leo hendrickson
/
example-Ethernet-mbed-Cloud-connect
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Embed:
(wiki syntax)
Show/hide line numbers
pal_crypto_test.c
00001 // ---------------------------------------------------------------------------- 00002 // Copyright 2016-2019 ARM Ltd. 00003 // 00004 // SPDX-License-Identifier: Apache-2.0 00005 // 00006 // Licensed under the Apache License, Version 2.0 (the "License"); 00007 // you may not use this file except in compliance with the License. 00008 // You may obtain a copy of the License at 00009 // 00010 // http://www.apache.org/licenses/LICENSE-2.0 00011 // 00012 // Unless required by applicable law or agreed to in writing, software 00013 // distributed under the License is distributed on an "AS IS" BASIS, 00014 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00015 // See the License for the specific language governing permissions and 00016 // limitations under the License. 00017 // ---------------------------------------------------------------------------- 00018 00019 #include "pal.h" 00020 #include "pal_Crypto.h" 00021 #include "unity.h" 00022 #include "unity_fixture.h" 00023 #include "pal_crypto_test_data.h" 00024 #include "ssl.h" 00025 #if !PAL_USE_HW_TRNG 00026 #include "pal_plat_entropy.h" 00027 #endif 00028 #include <string.h> 00029 #include <time.h> 00030 00031 00032 TEST_GROUP(pal_crypto); 00033 00034 TEST_SETUP(pal_crypto) 00035 { 00036 pal_init(); 00037 palStatus_t status = PAL_SUCCESS; 00038 uint64_t currentTime = 1512572014; //GMT: Wed, 06 Dec 2017 14:53:33 GMT 00039 00040 #if !PAL_USE_HW_TRNG 00041 // If no hardware trng - entropy must be injected for random to work 00042 uint8_t entropy_buf[48] = { 0 }; 00043 status = pal_osEntropyInject(entropy_buf, sizeof(entropy_buf)); 00044 TEST_ASSERT(status == PAL_SUCCESS || status == PAL_ERR_ENTROPY_EXISTS); 00045 #endif 00046 00047 // Initialize the time module 00048 status = pal_initTime(); 00049 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, status); 00050 00051 status = pal_osSetTime(currentTime); 00052 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, status); 00053 } 00054 00055 TEST_TEAR_DOWN(pal_crypto) 00056 { 00057 pal_destroy(); 00058 } 00059 00060 /** 00061 * @brief Testing AES encryption and decryption of buffers in CTR mode. 00062 * 00063 * The test encrypts a buffer, compares it against a desired result and then decrypts it back and compares with the original buffer. 00064 * 00065 * Uses CtrVector. 00066 * 00067 * | # | Step | Expected | 00068 * |---|--------------------------------|-------------| 00069 * | 1 | Initialize an AES context. | PAL_SUCCESS | 00070 * | 2 | Set an AES 128bit key for encryption. | PAL_SUCCESS | 00071 * | 3 | Perform AES CTR encryption on an input vector and check that the result is as expected. | PAL_SUCCESS | 00072 * | 4 | Release AES context. | PAL_SUCCESS | 00073 * | 5 | Initialize an AES context. | PAL_SUCCESS | 00074 * | 6 | Set an AES 128bit key for encryption (used for decryption, see AES CTR docs) | PAL_SUCCESS | 00075 * | 7 | Perform AES CTR decryption on an input vector and check that the result is as expected. | PAL_SUCCESS | 00076 * | 8 | Release AES context. | PAL_SUCCESS | 00077 */ 00078 TEST(pal_crypto, AES_CTR) 00079 { 00080 palStatus_t result; 00081 palAesHandle_t ctx_enc = NULLPTR, ctx_dec = NULLPTR; 00082 unsigned char out[16] = {0}; 00083 unsigned char iv[16] = {0}; 00084 00085 memcpy(iv, CtrVector.nonce, sizeof(CtrVector.nonce)); 00086 00087 /*#1*/ 00088 result = pal_initAes(&ctx_enc); 00089 TEST_ASSERT_NOT_EQUAL(ctx_enc, NULLPTR); 00090 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00091 00092 /*#2*/ 00093 result = pal_setAesKey(ctx_enc, CtrVector.key, 128, PAL_KEY_TARGET_ENCRYPTION); 00094 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00095 00096 /*#3*/ 00097 result = pal_aesCTR(ctx_enc, CtrVector.input, out, sizeof(CtrVector.input), iv); 00098 TEST_ASSERT_EQUAL_MEMORY(CtrVector.output, out, sizeof(CtrVector.output)); 00099 00100 /*#4*/ 00101 result = pal_freeAes(&ctx_enc); 00102 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00103 00104 memcpy(iv, CtrVector.nonce, sizeof(CtrVector.nonce)); 00105 memset(out, 0, sizeof(out)); 00106 00107 /*#5*/ 00108 result = pal_initAes(&ctx_dec); 00109 TEST_ASSERT_NOT_EQUAL(ctx_dec, NULLPTR); 00110 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00111 00112 /*#6*/ 00113 result = pal_setAesKey(ctx_dec, CtrVector.key, 128, PAL_KEY_TARGET_ENCRYPTION); 00114 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00115 00116 /*#7*/ 00117 result = pal_aesCTR(ctx_dec, CtrVector.output, out, sizeof(CtrVector.output), iv); 00118 TEST_ASSERT_EQUAL_MEMORY(CtrVector.input, out, sizeof(CtrVector.output)); 00119 00120 /*#8*/ 00121 result = pal_freeAes(&ctx_dec); 00122 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00123 } 00124 00125 /** 00126 * @brief Testing AES encryption and decryption of buffers in CTR mode. 00127 * 00128 * The test encrypts a buffer, compares it against the desired result and then decrypts it back and compares with the original buffer. 00129 * 00130 * Uses CtrVector. 00131 * 00132 * | # | Step | Expected | 00133 * |---|--------------------------------|-------------| 00134 * | 1 | Initialize an AES context. | PAL_SUCCESS | 00135 * | 2 | Set an AES 128bit key for encryption. | PAL_SUCCESS | 00136 * | 3 | Perform AES CTR encryption on input vector and check the encryption output. | PAL_SUCCESS | 00137 * | 4 | Release AES context. | PAL_SUCCESS | 00138 * | 5 | Initialize an AES context. | PAL_SUCCESS | 00139 * | 6 | Set an AES 128bit key for encryption (used for decryption, see AES CTR docs). | PAL_SUCCESS | 00140 * | 7 | Perform AES CTR decryption on an input vector and check that the result is as expected.| PAL_SUCCESS | 00141 * | 8 | Release AES context. | PAL_SUCCESS | 00142 */ 00143 TEST(pal_crypto, AES_CTR_ZeroOffset) 00144 { 00145 palStatus_t result; 00146 palAesHandle_t ctx_enc = NULLPTR, ctx_dec = NULLPTR; 00147 unsigned char out[16] = {0}; 00148 unsigned char iv[16] = {0}; 00149 00150 memcpy(iv, CtrVector.nonce, sizeof(CtrVector.nonce)); 00151 00152 /*#1*/ 00153 result = pal_initAes(&ctx_enc); 00154 TEST_ASSERT_NOT_EQUAL(ctx_enc, NULLPTR); 00155 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00156 00157 /*#2*/ 00158 result = pal_setAesKey(ctx_enc, CtrVector.key, 128, PAL_KEY_TARGET_ENCRYPTION); 00159 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00160 00161 /*#3*/ 00162 result = pal_aesCTRWithZeroOffset(ctx_enc, CtrVector.input, out, sizeof(CtrVector.input), iv); 00163 TEST_ASSERT_EQUAL_MEMORY(CtrVector.output, out, sizeof(CtrVector.output)); 00164 00165 /*#4*/ 00166 result = pal_freeAes(&ctx_enc); 00167 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00168 00169 memcpy(iv, CtrVector.nonce, sizeof(CtrVector.nonce)); 00170 memset(out, 0, sizeof(out)); 00171 00172 /*#5*/ 00173 result = pal_initAes(&ctx_dec); 00174 TEST_ASSERT_NOT_EQUAL(ctx_dec, NULLPTR); 00175 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00176 00177 /*#6*/ 00178 result = pal_setAesKey(ctx_dec, CtrVector.key, 128, PAL_KEY_TARGET_ENCRYPTION); 00179 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00180 00181 /*#7*/ 00182 result = pal_aesCTRWithZeroOffset(ctx_dec, CtrVector.output, out, sizeof(CtrVector.output), iv); 00183 TEST_ASSERT_EQUAL_MEMORY(CtrVector.input, out, sizeof(CtrVector.output)); 00184 00185 /*#8*/ 00186 result = pal_freeAes(&ctx_dec); 00187 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00188 } 00189 00190 00191 /** 00192 * @brief Testing AES encryption and decryption of buffers in ECB mode. 00193 * 00194 * The test encrypts a buffer, compares it against the desired result and then decrypts it back and compares with the original buffer. 