenharmony_ci mbedtls_entropy_free(&entropy); 93a8e1175bSopenharmony_ci 94a8e1175bSopenharmony_ci /* Second round */ 95a8e1175bSopenharmony_ci mbedtls_entropy_init(&entropy); 96a8e1175bSopenharmony_ci mbedtls_hmac_drbg_init(&drbg); 97a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info, 98a8e1175bSopenharmony_ci mbedtls_entropy_func, &entropy, 99a8e1175bSopenharmony_ci NULL, 0)); 100a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg, 101a8e1175bSopenharmony_ci output2, sizeof(output2))); 102a8e1175bSopenharmony_ci mbedtls_hmac_drbg_free(&drbg); 103a8e1175bSopenharmony_ci mbedtls_entropy_free(&entropy); 104a8e1175bSopenharmony_ci 105a8e1175bSopenharmony_ci /* The two rounds must generate different random data. */ 106a8e1175bSopenharmony_ci TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); 107a8e1175bSopenharmony_ci 108a8e1175bSopenharmony_ciexit: 109a8e1175bSopenharmony_ci mbedtls_hmac_drbg_free(&drbg); 110a8e1175bSopenharmony_ci mbedtls_entropy_free(&entropy); 111a8e1175bSopenharmony_ci MD_PSA_DONE(); 112a8e1175bSopenharmony_ci} 113a8e1175bSopenharmony_ci/* END_CASE */ 114a8e1175bSopenharmony_ci 115a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ 116a8e1175bSopenharmony_civoid random_twice_with_psa_from_classic() 117a8e1175bSopenharmony_ci{ 118a8e1175bSopenharmony_ci unsigned char output1[OUTPUT_SIZE]; 119a8e1175bSopenharmony_ci unsigned char output2[OUTPUT_SIZE]; 120a8e1175bSopenharmony_ci 121a8e1175bSopenharmony_ci /* First round */ 122a8e1175bSopenharmony_ci PSA_ASSERT(psa_crypto_init()); 123a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, 124a8e1175bSopenharmony_ci output1, sizeof(output1))); 125a8e1175bSopenharmony_ci PSA_DONE(); 126a8e1175bSopenharmony_ci 127a8e1175bSopenharmony_ci /* Second round */ 128a8e1175bSopenharmony_ci PSA_ASSERT(psa_crypto_init()); 129a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, 130a8e1175bSopenharmony_ci output2, sizeof(output2))); 131a8e1175bSopenharmony_ci PSA_DONE(); 132a8e1175bSopenharmony_ci 133a8e1175bSopenharmony_ci /* The two rounds must generate different random data. */ 134a8e1175bSopenharmony_ci TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); 135a8e1175bSopenharmony_ci 136a8e1175bSopenharmony_ciexit: 137a8e1175bSopenharmony_ci PSA_DONE(); 138a8e1175bSopenharmony_ci} 139a8e1175bSopenharmony_ci/* END_CASE */ 140a8e1175bSopenharmony_ci 141a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ 142a8e1175bSopenharmony_civoid random_twice_with_psa_from_psa() 143a8e1175bSopenharmony_ci{ 144a8e1175bSopenharmony_ci unsigned char output1[OUTPUT_SIZE]; 145a8e1175bSopenharmony_ci unsigned char output2[OUTPUT_SIZE]; 146a8e1175bSopenharmony_ci 147a8e1175bSopenharmony_ci /* First round */ 148a8e1175bSopenharmony_ci PSA_ASSERT(psa_crypto_init()); 149a8e1175bSopenharmony_ci PSA_ASSERT(psa_generate_random(output1, sizeof(output1))); 150a8e1175bSopenharmony_ci PSA_DONE(); 151a8e1175bSopenharmony_ci 152a8e1175bSopenharmony_ci /* Second round */ 153a8e1175bSopenharmony_ci PSA_ASSERT(psa_crypto_init()); 