Add validation tests for mbedtls_mpi_{mod,mod_raw}_random

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
author: Gilles Peskine <Gilles.Peskine@arm.com> 2022-12-08 12:59:51 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> 2022-12-16 10:13:29 +0100
commit: d878d1c638c550a03dabd3e9c45a50533b79249b (patch)
tree: ad4a91ccfbf770cf0fde3e7be0fb9f03cafe070a
parent: b1eea02f745fc978ad37e9749ed6dee509351116 (diff)
download: mbedtls-d878d1c638c550a03dabd3e9c45a50533b79249b.zip
mbedtls-d878d1c638c550a03dabd3e9c45a50533b79249b.tar.gz
mbedtls-d878d1c638c550a03dabd3e9c45a50533b79249b.tar.bz2
2 files changed, 105 insertions, 0 deletions
diff --git a/tests/suites/test_suite_bignum_random.data b/tests/suites/test_suite_bignum_random.data
index b51254b..b486f38 100644
--- a/tests/suites/test_suite_bignum_random.data
+++ b/tests/suites/test_suite_bignum_random.data
@@ -263,3 +263,48 @@ mpi_mod_random_values:0x7fffffff:"ffffffff"
 
 MPI random mod=core: 0..2^256+1
 mpi_mod_random_values:0:"010000000000000000000000000000000000000000000000000000000000000001"
+
+MPI random mod validation: 1 limb, good, 0..1
+mpi_mod_random_validation:0:"1":0:0
+
+MPI random mod validation: 1 limb, good, 1..3
+mpi_mod_random_validation:1:"3":0:0
+
+MPI random mod validation: 1 limb, good, 2..3
+mpi_mod_random_validation:2:"3":0:0
+
+MPI random mod validation: 1 limb, good, 3..5
+mpi_mod_random_validation:3:"5":0:0
+
+MPI random mod validation: 1 limb, good, 4..5
+mpi_mod_random_validation:4:"5":0:0
+
+MPI random mod validation: 1 limb, good, 5..7
+mpi_mod_random_validation:5:"7":0:0
+
+MPI random mod validation: 1 limb, good, 6..7
+mpi_mod_random_validation:6:"7":0:0
+
+MPI random mod validation: 1 limb, good, 0..0x123
+mpi_mod_random_validation:0:"123":0:0
+
+MPI random mod validation: 2+ limbs, good
+mpi_mod_random_validation:0:"01234567890123456789":0:0
+
+MPI random mod validation: 1 limb, output null
+mpi_mod_random_validation:0:"123":-1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random mod validation: 1 limb, output too large
+mpi_mod_random_validation:0:"123":1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random mod validation: 2+ limbs, output too small
+mpi_mod_random_validation:0:"01234567890123456789":-1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random mod validation: 2+ limbs, output too large
+mpi_mod_random_validation:0:"01234567890123456789":1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random mod validation: min == upper bound
+mpi_mod_random_validation:0x123:"123":-1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+MPI random mod validation: min > upper bound
+mpi_mod_random_validation:0x124:"123":-1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
diff --git a/tests/suites/test_suite_bignum_random.function b/tests/suites/test_suite_bignum_random.function
index 4ee26ad..61db40d 100644
--- a/tests/suites/test_suite_bignum_random.function
+++ b/tests/suites/test_suite_bignum_random.function
@@ -387,6 +387,66 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
+void mpi_mod_random_validation( int min, char *bound_hex,
+                                int result_limbs_delta,
+                                int expected_ret )
+{
+    mbedtls_mpi_uint *result_digits = NULL;
+    mbedtls_mpi_mod_modulus N;
+    mbedtls_mpi_mod_modulus_init( &N );
+
+    TEST_EQUAL( mbedtls_test_read_mpi_modulus( &N, bound_hex,
+                                               MBEDTLS_MPI_MOD_REP_MONTGOMERY ),
+                0 );
+    size_t result_limbs = N.limbs + result_limbs_delta;
+    ASSERT_ALLOC( result_digits, result_limbs );
+    /* Build a reside that might not match the modulus, to test that
+     * the library function rejects that as expected. */
+    mbedtls_mpi_mod_residue result = {result_digits, result_limbs};
+
+    TEST_EQUAL( mbedtls_mpi_mod_random( &result, min, &N,
+                                        mbedtls_test_rnd_std_rand, NULL ),
+                expected_ret );
+    if( expected_ret == 0 )
+    {
+        /* Success should only be expected when the result has the same
+         * size as the modulus, otherwise it's a mistake in the test data. */
+        TEST_EQUAL( result_limbs, N.limbs );
+        /* Sanity check: check that the result is in range */
+        TEST_EQUAL( mbedtls_mpi_mod_raw_from_mont_rep( result_digits, &N ), 0 );
+        TEST_EQUAL( mbedtls_mpi_core_lt_ct( result_digits, N.p, N.limbs ),
+                    1 );
+        /* Check result >= min (changes result) */
+        TEST_EQUAL( mbedtls_mpi_core_sub_int( result_digits, result_digits, min,
+                                              result_limbs ),
+                    0 );
+    }
+
+    /* When the result has the right number of limbs, also test mod_raw
+     * (for which this is an unchecked precondition). */
+    if( result_limbs_delta == 0 )
+    {
+        TEST_EQUAL( mbedtls_mpi_mod_raw_random( result_digits, min, &N,
+                                                mbedtls_test_rnd_std_rand, NULL ),
+                    expected_ret );
+        if( expected_ret == 0 )
+        {
+            TEST_EQUAL( mbedtls_mpi_mod_raw_from_mont_rep( result_digits, &N ), 0 );
+            TEST_EQUAL( mbedtls_mpi_core_lt_ct( result_digits, N.p, N.limbs ),
+                        1 );
+            TEST_EQUAL( mbedtls_mpi_core_sub_int( result_digits, result.p, min,
+                                                  result_limbs ),
+                        0 );
+        }
+    }
+
+exit:
+    mbedtls_test_mpi_mod_modulus_free_with_limbs( &N );
+    mbedtls_free( result_digits );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
 void mpi_random_fail( int min, data_t *bound_bytes, int expected_ret )
 {
     mbedtls_mpi upper_bound;
author	Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-08 12:59:51 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-16 10:13:29 +0100
commit	d878d1c638c550a03dabd3e9c45a50533b79249b (patch)
tree	ad4a91ccfbf770cf0fde3e7be0fb9f03cafe070a
parent	b1eea02f745fc978ad37e9749ed6dee509351116 (diff)
download	mbedtls-d878d1c638c550a03dabd3e9c45a50533b79249b.zip mbedtls-d878d1c638c550a03dabd3e9c45a50533b79249b.tar.gz mbedtls-d878d1c638c550a03dabd3e9c45a50533b79249b.tar.bz2