00195 * 00196 * Uses EcbVector. 00197 * 00198 * | # | Step | Expected | 00199 * |---|--------------------------------|-------------| 00200 * | 1 | Initialize an AES context. | PAL_SUCCESS | 00201 * | 2 | Set an AES 128bit key for encryption. | PAL_SUCCESS | 00202 * | 3 | Perform AES ECB encryption on input vector and check the encryption output. | PAL_SUCCESS | 00203 * | 4 | Release AES context. | PAL_SUCCESS | 00204 * | 5 | Initialize an AES context. | PAL_SUCCESS | 00205 * | 6 | Set an AES 128bit key for decryption. | PAL_SUCCESS | 00206 * | 7 | Perform AES ECB decryption on an input vector and check that the result is as expected.| PAL_SUCCESS | 00207 * | 8 | Release AES context. | PAL_SUCCESS | 00208 */ 00209 TEST(pal_crypto, AES_ECB) 00210 { 00211 palStatus_t result; 00212 palAesHandle_t ctx_enc = NULLPTR, ctx_dec = NULLPTR; 00213 unsigned char out[16] = {0}; 00214 unsigned char iv[16] = {0}; 00215 00216 memcpy(iv, EcbVector.nonce, sizeof(EcbVector.nonce)); 00217 00218 /*#1*/ 00219 result = pal_initAes(&ctx_enc); 00220 TEST_ASSERT_NOT_EQUAL(ctx_enc, NULLPTR); 00221 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00222 00223 /*#2*/ 00224 result = pal_setAesKey(ctx_enc, EcbVector.key, 128, PAL_KEY_TARGET_ENCRYPTION); 00225 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00226 00227 /*#3*/ 00228 result = pal_aesECB(ctx_enc, EcbVector.input, out, PAL_AES_ENCRYPT); 00229 TEST_ASSERT_EQUAL_MEMORY(EcbVector.output, out, sizeof(EcbVector.output)); 00230 00231 /*#4*/ 00232 result = pal_freeAes(&ctx_enc); 00233 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00234 00235 memcpy(iv, EcbVector.nonce, sizeof(EcbVector.nonce)); 00236 memset(out, 0, sizeof(out)); 00237 00238 /*#5*/ 00239 result = pal_initAes(&ctx_dec); 00240 TEST_ASSERT_NOT_EQUAL(ctx_dec, NULLPTR); 00241 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00242 00243 /*#6*/ 00244 result = pal_setAesKey(ctx_dec, EcbVector.key, 128, PAL_KEY_TARGET_DECRYPTION); 00245 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00246 00247 /*#7*/ 00248 result = pal_aesECB(ctx_dec, EcbVector.output, out, PAL_AES_DECRYPT); 00249 TEST_ASSERT_EQUAL_MEMORY(EcbVector.input, out, sizeof(EcbVector.output)); 00250 00251 /*#8*/ 00252 result = pal_freeAes(&ctx_dec); 00253 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00254 } 00255 00256 00257 /** 00258 * @brief Testing AES encryption and decryption of buffers in CCM mode. 00259 * 00260 * The test encrypts a buffer, compares it against the desired result and then decrypts it back and compares with the original buffer. 00261 * 00262 * Uses aesCcmVectors. 00263 * 00264 * For each vector: 00265 * | # | Step | Expected | 00266 * |---|--------------------------------|-------------| 00267 * | 1 | Initialize an AES CCM context. | PAL_SUCCESS | 00268 * | 2 | Set an AES 128bit key for this particular vector. | PAL_SUCCESS | 00269 * | 3 | Perform AES CCM encryption on input vector and check the encryption output. | PAL_SUCCESS | 00270 * | 4 | Perform AES CCM decryption on an input vector and check that the result is as expected.| PAL_SUCCESS | 00271 * | 5 | Release AES CCM context. | PAL_SUCCESS | 00272 */ 00273 TEST(pal_crypto, AES_CCM) 00274 { 00275 palStatus_t result; 00276 palCCMHandle_t ctx = NULLPTR; 00277 00278 unsigned char iv[16] = {0}; 00279 unsigned char encryptBuffer[32] = {0}; 00280 unsigned char decryptBuffer[32] = {0}; 00281 00282 00283 for (size_t i = 0; i < sizeof(aesCcmVectors) / sizeof(palAesCcmVector_t); ++i) 00284 { 00285 memset(encryptBuffer, 0, sizeof(encryptBuffer)); 00286 memset(decryptBuffer, 0, sizeof(decryptBuffer)); 00287 memset(iv, 0, sizeof(iv)); 00288 memcpy(iv, aesCcmVectors[i].iv, aesCcmVectors[i].ivLen); 00289 00290 /*#1*/ 00291 result = pal_CCMInit(&ctx); 00292 TEST_ASSERT_NOT_EQUAL(ctx, NULLPTR); 00293 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00294 00295 /*#2*/ 00296 result = pal_CCMSetKey(ctx, aesCcmVectors[i].key, 128, PAL_CIPHER_ID_AES); 00297 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00298 00299 /*#3*/ 00300 result = pal_CCMEncrypt(ctx, (unsigned char*)aesCcmVectors[i].in, aesCcmVectors[i].inLen, 00301 iv, aesCcmVectors[i].ivLen, (unsigned char*)aesCcmVectors[i].ad, aesCcmVectors[i].adLen, 00302 encryptBuffer, encryptBuffer + aesCcmVectors[i].inLen, aesCcmVectors[i].tagLen); 00303 00304 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00305 TEST_ASSERT_EQUAL_MEMORY(aesCcmVectors[i].out, encryptBuffer, aesCcmVectors[i].inLen + aesCcmVectors[i].tagLen); 00306 00307 /*#4*/ 00308 result = pal_CCMDecrypt(ctx, encryptBuffer, aesCcmVectors[i].inLen, 00309 iv, aesCcmVectors[i].ivLen, (unsigned char*)aesCcmVectors[i].ad, aesCcmVectors[i].adLen, 00310 encryptBuffer + aesCcmVectors[i].inLen, aesCcmVectors[i].tagLen, decryptBuffer); 00311 00312 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00313 TEST_ASSERT_EQUAL_MEMORY(aesCcmVectors[i].in, decryptBuffer, aesCcmVectors[i].inLen); 00314 00315 /*#5*/ 00316 result = pal_CCMFree(&ctx); 00317 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00318 } 00319 } 00320 00321 00322 /** 00323 * @brief Testing SHA256 hash algorithm. 00324 * 00325 * The test hashes a few buffers and compares them with a well known result using SHA256. 00326 * 00327 * Uses sha256Vectors. 00328 * 00329 * For each vector: 00330 * | # | Step | Expected | 00331 * |---|--------------------------------|-------------| 00332 * | 1 | Perform SHA256 hash on the input vector and check the resulting digest Small input Buffers. | PAL_SUCCESS | 00333 * | 2 | Perform SHA256 hash on the input vector and check the resulting digest BIG input buffer. | PAL_SUCCESS | 00334 */ 00335 TEST(pal_crypto, SHA256) 00336 { 00337 palStatus_t result; 00338 unsigned char output[32]; 00339 00340 for (size_t i = 0; i < sizeof(sha256Vectors) / sizeof(palSha256Vector_t); ++i) 00341 { 00342 memset(output, 0x0, sizeof(output)); 00343 /*#1*/ 00344 result = pal_sha256(sha256Vectors[i].input, sha256Vectors[i].inLenInBytes, output); 00345 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00346 00347 TEST_ASSERT_EQUAL_MEMORY(sha256Vectors[i].output, output, sizeof(sha256Vectors[i].output)); 00348 } 00349 00350 memset(output, 0x0, sizeof(output)); 00351 /*#2*/ 00352 result = pal_sha256(sha256Vectors_2nd.input, sha256Vectors_2nd.inLenInBytes, output); 00353 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00354 TEST_ASSERT_EQUAL_MEMORY(sha256Vectors_2nd.output, output, sizeof(sha256Vectors_2nd.output)); 00355 00356 } 00357 00358 00359 /** 00360 * @brief Testing message digest using SHA256 hash algorithm. 