154a8e1175bSopenharmony_ci PSA_ASSERT(psa_generate_random(output2, sizeof(output2))); 155a8e1175bSopenharmony_ci PSA_DONE(); 156a8e1175bSopenharmony_ci 157a8e1175bSopenharmony_ci /* The two rounds must generate different random data. */ 158a8e1175bSopenharmony_ci TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); 159a8e1175bSopenharmony_ci 160a8e1175bSopenharmony_ciexit: 161a8e1175bSopenharmony_ci PSA_DONE(); 162a8e1175bSopenharmony_ci} 163a8e1175bSopenharmony_ci/* END_CASE */ 164a8e1175bSopenharmony_ci 165a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ 166a8e1175bSopenharmony_civoid mbedtls_psa_get_random_no_init() 167a8e1175bSopenharmony_ci{ 168a8e1175bSopenharmony_ci unsigned char output[1]; 169a8e1175bSopenharmony_ci 170a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, 171a8e1175bSopenharmony_ci output, sizeof(output)) != 0); 172a8e1175bSopenharmony_ci} 173a8e1175bSopenharmony_ci/* END_CASE */ 174a8e1175bSopenharmony_ci 175a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ 176a8e1175bSopenharmony_civoid mbedtls_psa_get_random_length(int n) 177a8e1175bSopenharmony_ci{ 178a8e1175bSopenharmony_ci unsigned char *output = NULL; 179a8e1175bSopenharmony_ci 180a8e1175bSopenharmony_ci PSA_ASSERT(psa_crypto_init()); 181a8e1175bSopenharmony_ci TEST_CALLOC(output, n); 182a8e1175bSopenharmony_ci 183a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, 184a8e1175bSopenharmony_ci output, n)); 185a8e1175bSopenharmony_ciexit: 186a8e1175bSopenharmony_ci mbedtls_free(output); 187a8e1175bSopenharmony_ci PSA_DONE(); 188a8e1175bSopenharmony_ci} 189a8e1175bSopenharmony_ci/* END_CASE */ 190a8e1175bSopenharmony_ci 191a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ECDSA_C */ 192a8e1175bSopenharmony_civoid mbedtls_psa_get_random_ecdsa_sign(int curve) 193a8e1175bSopenharmony_ci{ 194a8e1175bSopenharmony_ci mbedtls_ecp_group grp; 195a8e1175bSopenharmony_ci mbedtls_mpi d, r, s; 196a8e1175bSopenharmony_ci unsigned char buf[] = "This is not a hash."; 197a8e1175bSopenharmony_ci 198a8e1175bSopenharmony_ci mbedtls_ecp_group_init(&grp); 199a8e1175bSopenharmony_ci mbedtls_mpi_init(&d); 200a8e1175bSopenharmony_ci mbedtls_mpi_init(&r); 201a8e1175bSopenharmony_ci mbedtls_mpi_init(&s); 202a8e1175bSopenharmony_ci 203a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_mpi_lset(&d, 123456789)); 204a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_ecp_group_load(&grp, curve)); 205a8e1175bSopenharmony_ci PSA_ASSERT(psa_crypto_init()); 206a8e1175bSopenharmony_ci TEST_EQUAL(0, mbedtls_ecdsa_sign(&grp, &r, &s, &d, 207a8e1175bSopenharmony_ci buf, sizeof(buf), 208a8e1175bSopenharmony_ci mbedtls_psa_get_random, 209a8e1175bSopenharmony_ci MBEDTLS_PSA_RANDOM_STATE)); 210a8e1175bSopenharmony_ciexit: 211a8e1175bSopenharmony_ci mbedtls_mpi_free(&d); 212a8e1175bSopenharmony_ci mbedtls_mpi_free(&r); 213a8e1175bSopenharmony_ci mbedtls_mpi_free(&s); 214a8e1175bSopenharmony_ci mbedtls_ecp_group_free(&grp); 215a8e1175bSopenharmony_ci PSA_DONE(); 216a8e1175bSopenharmony_ci} 217a8e1175bSopenharmony_ci/* END_CASE */ 218