mbedtls/tests/suites/test_suite_ccm.function

511 lines
18 KiB
Text
Raw Normal View History

2014-05-02 15:17:29 +02:00
/* BEGIN_HEADER */
2015-03-09 18:05:11 +01:00
#include "mbedtls/ccm.h"
2014-05-02 15:17:29 +02:00
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_CCM_C
2014-05-02 15:17:29 +02:00
* END_DEPENDENCIES
*/
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
2017-05-30 15:23:15 +02:00
void mbedtls_ccm_self_test( )
2014-05-02 15:17:29 +02:00
{
TEST_ASSERT( mbedtls_ccm_self_test( 1 ) == 0 );
2014-05-02 15:17:29 +02:00
}
/* END_CASE */
2014-05-06 12:12:45 +02:00
/* BEGIN_CASE */
2015-04-28 18:02:54 +02:00
void mbedtls_ccm_setkey( int cipher_id, int key_size, int result )
2014-05-06 12:12:45 +02:00
{
mbedtls_ccm_context ctx;
2014-05-06 12:12:45 +02:00
unsigned char key[32];
int ret;
2015-04-28 18:02:54 +02:00
mbedtls_ccm_init( &ctx );
2014-05-06 12:12:45 +02:00
memset( key, 0x2A, sizeof( key ) );
TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) );
2015-04-28 18:02:54 +02:00
ret = mbedtls_ccm_setkey( &ctx, cipher_id, key, key_size );
2014-05-06 12:12:45 +02:00
TEST_ASSERT( ret == result );
exit:
mbedtls_ccm_free( &ctx );
2014-05-06 12:12:45 +02:00
}
/* END_CASE */
2014-05-06 12:13:09 +02:00
/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
2014-05-06 18:07:24 +02:00
void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res )
{
mbedtls_ccm_context ctx;
2014-05-06 18:07:24 +02:00
unsigned char key[16];
unsigned char msg[10];
unsigned char iv[14];
unsigned char add[10];
unsigned char out[10];
unsigned char tag[18];
int decrypt_ret;
2015-04-28 18:02:54 +02:00
mbedtls_ccm_init( &ctx );
2014-05-06 18:07:24 +02:00
memset( key, 0, sizeof( key ) );
memset( msg, 0, sizeof( msg ) );
memset( iv, 0, sizeof( iv ) );
memset( add, 0, sizeof( add ) );
memset( out, 0, sizeof( out ) );
memset( tag, 0, sizeof( tag ) );
2015-04-28 18:02:54 +02:00
TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
2014-05-06 18:07:24 +02:00
key, 8 * sizeof( key ) ) == 0 );
TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
2014-05-06 18:07:24 +02:00
msg, out, tag, tag_len ) == res );
decrypt_ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len,
2014-05-06 18:07:24 +02:00
msg, out, tag, tag_len );
if( res == 0 )
TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
2014-05-06 18:07:24 +02:00
else
TEST_ASSERT( decrypt_ret == res );
exit:
mbedtls_ccm_free( &ctx );
2014-05-06 18:07:24 +02:00
}
/* END_CASE */
2018-05-14 15:32:41 +02:00
/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
void ccm_star_lengths( int msg_len, int iv_len, int add_len, int tag_len,
int res )
{
mbedtls_ccm_context ctx;
unsigned char key[16];
unsigned char msg[10];
unsigned char iv[14];
unsigned char add[10];
unsigned char out[10];
unsigned char tag[18];
int decrypt_ret;
mbedtls_ccm_init( &ctx );
memset( key, 0, sizeof( key ) );
memset( msg, 0, sizeof( msg ) );
memset( iv, 0, sizeof( iv ) );
memset( add, 0, sizeof( add ) );
memset( out, 0, sizeof( out ) );
memset( tag, 0, sizeof( tag ) );
TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
key, 8 * sizeof( key ) ) == 0 );
TEST_ASSERT( mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len,
add, add_len, msg, out, tag, tag_len ) == res );
decrypt_ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len, add,
add_len, msg, out, tag, tag_len );
if( res == 0 && tag_len != 0 )
TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
else
TEST_ASSERT( decrypt_ret == res );
exit:
mbedtls_ccm_free( &ctx );
}
/* END_CASE */
2014-05-06 12:13:09 +02:00
/* BEGIN_CASE */
void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key,
data_t * msg, data_t * iv,
data_t * add, data_t * result )
2014-05-06 12:13:09 +02:00
{
mbedtls_ccm_context ctx;
2017-05-30 15:23:15 +02:00
size_t tag_len;
2017-06-09 05:32:58 +02:00
uint8_t * msg_n_tag = (uint8_t *)malloc( result->len + 2 );
2014-05-06 12:13:09 +02:00
2015-04-28 18:02:54 +02:00
mbedtls_ccm_init( &ctx );
2017-06-09 05:32:58 +02:00
memset( msg_n_tag, 0, result->len + 2 );
memcpy( msg_n_tag, msg->x, msg->len );
2017-05-30 15:23:15 +02:00
2017-06-09 05:32:58 +02:00