00361 * 00362 * The test calculates a message digest of the buffers and compares them against the expected results. 00363 * 00364 * Uses sha256Vectors. 00365 * 00366 * For each vector: 00367 * | # | Step | Expected | 00368 * |---|--------------------------------|-------------| 00369 * | 1 | Initialize a message digest context. | PAL_SUCCESS | 00370 * | 2 | Perform `pal_mdUpdate` on vector input data and check the status. | PAL_SUCCESS | 00371 * | 3 | Get the output size using `pal_mdGetOutputSize` and check the result. | PAL_SUCCESS | 00372 * | 4 | Get the digest result using `pal_mdFinal` and check its value. | PAL_SUCCESS | 00373 * | 5 | Release message digest context. | PAL_SUCCESS | 00374 * | 6 | Initialize a message digest context. with Big input buffer | PAL_SUCCESS | 00375 * | 7 | Perform `pal_mdUpdate` on vector input data and check the status. with Big input buffer | PAL_SUCCESS | 00376 * | 8 | Get the output size using `pal_mdGetOutputSize` and check the result. with Big input buffer| PAL_SUCCESS | 00377 * | 9 | Get the digest result using `pal_mdFinal` and check its value. with Big input buffer | PAL_SUCCESS | 00378 * | 10 | Release message digest context. with Big input buffer | PAL_SUCCESS | 00379 */ 00380 TEST(pal_crypto, md) 00381 { 00382 palStatus_t result; 00383 palMDHandle_t handle = NULLPTR; 00384 size_t bufferSize = 0; 00385 uint8_t output[32] = {0}; 00386 00387 for (size_t i = 0; i < sizeof(sha256Vectors) / sizeof(palSha256Vector_t); ++i) 00388 { 00389 memset(output, 0x0, sizeof(output)); 00390 /*#1*/ 00391 result = pal_mdInit(&handle, PAL_SHA256); 00392 TEST_ASSERT_NOT_EQUAL(handle, NULLPTR); 00393 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00394 00395 /*#2*/ 00396 result = pal_mdUpdate(handle, sha256Vectors[i].input, sha256Vectors[i].inLenInBytes); 00397 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00398 00399 /*#3*/ 00400 result = pal_mdGetOutputSize(handle, &bufferSize); 00401 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00402 TEST_ASSERT_EQUAL_HEX(sha256Vectors[i].outLenInBytes, bufferSize); 00403 00404 /*#4*/ 00405 result = pal_mdFinal(handle, output); 00406 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00407 TEST_ASSERT_EQUAL_MEMORY(sha256Vectors[i].output, output, sizeof(sha256Vectors[i].output)); 00408 00409 /*#5*/ 00410 result = pal_mdFree(&handle); 00411 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00412 } 00413 00414 memset(output, 0x0, sizeof(output)); 00415 /*#6*/ 00416 result = pal_mdInit(&handle, PAL_SHA256); 00417 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00418 00419 /*#7*/ 00420 result = pal_mdUpdate(handle, sha256Vectors_2nd.input, sha256Vectors_2nd.inLenInBytes); 00421 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00422 00423 /*#8*/ 00424 result = pal_mdGetOutputSize(handle, &bufferSize); 00425 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00426 TEST_ASSERT_EQUAL_HEX(sha256Vectors_2nd.outLenInBytes, bufferSize); 00427 00428 /*#9*/ 00429 result = pal_mdFinal(handle, output); 00430 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00431 TEST_ASSERT_EQUAL_MEMORY(sha256Vectors_2nd.output, output, sizeof(sha256Vectors_2nd.output)); 00432 00433 /*#10*/ 00434 result = pal_mdFree(&handle); 00435 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00436 } 00437 00438 00439 /** 00440 * @brief Testing random number generation using deterministic random bit generators. 00441 * 00442 * The test generates a 128 bit number for 100 times and checks that there are no similar keys. 00443 * 00444 * Uses `ctr_drbg_buf` and `ctr_drbg_nonce_pers`. 00445 * 00446 * | # | Step | Expected | 00447 * |---|--------------------------------|-------------| 00448 * | 1 | Initialize a CTR DRBG context. | PAL_SUCCESS | 00449 * | 2 | Generate 100 128bit random values using `pal_CtrDRBGGenerate`. | PAL_SUCCESS | 00450 * | 3 | Release message CTR DRBG context. | PAL_SUCCESS | 00451 * | 4 | Check that all generated numbers are different. | PAL_SUCCESS | 00452 */ 00453 TEST(pal_crypto, CTR_DRBG) 00454 { 00455 palStatus_t result; 00456 palCtrDrbgCtxHandle_t ctx = NULLPTR; 00457 00458 memset(ctr_drbg_buf, 0x0, sizeof(ctr_drbg_buf)); 00459 00460 /*#1*/ 00461 result = pal_CtrDRBGInit(&ctx,ctr_drbg_nonce_pers, sizeof(ctr_drbg_nonce_pers)); 00462 TEST_ASSERT_NOT_EQUAL(ctx, NULLPTR); 00463 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00464 00465 /*#2*/ 00466 for (int i = 0; i < 100; ++i) { 00467 result = pal_CtrDRBGGenerate(ctx, ctr_drbg_buf[i], sizeof(ctr_drbg_buf[i])); 00468 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00469 } 00470 00471 /*#3*/ 00472 result = pal_CtrDRBGFree(&ctx); 00473 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00474 00475 /*#4*/ 00476 for (int i = 0; i < 99; ++i) { 00477 for (int j = i + 1; j < 100; ++j) { 00478 TEST_ASSERT_NOT_EQUAL(0, memcmp(ctr_drbg_buf[i], ctr_drbg_buf[j], sizeof(ctr_drbg_buf[i]))); 00479 } 00480 } 00481 } 00482 00483 00484 /** 00485 * @brief Testing CMAC operation on a buffer with one operation. 00486 * 00487 * The test signs a buffer using CMAC and compares with the expected result buffer. 00488 * 00489 * Uses cmacSingleUseVector. 00490 * 00491 * For each vector: 00492 * | # | Step | Expected | 00493 * |---|--------------------------------|-------------| 00494 * | 1 | Perform CMAC using `pal_cipherCMAC` and check the result. | PAL_SUCCESS | 00495 * | 2 | Check the CMAC output against the test vector. | PAL_SUCCESS | 00496 */ 00497 TEST(pal_crypto, CMAC_one_shot) 00498 { 00499 palStatus_t result; 00500 unsigned char output[16] = {0}; 00501 00502 for (size_t i = 0; i < sizeof(cmacSingleUseVector) / sizeof(palAesCMACVector_t); ++i){ 00503 memset(output, 0x0, sizeof(output)); 00504 /*#1*/ 00505 result = pal_cipherCMAC(cmacSingleUseVector[i].key, 128, cmacSingleUseVector[i].in, cmacSingleUseVector[i].inLen, output); 00506 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00507 /*#2*/ 00508 TEST_ASSERT_EQUAL_MEMORY(cmacSingleUseVector[i].out, output, sizeof(cmacSingleUseVector[i].out)); 00509 } 00510 } 00511 00512 /** 00513 * @brief Testing CMAC operation on a buffer with multiple operations and blocks. 00514 * 00515 * The test signs a buffer using CMAC multiple times and compares with the expected result buffer. 00516 * 00517 * Uses cmacIterativeUseVector. 