1/* BEGIN_HEADER */
2#include "mbedtls/dhm.h"
3/* END_HEADER */
4
5/* BEGIN_DEPENDENCIES
6 * depends_on:MBEDTLS_DHM_C:MBEDTLS_BIGNUM_C
7 * END_DEPENDENCIES
8 */
9
10/* BEGIN_CASE */
11void dhm_do_dhm( int radix_P, char *input_P,
12                 int radix_G, char *input_G )
13{
14    mbedtls_dhm_context ctx_srv;
15    mbedtls_dhm_context ctx_cli;
16    unsigned char ske[1000];
17    unsigned char *p = ske;
18    unsigned char pub_cli[1000];
19    unsigned char sec_srv[1000];
20    unsigned char sec_cli[1000];
21    size_t ske_len = 0;
22    size_t pub_cli_len = 0;
23    size_t sec_srv_len;
24    size_t sec_cli_len;
25    int x_size, i;
26    rnd_pseudo_info rnd_info;
27
28    mbedtls_dhm_init( &ctx_srv );
29    mbedtls_dhm_init( &ctx_cli );
30    memset( ske, 0x00, 1000 );
31    memset( pub_cli, 0x00, 1000 );
32    memset( sec_srv, 0x00, 1000 );
33    memset( sec_cli, 0x00, 1000 );
34    memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
35
36    /*
37     * Set params
38     */
39    TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.P, radix_P, input_P ) == 0 );
40    TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.G, radix_G, input_G ) == 0 );
41    x_size = mbedtls_mpi_size( &ctx_srv.P );
42    pub_cli_len = x_size;
43
44    /*
45     * First key exchange
46     */
47    TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
48    ske[ske_len++] = 0;
49    ske[ske_len++] = 0;
50    TEST_ASSERT( mbedtls_dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );
51
52    TEST_ASSERT( mbedtls_dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
53    TEST_ASSERT( mbedtls_dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 );
54
55    TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, sizeof( sec_srv ), &sec_srv_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
56    TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 );
57
58    TEST_ASSERT( sec_srv_len == sec_cli_len );
59    TEST_ASSERT( sec_srv_len != 0 );
60    TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
61
62    /* Re-do calc_secret on server a few times to test update of blinding values */
63    for( i = 0; i < 3; i++ )
64    {
65        sec_srv_len = 1000;
66        TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, sizeof( sec_srv ), &sec_srv_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
67
68        TEST_ASSERT( sec_srv_len == sec_cli_len );
69        TEST_ASSERT( sec_srv_len != 0 );
70        TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
71    }
72
73    /*
74     * Second key exchange to test change of blinding values on server
75     */
76    p = ske;
77
78    TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
79    ske[ske_len++] = 0;
80    ske[ske_len++] = 0;
81    TEST_ASSERT( mbedtls_dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );
82
83    TEST_ASSERT( mbedtls_dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
84    TEST_ASSERT( mbedtls_dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 );
85
86    TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, sizeof( sec_srv ), &sec_srv_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
87    TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 );
88
89    TEST_ASSERT( sec_srv_len == sec_cli_len );
90    TEST_ASSERT( sec_srv_len != 0 );
91    TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
92
93exit:
94    mbedtls_dhm_free( &ctx_srv );
95    mbedtls_dhm_free( &ctx_cli );
96}
97/* END_CASE */
98
99/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
100void dhm_file( char *filename, char *p, char *g, int len )
101{
102    mbedtls_dhm_context ctx;
103    mbedtls_mpi P, G;
104
105    mbedtls_dhm_init( &ctx );
106    mbedtls_mpi_init( &P ); mbedtls_mpi_init( &G );
107
108    TEST_ASSERT( mbedtls_mpi_read_string( &P, 16, p ) == 0 );
109    TEST_ASSERT( mbedtls_mpi_read_string( &G, 16, g ) == 0 );
110
111    TEST_ASSERT( mbedtls_dhm_parse_dhmfile( &ctx, filename ) == 0 );
112
113    TEST_ASSERT( ctx.len == (size_t) len );
114    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &P ) == 0 );
115    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.G, &G ) == 0 );
116
117exit:
118    mbedtls_mpi_free( &P ); mbedtls_mpi_free( &G );
119    mbedtls_dhm_free( &ctx );
120}
121/* END_CASE */
122
123/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
124void dhm_selftest()
125{
126    TEST_ASSERT( mbedtls_dhm_self_test( 1 ) == 0 );
127}
128/* END_CASE */
129