1 /* test_ecc_utils.c - TinyCrypt common functions for ECC tests */
2
3 /* Copyright (c) 2014, Kenneth MacKay
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
8 * * Redistributions of source code must retain the above copyright notice,
9 * this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above copyright notice,
11 * this list of conditions and the following disclaimer in the documentation
12 * and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
15 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
18 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
19 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
20 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
21 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
22 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
23 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
24 * POSSIBILITY OF SUCH DAMAGE.*/
25
26 /*
27 * Copyright (C) 2017 by Intel Corporation, All Rights Reserved.
28 *
29 * Redistribution and use in source and binary forms, with or without
30 * modification, are permitted provided that the following conditions are met:
31 *
32 * - Redistributions of source code must retain the above copyright notice,
33 * this list of conditions and the following disclaimer.
34 *
35 * - Redistributions in binary form must reproduce the above copyright
36 * notice, this list of conditions and the following disclaimer in the
37 * documentation and/or other materials provided with the distribution.
38 *
39 * - Neither the name of Intel Corporation nor the names of its contributors
40 * may be used to endorse or promote products derived from this software
41 * without specific prior written permission.
42 *
43 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
44 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
45 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
46 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
47 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
48 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
49 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
50 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
51 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
52 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
53 * POSSIBILITY OF SUCH DAMAGE.
54 *
55 * test_ecc_utils.c -- Implementation of some common functions for ECC tests.
56 *
57 */
58
59 #include "test_ecc_utils.h"
60 #include <tinycrypt/constants.h>
61 #include <zephyr/sys/util.h>
62
63 #include <stdio.h>
64 #include <stdlib.h>
65 #include <string.h>
66 #include <stdbool.h>
67
68 /*
69 * Convert hex string to zero-padded nanoECC scalar
70 */
string2scalar(unsigned int * scalar,unsigned int num_word32,char * str)71 void string2scalar(unsigned int *scalar, unsigned int num_word32, char *str)
72 {
73
74 unsigned int num_bytes = num_word32 * 4U;
75 uint8_t tmp[num_bytes];
76 size_t hexlen = strlen(str);
77
78 int padding;
79
80 padding = num_bytes * 2U - strlen(str);
81 if (0 > padding) {
82 printf("Error: 2 * num_bytes(%d) < strlen(hex) (%zu)\n",
83 num_bytes * 2U, strlen(str));
84 k_panic();
85 }
86
87 (void)memset(tmp, 0, padding / 2);
88
89 if (hex2bin(str, hexlen, tmp + padding / 2, num_bytes) == 0) {
90 k_panic();
91 }
92 uECC_vli_bytesToNative(scalar, tmp, num_bytes);
93
94 }
95
vli_print_bytes(uint8_t * vli,unsigned int size)96 void vli_print_bytes(uint8_t *vli, unsigned int size)
97 {
98 for (unsigned i = 0; i < size; ++i) {
99 printf("%02X ", (unsigned)vli[i]);
100 }
101 }
102
print_ecc_scalar(const char * label,const unsigned int * p_vli,unsigned int num_word32)103 void print_ecc_scalar(const char *label, const unsigned int *p_vli,