00518 * 00519 * For each vector: 00520 * | # | Step | Expected | 00521 * |---|--------------------------------|-------------| 00522 * | 1 | Initialize CMAC context using `pal_CMACStart`. | PAL_SUCCESS | 00523 * | 2 | Add a block of data from test vector for CMAC processing using `pal_CMACFinish`. | PAL_SUCCESS | 00524 * | 3 | Add a block of data from test vector for CMAC processing using `pal_CMACFinish`. | PAL_SUCCESS | 00525 * | 4 | Add a block of data from test vector for CMAC processing using `pal_CMACFinish`. | PAL_SUCCESS | 00526 * | 5 | Add a block of data from test vector for CMAC processing using `pal_CMACFinish`. | PAL_SUCCESS | 00527 * | 6 | Get CMAC output using `pal_CMACFinish` and check the result. | PAL_SUCCESS | 00528 */ 00529 TEST(pal_crypto, CMAC_Iterative) 00530 { 00531 palStatus_t result; 00532 palCMACHandle_t ctx = NULLPTR; 00533 unsigned char output[64] = {0}; 00534 size_t resultLen = 0; 00535 00536 for (size_t i = 0; i < sizeof(cmacIterativeUseVector) / sizeof(palCMACMultipleBlockVector_t); ++i) 00537 { 00538 memset(output, 0x0, sizeof(output)); 00539 /*#1*/ 00540 result = pal_CMACStart(&ctx,cmacIterativeUseVector[i].key_string, cmacIterativeUseVector[i].keybits, cmacIterativeUseVector[i].cipher_type); 00541 TEST_ASSERT_NOT_EQUAL(ctx, NULLPTR); 00542 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00543 /*#2*/ 00544 if (cmacIterativeUseVector[i].block1_len >= 0) { 00545 result = pal_CMACUpdate(ctx, cmacIterativeUseVector[i].block1_string, cmacIterativeUseVector[i].block1_len); 00546 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00547 } 00548 /*#3*/ 00549 if (cmacIterativeUseVector[i].block2_len >= 0) { 00550 result = pal_CMACUpdate(ctx, cmacIterativeUseVector[i].block2_string, cmacIterativeUseVector[i].block2_len); 00551 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00552 } 00553 /*#4*/ 00554 if (cmacIterativeUseVector[i].block3_len >= 0) { 00555 result = pal_CMACUpdate(ctx, cmacIterativeUseVector[i].block3_string, cmacIterativeUseVector[i].block3_len); 00556 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00557 } 00558 /*#5*/ 00559 if (cmacIterativeUseVector[i].block4_len >= 0) { 00560 result = pal_CMACUpdate(ctx, cmacIterativeUseVector[i].block4_string, cmacIterativeUseVector[i].block4_len); 00561 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00562 } 00563 /*#6*/ 00564 result = pal_CMACFinish(&ctx, output, &resultLen); 00565 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00566 TEST_ASSERT_EQUAL_HEX(cmacIterativeUseVector[i].block_size, resultLen); 00567 TEST_ASSERT_EQUAL_MEMORY(cmacIterativeUseVector[i].expected_result_string, output, cmacIterativeUseVector[i].block_size); 00568 } // for ends 00569 } 00570 00571 /** 00572 * @brief Testing HMAC operation on a buffer with one operation. 00573 * 00574 * The test signs a buffer using HMAC and compares with the expected result buffer. 00575 * 00576 * Uses mdHMACVector. 00577 * 00578 * For each vector: 00579 * | # | Step | Expected | 00580 * |---|--------------------------------|-------------| 00581 * | 1 | Perform one shot SHA256 HMAC on input vector using `pal_mdHmacSha256` and check the result. | PAL_SUCCESS | 00582 */ 00583 TEST(pal_crypto, HMAC_SHA256_one_shot) 00584 { 00585 palStatus_t result; 00586 unsigned char output[32] = {0}; 00587 00588 for (size_t i = 0; i < sizeof(mdHMACVector) / sizeof(palMdHMACTestVector_t); ++i){ 00589 memset(output, 0x0, sizeof(output)); 00590 /*#1*/ 00591 result = pal_mdHmacSha256(mdHMACVector[i].key, mdHMACVector[i].keyLen, mdHMACVector[i].input, mdHMACVector[i].inputLen, output, NULL); 00592 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00593 TEST_ASSERT_EQUAL_MEMORY(mdHMACVector[i].output, output, mdHMACVector[i].outputLen); 00594 } 00595 } 00596 00597 /** 00598 * @brief Searching for ASN1 patterns in a DER certificate. 00599 * 00600 * The test extracts ASN1 tags from an existing DER format certificate and validates their types. 00601 * 00602 * Uses ASN1TestVector for coordinates and `asn1_data` as the dummy certificate buffer. 00603 * 00604 * For each vector: 00605 * | # | Step | Expected | 00606 * |---|--------------------------------|-------------| 00607 * | 1 | Get data for an ASN tag using `pal_ASN1GetTag`. | PAL_SUCCESS | 00608 * | 2 | Check if the result is success and the size tag size is correct. | PAL_SUCCESS | 00609 */ 00610 TEST(pal_crypto, ASN1) 00611 { 00612 palStatus_t result; 00613 size_t s = 0; 00614 unsigned char* start = NULL; 00615 const unsigned char* end = NULL; 00616 00617 for (size_t i = 0; i < sizeof(ASN1TestVector) / sizeof(palASN1TestVector_t); ++i) { 00618 start = (unsigned char*)(asn1_data + ASN1TestVector[i].start); 00619 end = asn1_data + ASN1TestVector[i].end; 00620 /*#1*/ 00621 result = pal_ASN1GetTag(&start, end, &s, ASN1TestVector[i].type); 00622 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00623 /*#2*/ 00624 TEST_ASSERT_EQUAL(ASN1TestVector[i].dataLen, s); 00625 } 00626 } 00627 00628 /** 00629 * @brief Test the parsing of a dummy X509 certificate. 00630 * 00631 * uses x509_cert 00632 * 00633 * | # | Step | Expected | 00634 * |---|--------------------------------|-------------| 00635 * | 1 | Initialize the X509 ceritifcate context using `pal_x509Initiate`. | PAL_SUCCESS | 00636 * | 2 | Parse a valid x509 certificate using `pal_x509CertParse`. | PAL_SUCCESS | 00637 * | 3 | Parse an invalid x509 certificate using `pal_x509CertParse`. | PAL_ERR_CERT_PARSING_FAILED | 00638 * | 4 | Parse an invalid x509 certificate using `pal_x509CertParse`. | PAL_ERR_INVALID_MD_TYPE | 00639 * | 5 | Parse an invalid x509 certificate using `pal_x509CertParse`. | PAL_ERR_NOT_SUPPORTED_CURVE | 00640 * | 6 | Release x509 certificate context. | PAL_SUCCESS | 00641 */ 00642 TEST(pal_crypto, X509_Parse) 00643 { 00644 #if (PAL_ENABLE_X509 == 1) 00645 palStatus_t result; 00646 palX509Handle_t ctx = NULLPTR; 00647 /*#1*/ 00648 result = pal_x509Initiate(&ctx); 00649 TEST_ASSERT_NOT_EQUAL(ctx, NULLPTR); 00650 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00651 /*#2*/ 00652 result = pal_x509CertParse(ctx, x509_TI, sizeof(x509_TI)); 00653 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00654 /*#3*/ 00655 result = pal_x509CertParse(ctx, x509_TI_PEM, sizeof(x509_TI_PEM)); 00656 TEST_ASSERT_EQUAL_HEX(PAL_ERR_CERT_PARSING_FAILED, result); 00657 /*#4*/ 00658 result = pal_x509CertParse(ctx, (unsigned char*)testdata_x509_Sha512, sizeof(testdata_x509_Sha512)); 00659 // If SHA512 is supported by the application/platform, we don't want tests (#4 and #5) to fail because of that. 00660 // Perhaps the test material should be changed to use less recent/used algorithm to get the PAL_ERR_INVALID_MD_TYPE 00661 // path executed. 00662 #if defined (MBEDTLS_SHA512_C) 00663 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00664 #else 00665 TEST_ASSERT_EQUAL_HEX(PAL_ERR_INVALID_MD_TYPE, result); 00666 #endif 00667 /*#5*/ 00668 result = pal_x509CertParse(ctx, (unsigned char*)testdata_x509_Curve512r1, sizeof(testdata_x509_Curve512r1)); 00669 #if defined (MBEDTLS_SHA512_C) 00670 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00671 #else 00672 TEST_ASSERT_EQUAL_HEX(PAL_ERR_NOT_SUPPORTED_CURVE, result); 00673 #endif 00674 /*#6*/ 00675 result = pal_x509Free(&ctx); 00676 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00677 #else 00678 TEST_IGNORE_MESSAGE("Ignored, PAL_ENABLE_X509 not set"); 00679 #endif 00680 } 00681 00682 /** 00683 * @brief Test the reading of specific attributes in an X509 certificate. 