From 0dc604ed2b3f207571dd68f0286e23f51793779e Mon Sep 17 00:00:00 2001 From: Raef Coles Date: Mon, 10 Oct 2022 17:35:26 +0100 Subject: [PATCH] Change how LMS and LMOTS negative tests work Signed-off-by: Raef Coles --- tests/suites/test_suite_lmots.function | 55 +++++++++++++++++++++++++- tests/suites/test_suite_lms.function | 55 +++++++++++++++++++++++++- 2 files changed, 106 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_lmots.function b/tests/suites/test_suite_lmots.function index 1b8315c176..b699fcc7b4 100644 --- a/tests/suites/test_suite_lmots.function +++ b/tests/suites/test_suite_lmots.function @@ -79,12 +79,63 @@ void lmots_verify_test ( data_t *msg, data_t *sig, data_t *pub_key, int expected_rc ) { mbedtls_lmots_public_t ctx; + unsigned int size; + unsigned char *tmp_sig = NULL; mbedtls_lmots_public_init( &ctx ); - mbedtls_lmots_import_public_key( &ctx, pub_key->x, pub_key->len ); + TEST_EQUAL(mbedtls_lmots_import_public_key( &ctx, pub_key->x, pub_key->len ), 0); - TEST_ASSERT(mbedtls_lmots_verify( &ctx, msg->x, msg->len, sig->x, sig->len ) == expected_rc ); + TEST_EQUAL(mbedtls_lmots_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), expected_rc); + + /* Test negative cases if the input data is valid */ + if( expected_rc == 0 ) + { + /* Altering first message byte must cause verification failure */ + msg->x[0] ^= 1; + TEST_EQUAL(mbedtls_lmots_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + msg->x[0] ^= 1; + + /* Altering last message byte must cause verification failure */ + msg->x[msg->len - 1] ^= 1; + TEST_EQUAL(mbedtls_lmots_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + msg->x[msg->len - 1] ^= 1; + + /* Altering first signature byte must cause verification failure */ + sig->x[0] ^= 1; + TEST_EQUAL(mbedtls_lmots_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + sig->x[0] ^= 1; + + /* Altering first signature byte must cause verification failure */ + sig->x[0] ^= 1; + TEST_EQUAL(mbedtls_lmots_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + sig->x[0] ^= 1; + + /* Altering last signature byte must cause verification failure */ + sig->x[sig->len - 1] ^= 1; + TEST_EQUAL(mbedtls_lmots_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + sig->x[sig->len - 1] ^= 1; + + /* Signatures of all sizes must not verify, whether shorter or longer */ + for( size = 0; size < sig->len; size++ ) { + if( size == sig->len ) + continue; + + ASSERT_ALLOC( tmp_sig, size ); + if( tmp_sig != NULL ) + memcpy( tmp_sig, sig->x, MIN(size, sig->len) ); + + TEST_EQUAL(mbedtls_lmots_verify( &ctx, msg->x, msg->len, tmp_sig, size ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + mbedtls_free( tmp_sig ); + tmp_sig = NULL; + } + } exit: mbedtls_lmots_public_free( &ctx ); diff --git a/tests/suites/test_suite_lms.function b/tests/suites/test_suite_lms.function index e4c4b911b4..9c966cff40 100644 --- a/tests/suites/test_suite_lms.function +++ b/tests/suites/test_suite_lms.function @@ -85,12 +85,63 @@ void lms_verify_test ( data_t * msg, data_t * sig, data_t * pub_key, int expected_rc ) { mbedtls_lms_public_t ctx; + unsigned int size; + unsigned char *tmp_sig = NULL; mbedtls_lms_public_init( &ctx); - mbedtls_lms_import_public_key( &ctx, pub_key->x, pub_key->len ); + TEST_EQUAL(mbedtls_lms_import_public_key( &ctx, pub_key->x, pub_key->len ), 0); - TEST_ASSERT( mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ) == expected_rc ); + TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), expected_rc); + + /* Test negative cases if the input data is valid */ + if( expected_rc == 0 ) + { + /* Altering first message byte must cause verification failure */ + msg->x[0] ^= 1; + TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + msg->x[0] ^= 1; + + /* Altering last message byte must cause verification failure */ + msg->x[msg->len - 1] ^= 1; + TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + msg->x[msg->len - 1] ^= 1; + + /* Altering first signature byte must cause verification failure */ + sig->x[0] ^= 1; + TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + sig->x[0] ^= 1; + + /* Altering first signature byte must cause verification failure */ + sig->x[0] ^= 1; + TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + sig->x[0] ^= 1; + + /* Altering last signature byte must cause verification failure */ + sig->x[sig->len - 1] ^= 1; + TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, sig->x, sig->len ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + sig->x[sig->len - 1] ^= 1; + + /* Signatures of all sizes must not verify, whether shorter or longer */ + for( size = 0; size < sig->len; size++ ) { + if( size == sig->len ) + continue; + + ASSERT_ALLOC( tmp_sig, size ); + if( tmp_sig != NULL ) + memcpy( tmp_sig, sig->x, MIN(size, sig->len) ); + + TEST_EQUAL(mbedtls_lms_verify( &ctx, msg->x, msg->len, tmp_sig, size ), + MBEDTLS_ERR_LMS_VERIFY_FAILED); + mbedtls_free( tmp_sig ); + tmp_sig = NULL; + } + } exit: mbedtls_lms_public_free( &ctx );