From d476faa59558305e6f93f9c959383e96e4a8e757 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 5 Jul 2023 10:33:53 +0200 Subject: [PATCH] test: add more tests for Montgomery's invalid masks Signed-off-by: Valerio Setti --- tests/suites/test_suite_pkparse.data | 26 ++++++++++++++++++++---- tests/suites/test_suite_pkparse.function | 4 ++-- 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 432ddc910d..cad9d899c6 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -1196,10 +1196,6 @@ Key ASN1 (ECPrivateKey, empty parameters) depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_parse_key:"30070201010400a000":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -Key ASN1 (OneAsymmetricKey X25519, doesn't match masking requirements, from RFC8410 Appendix A but made into version 0) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:PSA_WANT_ECC_MONTGOMERY_255 -pk_parse_fix_x25519:"302e020100300506032b656e04220420f8ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff3f":"302e020100300506032b656e04220420f8ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f" - Key ASN1 (OneAsymmetricKey X25519, with invalid optional AlgorithIdentifier parameters) depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:PSA_WANT_ECC_MONTGOMERY_255 pk_parse_key:"3030020100300706032b656e050004220420b06d829655543a51cba36e53522bc0acfd60af59466555fb3e1e796872ab1a59":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT @@ -1222,3 +1218,25 @@ pk_parse_key:"3051020101300506032b656e04220420b06d829655543a51cba36e53522bc0acfd Key ASN1 (OneAsymmetricKey X25519, unsupported version 2 with public key and unsupported attributes) depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:PSA_WANT_ECC_MONTGOMERY_255 pk_parse_key:"3072020101300506032b656e04220420b06d829655543a51cba36e53522bc0acfd60af59466555fb3e1e796872ab1a59a01f301d060a2a864886f70d01090914310f0c0d437572646c65204368616972738121009bc3b0e93d8233fe6a8ba6138948cc12a91362d5c2ed81584db05ab5419c9d11":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +# From RFC8410 Appendix A but made into version 0 +OneAsymmetricKey X25519, doesn't match masking requirements #1 +depends_on:PSA_WANT_ECC_MONTGOMERY_255 +pk_parse_fix_montgomery:"302e020100300506032b656e04220420f8ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff3f":"302e020100300506032b656e04220420f8ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f" + +# Full inverse of the expected x25519 pattern: +# - 3 LSb to 1 +# - 1st MSb to 1 +# - 2nd MSb to 0 +# Note: Montgomery keys are written in Little endian format. +OneAsymmetricKey X25519, doesn't match masking requirements #2 +depends_on:PSA_WANT_ECC_MONTGOMERY_255 +pk_parse_fix_montgomery:"302e020100300506032b656e04220420ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbf":"302e020100300506032b656e04220420f8ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f" + +# Full inverse of the expected x448 pattern: +# - 2 LSb to 1 +# - MSb to 0 +# Note: Montgomery keys are written in Little endian format. +OneAsymmetricKey X448, doesn't match masking requirements #3 +depends_on:PSA_WANT_ECC_MONTGOMERY_448 +pk_parse_fix_montgomery:"3046020100300506032b656f043a0438ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f":"3046020100300506032b656f043a0438fcffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index 9361f53ea3..df139c60fc 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -150,8 +150,8 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PK_WRITE_C */ -void pk_parse_fix_x25519(data_t *input_key, data_t *exp_output) +/* BEGIN_CASE depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_WRITE_C */ +void pk_parse_fix_montgomery(data_t *input_key, data_t *exp_output) { /* Montgomery keys have specific bits set to either 0 or 1 depending on * their position. This is enforced during parsing (please see the implementation