00684 * 00685 * The test parses a X509 certificate and extracts specific attributes and compare them against the expected result. 00686 * 00687 * Uses `x509_cert` and `cert_not_self_signed`. 00688 * 00689 * | # | Step | Expected | 00690 * |---|--------------------------------|-------------| 00691 * | 1 | Initialize the X509 ceritifcate context using `pal_x509Initiate`. | PAL_SUCCESS | 00692 * | 2 | Parse a valid x509 certificate using `pal_x509CertParse`. | PAL_SUCCESS | 00693 * | 3 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00694 * | 4 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00695 * | 5 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00696 * | 6 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00697 * | 7 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00698 * | 8 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00699 * | 9 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00700 * | 10 | Release x509 certificate context using `pal_x509Free`. | PAL_SUCCESS | 00701 * | 11 | Initialize X509 ceritifcate context using `pal_x509Initiate`. | PAL_SUCCESS | 00702 * | 12 | Parse a valid x509 certificate using `pal_x509CertParse`. | PAL_SUCCESS | 00703 * | 13 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00704 * | 14 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00705 * | 15 | Get the certificate attribute value using `pal_x509CertGetAttribute `and check it. | PAL_SUCCESS | 00706 * | 16 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00707 * | 17 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00708 * | 18 | Get the certificate attribute value with a too small buffer. | PAL_ERR_BUFFER_TOO_SMALL | 00709 * | 19 | Get the certificate attribute value using `pal_x509CertGetAttribute` and check it. | PAL_SUCCESS | 00710 * | 20 | Release x509 certificate context using `pal_x509Free`. | PAL_SUCCESS | 00711 */ 00712 TEST(pal_crypto, X509_ReadAttributes) 00713 { 00714 00715 #if (PAL_ENABLE_X509 == 1) 00716 palStatus_t result; 00717 palX509Handle_t ctx = NULLPTR; 00718 char buffer1[512] = {0}; 00719 char validationBuf[12] = {0}; 00720 uint8_t certID1[PAL_CERT_ID_SIZE] = {0}; 00721 uint8_t certID2[PAL_CERT_ID_SIZE] = {0}; 00722 time_t validFrom = 0; 00723 time_t validTo = 0; 00724 time_t tmpTime; 00725 size_t actualOutLen = 0; 00726 00727 /*#1*/ 00728 result = pal_x509Initiate(&ctx); 00729 TEST_ASSERT_NOT_EQUAL(ctx, NULLPTR); 00730 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00731 /*#2*/ 00732 result = pal_x509CertParse(ctx, x509_TI, sizeof(x509_TI)); 00733 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00734 /*#3*/ 00735 result = pal_x509CertGetAttribute(ctx, PAL_X509_ISSUER_ATTR, buffer1, sizeof(buffer1), &actualOutLen); 00736 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00737 memset(buffer1, 0, sizeof(buffer1)); 00738 /*#4*/ 00739 result = pal_x509CertGetAttribute(ctx, PAL_X509_SUBJECT_ATTR, buffer1, sizeof(buffer1), &actualOutLen); 00740 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00741 memset(buffer1, 0, sizeof(buffer1)); 00742 /*#5*/ 00743 result = pal_x509CertGetAttribute(ctx, PAL_X509_VALID_FROM, validationBuf, sizeof(validationBuf), &actualOutLen); 00744 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00745 memcpy(&tmpTime, validationBuf, sizeof(tmpTime)); 00746 memset(validationBuf, 0, sizeof(validationBuf)); 00747 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00748 /*#6*/ 00749 result = pal_x509CertGetAttribute(ctx, PAL_X509_CN_ATTR, buffer1, sizeof(buffer1), &actualOutLen); 00750 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00751 TEST_ASSERT_EQUAL_STRING("IOT_PAL", buffer1); 00752 memset(buffer1, 0, sizeof(buffer1)); 00753 /*#7*/ 00754 result = pal_x509CertGetAttribute(ctx, PAL_X509_L_ATTR, buffer1, sizeof(buffer1), &actualOutLen); 00755 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00756 memset(buffer1, 0, sizeof(buffer1)); 00757 /*#8*/ 00758 result = pal_x509CertGetAttribute(ctx, PAL_X509_OU_ATTR, buffer1, sizeof(buffer1), &actualOutLen); 00759 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00760 TEST_ASSERT_EQUAL_STRING("IOTBU", buffer1); 00761 memset(buffer1, 0, sizeof(buffer1)); 00762 /*#9*/ 00763 result = pal_x509CertGetAttribute(ctx, PAL_X509_CERT_ID_ATTR, certID1, sizeof(certID1), &actualOutLen); 00764 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00765 result = pal_x509CertGetAttribute(ctx, PAL_X509_CERT_ID_ATTR, certID2, sizeof(certID2), &actualOutLen); 00766 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00767 TEST_ASSERT_EQUAL_MEMORY(certID1, certID2, sizeof(certID1)); 00768 memset(certID1, 0, sizeof(certID1)); 00769 memset(certID2, 0, sizeof(certID2)); 00770 /*#10*/ 00771 result = pal_x509Free(&ctx); 00772 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00773 00774 /*#11*/ 00775 result = pal_x509Initiate(&ctx); 00776 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00777 /*#12*/ 00778 result = pal_x509CertParse(ctx, cert_not_self_signed, sizeof(cert_not_self_signed)); 00779 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00780 /*#13*/ 00781 result = pal_x509CertGetAttribute(ctx, PAL_X509_ISSUER_ATTR, buffer1, sizeof(buffer1), &actualOutLen); 00782 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00783 memset(buffer1, 0, sizeof(buffer1)); 00784 /*#14*/ 00785 result = pal_x509CertGetAttribute(ctx, PAL_X509_SUBJECT_ATTR, buffer1, sizeof(buffer1), &actualOutLen); 00786 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00787 memset(buffer1, 0, sizeof(buffer1)); 00788 /*#15*/ 00789 result = pal_x509CertGetAttribute(ctx, PAL_X509_CN_ATTR, buffer1, sizeof(buffer1), &actualOutLen); 00790 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00791 TEST_ASSERT_EQUAL_STRING("IOT_TEST", buffer1); 00792 memset(buffer1, 0, sizeof(buffer1)); 00793 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00794 /*#16*/ 00795 result = pal_x509CertGetAttribute(ctx, PAL_X509_VALID_FROM, validationBuf, sizeof(validationBuf), &actualOutLen); 00796 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00797 memcpy(&validFrom, validationBuf, sizeof(tmpTime)); 00798 memset(validationBuf, 0, sizeof(validationBuf)); 00799 /*#17*/ 00800 result = pal_x509CertGetAttribute(ctx, PAL_X509_VALID_TO, validationBuf, sizeof(validationBuf), &actualOutLen); 00801 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00802 memcpy(&validTo, validationBuf, sizeof(tmpTime)); 00803 memset(validationBuf, 0, sizeof(validationBuf)); 00804 00805 //Check exact time period 00806 TEST_ASSERT_EQUAL_HEX(0x05a39a7f, validTo - validFrom); 00807 /*#18*/ 00808 //! sending small buffer size to check error value scenario 00809 result = pal_x509CertGetAttribute(ctx, PAL_X509_VALID_TO, validationBuf, 1, &actualOutLen); 00810 TEST_ASSERT_EQUAL_HEX(PAL_ERR_BUFFER_TOO_SMALL , result); 00811 TEST_ASSERT_EQUAL(sizeof(uint64_t), actualOutLen); 00812 /*#19*/ 00813 result = pal_x509CertGetAttribute(ctx, PAL_X509_CERT_ID_ATTR, certID1, sizeof(certID1), &actualOutLen); 00814 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00815 result = pal_x509CertGetAttribute(ctx, PAL_X509_CERT_ID_ATTR, certID2, sizeof(certID2), &actualOutLen); 00816 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00817 TEST_ASSERT_EQUAL_MEMORY(certID1, certID2, sizeof(certID1)); 00818 memset(certID1, 0, sizeof(certID1)); 00819 memset(certID2, 0, sizeof(certID2)); 00820 00821 /*#20*/ 00822 result = pal_x509Free(&ctx); 00823 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00824 #else 00825 TEST_IGNORE_MESSAGE("Ignored, PAL_ENABLE_X509 not set"); 00826 #endif 00827 } 00828 00829 /** 00830 * @brief Test the validity of a X509 certificate. 00831 * 00832 * Reads a X509 certificate, specific attributes such as `PAL_X509_VALID_FROM` and `PAL_X509_VALID_TO` 00833 * and validates with `pal_x509CertVerify`. 00834 * 00835 * Uses `x509_verify_data`. 00836 * 00837 For each test vector: 00838 * | # | Step | Expected | 00839 * |---|--------------------------------|-------------| 00840 * | 1 | If the CA cert is part of vector, initialize X509 certificate context using `pal_x509Initiate`. | PAL_SUCCESS | 00841 * | 2 | If the CA cert is part of vector, parse a valid x509 certificate using `pal_x509CertParse`. | PAL_SUCCESS | 00842 * | 3 | Initialize X509 certificate context using `pal_x509Initiate`. | PAL_SUCCESS | 00843 * | 4 | Parse a valid x509 certificate using `pal_x509CertParse`. | PAL_SUCCESS | 00844 * | 5 | Verify the certificate using `pal_x509CertVerify`. | PAL_SUCCESS | 00845 * | 6 | Release X509 certificate context. | PAL_SUCCESS | 00846 * | 7 | If the CA cert is part of vector, release X509 certificate context. | PAL_SUCCESS | 00847 */ 00848 TEST(pal_crypto, X509_Verify) 00849 { 00850 #if (PAL_ENABLE_X509 == 1) 00851 palStatus_t result = PAL_SUCCESS; 00852 palX509Handle_t cert = NULLPTR; 00853 palX509Handle_t caCert = NULLPTR; 00854 int32_t verifyResult = 0; 00855 00856 for (size_t i = 0; i < sizeof(x509_verify_data) / sizeof(palX509VertifyTestVector_t); ++i) 00857 { 00858 if (x509_verify_data[i].ca != NULL) 00859 { 00860 /*#1*/ 00861 result = pal_x509Initiate(&caCert); 00862 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00863 TEST_ASSERT_NOT_EQUAL(caCert, NULLPTR); 00864 /*#2*/ 00865 result = pal_x509CertParse(caCert, x509_verify_data[i].ca, x509_verify_data[i].ca_size); 00866 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00867 } 00868 00869 /*#3*/ 00870 result = pal_x509Initiate(&cert); 00871 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00872 /*#4*/ 00873 result = pal_x509CertParse(cert, x509_verify_data[i].crt, x509_verify_data[i].crt_size); 00874 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00875 /*#5*/ 00876 result = pal_x509CertVerifyExtended(cert, caCert, &verifyResult); 00877 if (PAL_ERR_X509_CERT_VERIFY_FAILED == result) 00878 { 00879 TEST_ASSERT_TRUE((x509_verify_data[i].result & verifyResult)); 00880 } 00881 else 00882 { 00883 TEST_ASSERT_EQUAL_HEX(x509_verify_data[i].result, result); 00884 } 00885 /*#6*/ 00886 result = pal_x509Free(&cert); 00887 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00888 if (x509_verify_data[i].ca != NULL) 00889 { 00890 /*#7*/ 00891 result = pal_x509Free(&caCert); 00892 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00893 } 00894 } 00895 #else 00896 TEST_IGNORE_MESSAGE("Ignored, PAL_ENABLE_X509 not set"); 00897 #endif 00898 } 00899 00900 /** 00901 * @brief Test the parsing of elliptic-curves keys (public and private). 00902 * 00903 * Uses `parse_ec_key_data`. 00904 * 00905 * For each test vector: 00906 * | # | Step | Expected | 00907 * |---|--------------------------------|-------------| 00908 * | 1 | Initialize a new ECC key using `pal_ECKeyNew`. | PAL_SUCCESS | 00909 * | 2 | If private key, parse using `pal_parseECPrivateKeyFromDER`, otherwise parse using `pal_parseECPublicKeyFromDER`. | PAL_SUCCESS | 00910 * | 3 | Check the parsing status according to the test vector. | PAL_SUCCESS | 00911 * | 4 | Release the ECC key using `pal_ECKeyFree`. | PAL_SUCCESS | 00912 */ 00913 TEST(pal_crypto, ECKey_parseKey) 00914 { 00915 palStatus_t result; 00916 palECKeyHandle_t handle = NULLPTR; 00917 00918 for (uint32_t i = 0; i < sizeof(parse_ec_key_data) / sizeof(palParseECKeyTestVector_t) ; ++i) { 00919 /*#1*/ 00920 result = pal_ECKeyNew(&handle); 00921 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00922 /*#2*/ 00923 switch (parse_ec_key_data[i].type) { 00924 case PAL_CHECK_PRIVATE_KEY: 00925 result = pal_parseECPrivateKeyFromDER(parse_ec_key_data[i].key, parse_ec_key_data[i].len, handle); 00926 break; 00927 case PAL_CHECK_PUBLIC_KEY: 00928 result = pal_parseECPublicKeyFromDER(parse_ec_key_data[i].key, parse_ec_key_data[i].len, handle); 00929 break; 00930 default: 00931 TEST_FAIL(); 00932 } 00933 /*#3*/ 00934 if (parse_ec_key_data[i].shouldSucceed) 00935 { 00936 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00937 } 00938 else 00939 { 00940 TEST_ASSERT_NOT_EQUAL(PAL_SUCCESS, result); 00941 } 00942 /*#4*/ 00943 result = pal_ECKeyFree(&handle); 00944 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00945 } 00946 } 00947 00948 /** 00949 * @brief Test the validity of elliptic-curves keys (public and private). 00950 * 00951 * Uses `check_ec_key_data`. 00952 * 00953 * For each test vector: 00954 * | # | Step | Expected | 00955 * |---|--------------------------------|-------------| 00956 * | 1 | Initialize and load EC curve using `pal_ECGroupInitAndLoad`. | PAL_SUCCESS | 00957 * | 2 | Initialize a new ECC key using `pal_ECKeyNew`. | PAL_SUCCESS | 00958 * | 3 | If private key, parse using `pal_parseECPrivateKeyFromDER` and check the parsing status according to the test vector.