104 unsigned int num_word32)
105 {
106 unsigned int i;
107
108 if (label) {
109 printf("%s = { ", label);
110 }
111
112 for (i = 0U; i < num_word32 - 1; ++i) {
113 printf("0x%08lX, ", (unsigned long)p_vli[i]);
114 }
115 printf("0x%08lX", (unsigned long)p_vli[i]);
116
117 if (label) {
118 printf(" };\n");
119 }
120 }
121
check_ecc_result(const int num,const char * name,const unsigned int * expected,const unsigned int * computed,const unsigned int num_word32,const bool verbose)122 int check_ecc_result(const int num, const char *name,
123 const unsigned int *expected,
124 const unsigned int *computed,
125 const unsigned int num_word32, const bool verbose)
126 {
127 uint32_t num_bytes = num_word32 * 4U;
128
129 if (memcmp(computed, expected, num_bytes)) {
130 TC_PRINT("\n Vector #%02d check %s - FAILURE:\n\n", num, name);
131 print_ecc_scalar("Expected", expected, num_word32);
132 print_ecc_scalar("Computed", computed, num_word32);
133 TC_PRINT("\n");
134 return TC_FAIL;
135 }
136 if (verbose) {
137 TC_PRINT(" Vector #%02d check %s - success\n", num, name);
138 }
139 return TC_PASS;
140 }
141
check_code(const int num,const int expected,const int computed,const int verbose)142 int check_code(const int num, const int expected,
143 const int computed, const int verbose)
144 {
145
146 if (expected != computed) {
147 TC_ERROR("\n Vector #%02d check - FAILURE:\n", num);
148 TC_ERROR("\n Expected: %d, computed: %d\n\n", expected, computed);
149 return TC_FAIL;
150 }
151
152 if (verbose) {
153 TC_PRINT(" Vector #%02d check - success (%d=%d)\n", num,
154 expected, computed);
155 }
156
157 return TC_PASS;
158 }
159
160 /* Test ecc_make_keys, and also as keygen part of other tests */
keygen_vectors(char ** d_vec,char ** qx_vec,char ** qy_vec,int tests,bool verbose)161 int keygen_vectors(char **d_vec, char **qx_vec, char **qy_vec, int tests,
162 bool verbose)
163 {
164
165 unsigned int pub[2 * NUM_ECC_WORDS];
166 unsigned int d[NUM_ECC_WORDS];
167 unsigned int prv[NUM_ECC_WORDS];
168 unsigned int result = TC_PASS;
169
170 /* expected outputs (converted input vectors) */
171 unsigned int exp_pub[2 * NUM_ECC_WORDS];
172 unsigned int exp_prv[NUM_ECC_WORDS];
173
174 for (int i = 0; i < tests; i++) {
175 string2scalar(exp_prv, NUM_ECC_WORDS, d_vec[i]);
176 string2scalar(exp_pub, NUM_ECC_WORDS, qx_vec[i]);
177 string2scalar(exp_pub + NUM_ECC_WORDS, NUM_ECC_WORDS, qy_vec[i]);
178
179 /*
180 * Feed prvkey vector as padded random seed into ecc_make_key.
181 * Internal mod-reduction will be zero-op and generate correct prv/pub
182 */
183 (void)memset(d, 0, sizeof(d));
184 string2scalar(d, NUM_ECC_WORDS, d_vec[i]);
185
186 uint8_t pub_bytes[2 * NUM_ECC_BYTES];
187 uint8_t prv_bytes[NUM_ECC_BYTES];
188
189 uECC_make_key_with_d(pub_bytes, prv_bytes, d, uECC_secp256r1());
190
191 uECC_vli_bytesToNative(prv, prv_bytes, NUM_ECC_BYTES);
192 uECC_vli_bytesToNative(pub, pub_bytes, NUM_ECC_BYTES);
193 uECC_vli_bytesToNative(pub + NUM_ECC_WORDS, pub_bytes + NUM_ECC_BYTES, NUM_ECC_BYTES);
194
195 /* validate correctness of vector conversion and make_key() */
196 result = check_ecc_result(i, "prv ", exp_prv, prv, NUM_ECC_WORDS, verbose);
197 if (result == TC_FAIL) {
198 return result;
199 }
200 result = check_ecc_result(i, "pub.x", exp_pub, pub, NUM_ECC_WORDS, verbose);
201 if (result == TC_FAIL) {
202 return result;
203 }
204 result = check_ecc_result(i, "pub.y", exp_pub + NUM_ECC_WORDS, pub + NUM_ECC_WORDS, NUM_ECC_WORDS, verbose);
205 if (result == TC_FAIL) {
206 return result;
207 }
208 }
209 return result;
210 }
211
