1 /*
2 * Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <stdio.h>
8 #include <stdlib.h>
9 #include <stdint.h>
10 #include <string.h>
11
12 #include <limits.h>
13
14 /* mbedtls lib */
15 #include "mbedtls/timing.h"
16
17 /* CC lib */
18 #if defined (CC_CONFIG_SUPPORT_SRP)
19 #include "mbedtls_cc_srp.h"
20 #endif
21
22 /* pal */
23 #include "test_pal_mem.h"
24
25 /* local */
26 #include "run_integration_pal_log.h"
27 #include "run_integration_test.h"
28 #include "run_integration_helper.h"
29
30
31 /************************************************************
32 *
33 * defines
34 *
35 ************************************************************/
36 #define RUNIT_SRP_DATA_SIZE_MAX 30
37
38 /************************************************************
39 *
40 * static functions prototypes
41 *
42 ************************************************************/
43 static RunItError_t runIt_srp(void);
44
45 /************************************************************
46 *
47 * static functions
48 *
49 ************************************************************/
runIt_srp(void)50 static RunItError_t runIt_srp(void)
51 {
52
53 RunItError_t rc = RUNIT_ERROR__OK;
54
55 #if defined (CC_CONFIG_SUPPORT_SRP)
56 static char userName[] = "alice";
57 static size_t userNameSize = 5;
58 static char userPwd[] = "password123";
59 static size_t userPwdSize = 11;
60 static mbedtls_srp_version_t srpVer = CC_SRP_VER_HK;
61 static mbedtls_srp_group_param groupParams = {{0xEE,0xAF,0x0A,0xB9,0xAD,0xB3,0x8D,0xD6,0x9C,0x33,0xF8,0x0A,0xFA,0x8F,0xC5,0xE8,0x60,0x72,0x61,0x87,0x75,0xFF,0x3C,0x0B,0x9E,0xA2,0x31,0x4C,0x9C,0x25,0x65,0x76,0xD6,0x74,0xDF,0x74,0x96,0xEA,0x81,0xD3,0x38,0x3B,0x48,0x13,0xD6,0x92,0xC6,0xE0,0xE0,0xD5,0xD8,0xE2,0x50,0xB9,0x8B,0xE4,0x8E,0x49,0x5C,0x1D,0x60,0x89,0xDA,0xD1,0x5D,0xC7,0xD7,0xB4,0x61,0x54,0xD6,0xB6,0xCE,0x8E,0xF4,0xAD,0x69,0xB1,0x5D,0x49,0x82,0x55,0x9B,0x29,0x7B,0xCF,0x18,0x85,0xC5,0x29,0xF5,0x66,0x66,0x0E,0x57,0xEC,0x68,0xED,0xBC,0x3C,0x05,0x72,0x6C,0xC0,0x2F,0xD4,0xCB,0xF4,0x97,0x6E,0xAA,0x9A,0xFD,0x51,0x38,0xFE,0x83,0x76,0x43,0x5B,0x9F,0xC6,0x1D,0x2F,0xC0,0xEB,0x06,0xE3},0x2,1024,0,{0x0,0x0,0x0,0x0,0x0}};
62 static CCHashOperationMode_t hashMode = CC_HASH_SHA1_mode;
63 static size_t saltSize = 16;
64 static size_t privKeySize = 32;
65
66 // set the addresses in phys contig memory
67 RunItPtr hostCtxPtr;
68 RunItPtr userCtxPtr;
69 RunItPtr xBuffPtr;
70 RunItPtr uBuffPtr;
71 RunItPtr pwdVerifierPtr;
72 RunItPtr pubKeyAPtr;
73 RunItPtr pubKeyBPtr;
74 RunItPtr sessionKeyPtr;
75 RunItPtr userNamePtr;
76 RunItPtr userPwdPtr;
77 RunItPtr saltPtr;
78
79 mbedtls_srp_context *pHostCtx = NULL;
80 mbedtls_srp_context *pUserCtx = NULL;
81 mbedtls_srp_digest *x_Buff = NULL;
82 mbedtls_srp_digest *u_Buff = NULL;
83 mbedtls_srp_modulus *pwdVerifier = NULL;
84 mbedtls_srp_modulus *pubKeyA = NULL;
85 mbedtls_srp_modulus *pubKeyB = NULL;
86 mbedtls_srp_modulus *sessionKey = NULL;
87 char *pUserName = NULL;
88 char *pUserPwd = NULL;
89 uint8_t *pSalt = NULL;
90
91 uint8_t *pPwdVerifier = NULL;
92 uint8_t *pPubKeyA = NULL;
93 uint8_t *pPubKeyB = NULL;
94 uint8_t *pSessionKey = NULL;
95 uint8_t *pX_Buff = NULL;
96 uint8_t *pU_Buff = NULL;
97
98 const char* TEST_NAME = "SRP";
99 RUNIT_SUB_TEST_START(TEST_NAME);
100
101 ALLOC_STRUCT(mbedtls_srp_context, hostCtxPtr, pHostCtx);
102 ALLOC_STRUCT(mbedtls_srp_context, userCtxPtr, pUserCtx);
103 ALLOC_STRUCT(mbedtls_srp_digest, xBuffPtr, x_Buff);
104 ALLOC_STRUCT(mbedtls_srp_digest, uBuffPtr, u_Buff);
105 ALLOC_STRUCT(mbedtls_srp_modulus, pwdVerifierPtr, pwdVerifier);
106 ALLOC_STRUCT(mbedtls_srp_modulus, pubKeyAPtr, pubKeyA);