| PAL_SUCCESS | 00959 * | 4 | If successfully parsed, check the key using `pal_ECCheckKey`. | PAL_SUCCESS | 00960 * | 5 | Release the ECC key using `pal_ECKeyFree`. | PAL_SUCCESS | 00961 * | 6 | Initialize a new ECC key using `pal_ECKeyNew`. | PAL_SUCCESS | 00962 * | 7 | If public key, parse using `pal_parseECPublicKeyFromDER` and check the parsing status according to test the vector. | PAL_SUCCESS | 00963 * | 8 | If successfully parsed, check the key using `pal_ECCheckKey`. | PAL_SUCCESS | 00964 * | 9 | Release the ECC key using `pal_ECKeyFree`. | PAL_SUCCESS | 00965 * | 10 | Release the EC curve using `pal_ECGroupFree`. | PAL_SUCCESS | 00966 */ 00967 TEST(pal_crypto, ECKey_checkKey) 00968 { 00969 palStatus_t result; 00970 palCurveHandle_t grp = NULLPTR; 00971 bool verified = false; 00972 palECKeyHandle_t key = NULLPTR; 00973 00974 for (uint32_t i = 0; i < sizeof(check_ec_key_data) / sizeof(palCheckEcKeyTestVector_t); ++i) 00975 { 00976 /*#1*/ 00977 result = pal_ECGroupInitAndLoad(&grp, check_ec_key_data[i].index); 00978 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00979 /*#2*/ 00980 result = pal_ECKeyNew(&key); 00981 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00982 /*#3*/ 00983 result = pal_parseECPrivateKeyFromDER(check_ec_key_data[i].key, check_ec_key_data[i].keyLen, key); 00984 TEST_ASSERT_EQUAL_HEX(check_ec_key_data[i].parsePrvRes, result); 00985 if (PAL_SUCCESS == result) 00986 { 00987 /*#4*/ 00988 result = pal_ECCheckKey(grp, key, PAL_CHECK_PRIVATE_KEY, &verified); 00989 TEST_ASSERT_EQUAL(check_ec_key_data[i].checkPrvRes, result); 00990 TEST_ASSERT_EQUAL(check_ec_key_data[i].verifed, verified); 00991 } 00992 00993 /*#5*/ 00994 result = pal_ECKeyFree(&key); 00995 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00996 /*#6*/ 00997 result = pal_ECKeyNew(&key); 00998 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 00999 /*#7*/ 01000 result = pal_parseECPublicKeyFromDER(check_ec_key_data[i].key, check_ec_key_data[i].keyLen, key); 01001 TEST_ASSERT_EQUAL_HEX(check_ec_key_data[i].parsePubRes, result); 01002 if (PAL_SUCCESS == result) 01003 { 01004 /*#8*/ 01005 result = pal_ECCheckKey(grp, key, PAL_CHECK_PUBLIC_KEY, &verified); 01006 TEST_ASSERT_EQUAL(check_ec_key_data[i].checkPubRes, result); 01007 TEST_ASSERT_EQUAL(check_ec_key_data[i].verifed, verified); 01008 } 01009 /*#9*/ 01010 result = pal_ECKeyFree(&key); 01011 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01012 /*#10*/ 01013 result = pal_ECGroupFree(&grp); 01014 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01015 } 01016 } 01017 01018 /** 01019 * @brief Create a CSR from an elliptic-curve key and assure its validity. 01020 * 01021 * Uses CsrTests. 01022 * 01023 * For each test vector (steps 1A-1O are run for each tect vector): 01024 * | # | Step | Expected | 01025 * |---|--------------------------------|-------------| 01026 * | 1 | Initialize and load the EC curve using `pal_ECGroupInitAndLoad`. | PAL_SUCCESS | 01027 * | 1A | Initialize a new ECC key using `pal_ECKeyNew`. | PAL_SUCCESS | 01028 * | 1B | Parse using `pal_parseECPrivateKeyFromDER` and check the parsing status according to the test vector. | PAL_SUCCESS | 01029 * | 1C | Check the key using `pal_ECCheckKey`. | PAL_SUCCESS | 01030 * | 1D | Initialize a new ECC key using `pal_ECKeyNew`. | PAL_SUCCESS | 01031 * | 1E | Parse using `pal_parseECPublicKeyFromDER` and check the parsing status according to the test vector. | PAL_SUCCESS | 01032 * | 1F | Check the key using `pal_ECCheckKey`. | PAL_SUCCESS | 01033 * | 1G | Initialize the x509 certificate context using `pal_x509CSRInit`. | PAL_SUCCESS | 01034 * | 1H | Set the cert subject using `pal_x509CSRSetSubject`. | PAL_SUCCESS | 01035 * | 1I | Set the cert MD using `pal_x509CSRSetMD`. | PAL_SUCCESS | 01036 * | 1J | Set the cert keys using `pal_x509CSRSetKey`. | PAL_SUCCESS | 01037 * | 1K | Set the cert key usage using `pal_x509CSRSetKey`. | PAL_SUCCESS | 01038 * | 1L | Write the certificate to DER file using `pal_x509CSRWriteDER`. | PAL_SUCCESS | 01039 * | 1M | Release the x509 ceritifcate context using `pal_x509CSRFree`. | PAL_SUCCESS | 01040 * | 1N | Release the ECC key using `pal_ECKeyFree`. | PAL_SUCCESS | 01041 * | 1O | Release the ECC key using `pal_ECKeyFree`. | PAL_SUCCESS | 01042 * | 2 | Release the EC curve using `pal_ECGroupFree`. | PAL_SUCCESS | 01043 */ 01044 TEST(pal_crypto, CSR) 01045 { 01046 01047 #if (PAL_ENABLE_X509 == 1) 01048 palStatus_t result; 01049 palECKeyHandle_t prvKeyHandle = NULLPTR, pubKeyHandle = NULLPTR; 01050 unsigned char outDer[1000] = {0}; 01051 size_t reqLen; 01052 palx509CSRHandle_t CSRHandle = NULLPTR; 01053 01054 bool goodKey = false; 01055 palCurveHandle_t grp = NULLPTR; 01056 palGroupIndex_t index = PAL_ECP_DP_SECP256R1; 01057 /*#1*/ 01058 result = pal_ECGroupInitAndLoad(&grp, index); 01059 TEST_ASSERT_NOT_EQUAL(grp, NULLPTR); 01060 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01061 01062 for (uint32_t i = 0; i < sizeof(CsrTests) / sizeof(palX509CSRTestVector_t); ++i) 01063 { 01064 memset(outDer,0, sizeof(outDer)); 01065 01066 goodKey = false; 01067 /*#1A*/ 01068 result = pal_ECKeyNew(&prvKeyHandle); 01069 TEST_ASSERT_NOT_EQUAL(prvKeyHandle, NULLPTR); 01070 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01071 /*#1B*/ 01072 result = pal_parseECPrivateKeyFromDER(CsrTests[i].prvkey, CsrTests[i].prvkeyLen, prvKeyHandle); 01073 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01074 /*#1C*/ 01075 result = pal_ECCheckKey(grp, prvKeyHandle, PAL_CHECK_PRIVATE_KEY, &goodKey); 01076 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01077 TEST_ASSERT_EQUAL(true, goodKey); 01078 01079 goodKey = false; 01080 /*#1D*/ 01081 result = pal_ECKeyNew(&pubKeyHandle); 01082 TEST_ASSERT_NOT_EQUAL(pubKeyHandle, NULLPTR); 01083 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01084 /*#1E*/ 01085 result = pal_parseECPublicKeyFromDER(CsrTests[i].pubkey, CsrTests[i].pubkeyLen, pubKeyHandle); 01086 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01087 /*#1F*/ 01088 result = pal_ECCheckKey(grp, pubKeyHandle, PAL_CHECK_PUBLIC_KEY, &goodKey); 01089 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01090 TEST_ASSERT_EQUAL(true, goodKey); 01091 /*#1G*/ 01092 result = pal_x509CSRInit(&CSRHandle); 01093 TEST_ASSERT_NOT_EQUAL(CSRHandle, NULLPTR); 01094 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01095 /*#1H*/ 01096 result = pal_x509CSRSetSubject(CSRHandle, CsrTests[i].subject_name); 01097 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01098 /*#1I*/ 01099 result = pal_x509CSRSetMD(CSRHandle, CsrTests[i].mdType); 01100 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01101 /*#1J*/ 01102 result = pal_x509CSRSetKey(CSRHandle, pubKeyHandle, prvKeyHandle); 01103 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01104 /*#1K*/ 01105 result = pal_x509CSRSetKeyUsage(CSRHandle, CsrTests[i].keyUsage); 01106 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01107 /*#1L*/ 01108 //pal_x509CSRSetExtension - need input from provisioning 01109 reqLen = 0; 01110 result = pal_x509CSRWriteDER(CSRHandle, outDer, sizeof(outDer), &reqLen); 01111 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01112 01113 TEST_ASSERT_EQUAL(CsrTests[i].derOutLen, reqLen); 01114 TEST_ASSERT_EQUAL_MEMORY(CsrTests[i].derOut, outDer, reqLen); 01115 /*#1M*/ 01116 result = pal_x509CSRFree(&CSRHandle); 01117 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01118 /*#1N*/ 01119 result = pal_ECKeyFree(&prvKeyHandle); 01120 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01121 /*#1O*/ 01122 result = pal_ECKeyFree(&pubKeyHandle); 01123 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01124 } 01125 /*#2*/ 01126 result = pal_ECGroupFree(&grp); 01127 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01128 #else 01129 TEST_IGNORE_MESSAGE("Ignored, PAL_ENABLE_X509 not set"); 01130 #endif 01131 } 01132 01133 #define PAL_CRYPTO_TEST_MAX_ECDSA_LEN 74 01134 01135 /** 01136 * @brief Test hash function of the TBS of an X509 and its verification 01137 * 01138 * Uses `x509_verify_ca` and `x509_verify_cert`. 01139 * 01140 * | # | Step | Expected | 01141 * |---|--------------------------------|-------------| 01142 * | 1 | Instantiate X509 handles using `pal_x509Initiate`. | PAL_SUCCESS | 01143 * | 2 | Parse signer and signee X509 certificates into handles using `pal_x509CertParse`. | PAL_SUCCESS | 01144 * | 3 | Hash the TBS of the signee using `pal_x509CertGetHTBS`. | PAL_SUCCESS | 01145 * | 4 | Acquire the signature from the signee using `pal_x509CertGetAttribute` with PAL_X509_SIGNATUR_ATTR flag. | PAL_SUCCESS | 01146 * | 5 | Verify the hash signed by the CA in the signature of signee equals the hash of the TBS using `pal_verifySignature`. | PAL_SUCCESS | 01147 * | 6 | Verify the signature with the public key of the signee instead of the signer, using `pal_verifySignature` and fail. | PAL_ERR_PK_SIG_VERIFY_FAILED | 01148 * | 7 | Release the two X509 handles using `pal_x509Free`. | PAL_SUCCESS | 01149 */ 01150 TEST(pal_crypto, X509_tbs_hash) 01151 { 01152 #if (PAL_ENABLE_X509 == 1) 01153 palStatus_t status; 01154 unsigned char digest[PAL_SHA256_SIZE] = { 0 }; 01155 unsigned char sig[PAL_CRYPTO_TEST_MAX_ECDSA_LEN] = { 0 }; 01156 size_t sig_len; 01157 size_t digest_len; 01158 palX509Handle_t signee = NULLPTR; 01159 palX509Handle_t signer = NULLPTR; 01160 01161 /*#1*/ 01162 status = pal_x509Initiate(&signee); 01163 TEST_ASSERT_NOT_EQUAL(signee, NULLPTR); 01164 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, status); 01165 status = pal_x509Initiate(&signer); 01166 TEST_ASSERT_NOT_EQUAL(signer, NULLPTR); 01167 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, status); 01168 01169 /*#2*/ 01170 status = pal_x509CertParse(signee, x509_verify_cert, sizeof(x509_verify_cert)); 01171 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, status); 01172 status = pal_x509CertParse(signer, x509_verify_ca, sizeof(x509_verify_ca)); 01173 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, status); 01174 01175 /*#3*/ 01176 #ifdef DEBUG 01177 // Check invalid arguments 01178 status = pal_x509CertGetHTBS(NULLPTR, PAL_SHA256, digest, sizeof(digest), &digest_len); 01179 TEST_ASSERT_EQUAL_HEX(PAL_ERR_INVALID_ARGUMENT , status); 01180 status = pal_x509CertGetHTBS(signee, PAL_SHA256, NULL, sizeof(digest), &digest_len); 01181 TEST_ASSERT_EQUAL_HEX(PAL_ERR_INVALID_ARGUMENT , status); 01182 status = pal_x509CertGetHTBS(signee, PAL_SHA256, digest, sizeof(digest), NULL); 01183 TEST_ASSERT_EQUAL_HEX(PAL_ERR_INVALID_ARGUMENT , status); 01184 #endif 01185 // Check with small buffer 01186 status = pal_x509CertGetHTBS(signee, PAL_SHA256, digest, sizeof(digest) - 1, &digest_len); 01187 TEST_ASSERT_EQUAL_HEX(PAL_ERR_BUFFER_TOO_SMALL , status); 01188 01189 status = pal_x509CertGetHTBS(signee, PAL_SHA256, digest, sizeof(digest), &digest_len); 01190 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, status); 01191 TEST_ASSERT_EQUAL_HEX(PAL_SHA256_SIZE, digest_len); 01192 01193 /*#4*/ 01194 status = pal_x509CertGetAttribute(signee, PAL_X509_SIGNATUR_ATTR, sig, sizeof(sig), &sig_len); 01195 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, status); 01196 01197 /*#5*/ 01198 status = pal_verifySignature(signer, PAL_SHA256, digest, digest_len, sig, sig_len); 01199 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, status); 01200 01201 /*#6*/ 01202 status = pal_verifySignature(signee, PAL_SHA256, digest, PAL_SHA256_SIZE, sig, sig_len); 01203 TEST_ASSERT_EQUAL_HEX(PAL_ERR_PK_SIG_VERIFY_FAILED, status); 01204 01205 /*#7*/ 01206 status = pal_x509Free(&signee); 01207 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, status); 01208 01209 status = pal_x509Free(&signer); 01210 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, status); 01211 #else 01212 TEST_IGNORE_MESSAGE("Ignored, PAL_ENABLE_X509 not set"); 01213 #endif 01214 } 01215 01216 /** 01217 * @brief Test the generation of elliptic-curves keys (public and private). 01218 * 01219 * Uses `pal_ECKeyGenerateKey`. 01220 * 01221 * | # | Step | Expected | 01222 * |---|--------------------------------|-------------| 01223 * | 1 | Initialize a new EC key using `pal_ECKeyNew`. | PAL_SUCCESS | 01224 * | 2 | Generate EC keys using `pal_ECKeyGenerateKey`. | PAL_SUCCESS | 01225 * | 3 | Initialize and load EC group using `pal_ECGroupInitAndLoad`. | PAL_SUCCESS | 01226 * | 4 | Check both generated keys using `pal_ECCheckKey`. | PAL_SUCCESS | 01227 * | 5 | Compute signature for digest with private key using `pal_ECDSASign`. | PAL_SUCCESS | 01228 * | 6 | Verify signature with public key using `pal_ECDSAVerify`. | PAL_SUCCESS | 01229 * | 7 | Release the EC group using `pal_ECGroupFree`. | PAL_SUCCESS | 01230 * | 8 | Release the EC key using `pal_ECKeyFree`. | PAL_SUCCESS | 01231 */ 01232 TEST(pal_crypto, ECKey_GenerateKeys) 01233 { 01234 palStatus_t result; 01235 palECKeyHandle_t key_handle = NULLPTR; 01236 palGroupIndex_t grpID = PAL_ECP_DP_SECP256R1; 01237 palCurveHandle_t grp_handle = NULLPTR; 01238 bool verified = false; 01239 unsigned char hash_digest[] = 01240 { 0x34, 0x70, 0xCD, 0x54, 0x7B, 0x0A, 0x11, 0x5F, 0xE0, 0x5C, 0xEB, 0xBC, 0x07, 0xBA, 0x91, 0x88, 01241 0x27, 0x20, 0x25, 0x6B, 0xB2, 0x7A, 0x66, 0x89, 0x1A, 0x4B, 0xB7, 0x17, 0x11, 0x04, 0x86, 0x6F }; 01242 unsigned char signature[74] = { 0 }; 01243 size_t act_size_of_sign = sizeof(signature); 01244 01245 /*#1*/ 01246 result = pal_ECKeyNew(&key_handle); 01247 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01248 01249 /*#2*/ 01250 result = pal_ECKeyGenerateKey(grpID, key_handle); 01251 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01252 01253 /*#3*/ 01254 result = pal_ECGroupInitAndLoad(&grp_handle, grpID); 01255 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01256 01257 /*#4*/ 01258 result = pal_ECCheckKey(grp_handle,key_handle, PAL_CHECK_BOTH_KEYS,&verified); 01259 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01260 TEST_ASSERT_EQUAL_HEX(true, verified); 01261 01262 /*#5*/ 01263 result = pal_ECDSASign(grp_handle, PAL_SHA256, key_handle, hash_digest, sizeof(hash_digest), signature, &act_size_of_sign); 01264 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01265 01266 /*#6*/ 01267 verified = false; 01268 result = pal_ECDSAVerify(key_handle, hash_digest, sizeof(hash_digest), signature, act_size_of_sign, &verified); 01269 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01270 TEST_ASSERT_EQUAL_HEX(true, verified); 01271 01272 /*#7*/ 01273 result = pal_ECGroupFree(&grp_handle); 01274 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01275 01276 /*#8*/ 01277 result = pal_ECKeyFree(&key_handle); 01278 TEST_ASSERT_EQUAL_HEX(PAL_SUCCESS, result); 01279 }
Generated on Mon Aug 29 2022 19:53:40 by
1.7.2