107 ALLOC_STRUCT(mbedtls_srp_modulus, pubKeyBPtr, pubKeyB);
108 ALLOC_STRUCT(mbedtls_srp_modulus, sessionKeyPtr, sessionKey);
109 ALLOC(userNamePtr, pUserName, RUNIT_SRP_DATA_SIZE_MAX);
110 ALLOC(userPwdPtr, pUserPwd, RUNIT_SRP_DATA_SIZE_MAX);
111 ALLOC(saltPtr, pSalt, saltSize);
112
113 pPwdVerifier = (uint8_t*)*pwdVerifier;
114 pPubKeyA = (uint8_t*)*pubKeyA;
115 pPubKeyB = (uint8_t*)*pubKeyB;
116 pSessionKey = (uint8_t*)*sessionKey;
117 pX_Buff = (uint8_t*)*x_Buff;
118 pU_Buff = (uint8_t*)*u_Buff;
119
120
121 // copy buffers to contig mememory
122 memcpy(pUserName, (uint8_t *) userName, userNameSize);
123 memcpy(pUserPwd, (uint8_t *) userPwd, userPwdSize);
124
125 // init host ctx
126 RUNIT_ASSERT_WITH_RESULT(mbedtls_srp_init(CC_SRP_HOST,
127 srpVer,
128 groupParams.modulus,
129 groupParams.gen,
130 groupParams.modSizeInBits,
131 hashMode,
132 (uint8_t *)pUserName,
133 userNameSize,
134 (uint8_t *)pUserPwd,
135 userPwdSize,
136 gpRndContext,
137 pHostCtx),
138 0);
139
140 // init user ctx
141 RUNIT_ASSERT_WITH_RESULT(mbedtls_srp_init(CC_SRP_USER,
142 srpVer,
143 groupParams.modulus,
144 groupParams.gen,
145 groupParams.modSizeInBits,
146 hashMode,
147 (uint8_t *)pUserName,
148 userNameSize,
149 (uint8_t *)pUserPwd,
150 userPwdSize,
151 gpRndContext,
152 pUserCtx),
153 0);
154
155 // calculates pSalt & password verifier
156 RUNIT_ASSERT_WITH_RESULT(mbedtls_srp_pwd_ver_create(saltSize, pSalt, pPwdVerifier, pUserCtx), 0);
157
158 // generate host public & private ephemeral key, known as B & b in RFC
159 RUNIT_ASSERT_WITH_RESULT(mbedtls_srp_host_pub_key_create(privKeySize, pPwdVerifier, pPubKeyB, pHostCtx), 0);
160
161 // generate user public & private ephemeral key, known as A & a in RFC
162 RUNIT_ASSERT_WITH_RESULT(mbedtls_srp_user_pub_key_create(privKeySize, pPubKeyA, pUserCtx), 0);
163
164 // calculates the user proof
165 RUNIT_ASSERT_WITH_RESULT(mbedtls_srp_user_proof_calc(saltSize, pSalt, pPubKeyA, pPubKeyB, pU_Buff, pSessionKey, pUserCtx), 0);
166
167 // verify host session key
168 RUNIT_ASSERT_WITH_RESULT(mbedtls_srp_host_proof_verify_and_calc(saltSize, pSalt, pPwdVerifier, pPubKeyA, pPubKeyB, pU_Buff, pX_Buff, pSessionKey, pHostCtx), 0);
169
170 // Verify the host proof
171 RUNIT_ASSERT_WITH_RESULT(mbedtls_srp_user_proof_verify(pSessionKey, pPubKeyA, pU_Buff, pX_Buff, pUserCtx), 0);
172
173 bail:
174
175 mbedtls_srp_clear(pUserCtx);
176 mbedtls_srp_clear(pHostCtx);
177
178 FREE_IF_NOT_NULL(hostCtxPtr);
179 FREE_IF_NOT_NULL(userCtxPtr);
180 FREE_IF_NOT_NULL(xBuffPtr);
181 FREE_IF_NOT_NULL(uBuffPtr);
182 FREE_IF_NOT_NULL(pwdVerifierPtr);
183 FREE_IF_NOT_NULL(pubKeyAPtr);
184 FREE_IF_NOT_NULL(pubKeyBPtr);
185 FREE_IF_NOT_NULL(sessionKeyPtr);
186 FREE_IF_NOT_NULL(userNamePtr);
187 FREE_IF_NOT_NULL(userPwdPtr);
188 FREE_IF_NOT_NULL(saltPtr);
189
190 RUNIT_SUB_TEST_RESULT_W_PARAMS(TEST_NAME, "MODE[SHA1] SRP[HK] USER[%"PRIu32"B] PWD[%"PRIu32"B] SALT[%"PRIu32"B] KEY[%"PRIu32"B]",
191 (uint32_t)userNameSize, (uint32_t)userPwdSize, (uint32_t)saltSize, (uint32_t)privKeySize);
192 #endif
193 return rc;
194
195 }
196
197
198 /************************************************************
199 *
200 * public functions
201 *
202 ************************************************************/
runIt_srpTest(void)203 RunItError_t runIt_srpTest(void)
204 {
205 RunItError_t rc = RUNIT_ERROR__OK;
206 #if defined (CC_CONFIG_SUPPORT_SRP)
207 const char* TEST_NAME = "SRP";
208 RUNIT_TEST_START(TEST_NAME);
209
210 RUNIT_ASSERT(runIt_srp() == RUNIT_ERROR__OK);
211
212 bail:
213
214 RUNIT_TEST_RESULT(TEST_NAME);
215 #else
216 (void) runIt_srp;
217 #endif
218 return rc;
219 }
220