tag_len = result->len - msg->len;
2014-05-06 12:13:09 +02:00
2017-06-09 05:32:58 +02:00
TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
2014-05-06 12:13:09 +02:00
2014-05-07 14:43:46 +02:00
/* Test with input == output */
2017-06-09 05:32:58 +02:00
TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg->len, iv->x, iv->len, add->x, add->len,
msg_n_tag, msg_n_tag, msg_n_tag + msg->len, tag_len ) == 0 );
2014-05-06 12:13:09 +02:00
2017-06-09 05:32:58 +02:00
TEST_ASSERT( memcmp( msg_n_tag, result->x, result->len ) == 0 );
2014-05-06 12:13:09 +02:00
/* Check we didn't write past the end */
2017-06-09 05:32:58 +02:00
TEST_ASSERT( msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0 );
2014-05-06 12:13:09 +02:00
exit:
mbedtls_ccm_free( &ctx );
free( msg_n_tag );
2014-05-06 12:13:09 +02:00
}
/* END_CASE */
2014-05-06 18:06:52 +02:00
/* BEGIN_CASE */
void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key,
data_t * msg, data_t * iv,
data_t * add, int tag_len, int result,
data_t * hex_msg )
2014-05-06 18:06:52 +02:00
{
2014-05-07 14:43:46 +02:00
unsigned char tag[16];
mbedtls_ccm_context ctx;
2014-05-06 18:06:52 +02:00
2015-04-28 18:02:54 +02:00
mbedtls_ccm_init( &ctx );
2014-05-07 14:43:46 +02:00
memset( tag, 0x00, sizeof( tag ) );
2014-05-06 18:06:52 +02:00
2017-06-09 05:32:58 +02:00
msg->len -= tag_len;
memcpy( tag, msg->x + msg->len, tag_len );
2014-05-06 18:06:52 +02:00
2017-06-09 05:32:58 +02:00
TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
2014-05-06 18:06:52 +02:00
2014-05-07 14:43:46 +02:00
/* Test with input == output */
2017-06-09 05:32:58 +02:00
TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg->len, iv->x, iv->len, add->x, add->len,
msg->x, msg->x, msg->x + msg->len, tag_len ) == result );
2014-05-06 18:06:52 +02:00
if( result == 0 )
2014-05-06 18:06:52 +02:00
{
2017-06-09 05:32:58 +02:00
TEST_ASSERT( memcmp( msg->x, hex_msg->x, hex_msg->len ) == 0 );
2014-05-06 18:06:52 +02:00
}
else
{
size_t i;
2017-06-09 05:32:58 +02:00
for( i = 0; i < msg->len; i++ )
TEST_ASSERT( msg->x[i] == 0 );
2014-05-06 18:06:52 +02:00
}
2014-05-07 14:43:46 +02:00
/* Check we didn't write past the end (where the original tag is) */
2017-06-09 05:32:58 +02:00
TEST_ASSERT( memcmp( msg->x + msg->len, tag, tag_len ) == 0 );
2014-05-06 18:06:52 +02:00
exit:
mbedtls_ccm_free( &ctx );
2014-05-06 18:06:52 +02:00
}
/* END_CASE */
2018-05-29 15:12:26 +02:00
/* BEGIN_CASE */
void mbedtls_ccm_star_encrypt_and_tag( int cipher_id,
data_t *key, data_t *msg,
data_t *source_address, data_t *frame_counter,
int sec_level, data_t *add,
data_t *expected_result, int output_ret )
2018-05-29 15:12:26 +02:00
{
unsigned char iv[13];
unsigned char result[50];
mbedtls_ccm_context ctx;
size_t i, iv_len, tag_len;
2018-05-29 15:12:26 +02:00
int ret;
mbedtls_ccm_init( &ctx );
memset( iv, 0x00, sizeof( iv ) );
memset( result, 0x00, sizeof( result ) );
if( sec_level % 4 == 0)
tag_len = 0;
else
tag_len = 1 << ( sec_level % 4 + 1);
for( i = 0; i < source_address->len; i++ )
iv[i] = source_address->x[i];
2018-05-29 15:12:26 +02:00
for( i = 0; i < frame_counter->len; i++ )
iv[source_address->len + i] = frame_counter->x[i];
2018-05-29 15:12:26 +02:00
iv[source_address->len + frame_counter->len] = sec_level;
2018-05-29 15:12:26 +02:00
iv_len = sizeof( iv );
TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id,
key->x, key->len * 8 ) == 0 );
2018-05-29 15:12:26 +02:00
ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg->len, iv, iv_len,
add->x, add->len, msg->x,
result, result + msg->len, tag_len );
2018-05-29 15:12:26 +02:00
TEST_ASSERT( ret == output_ret );
TEST_ASSERT( memcmp( result,
expected_result->x, expected_result->len ) == 0 );
2018-05-29 15:12:26 +02:00
/* Check we didn't write past the end */
TEST_ASSERT( result[expected_result->len] == 0 &&
result[expected_result->len + 1] == 0 );
2018-05-29 15:12:26 +02:00
exit:
mbedtls_ccm_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE */
void mbedtls_ccm_star_auth_decrypt( int cipher_id,
data_t *key, data_t *msg,
data_t *source_address, data_t *frame_counter,
int sec_level, data_t *add,
data_t *expected_result, int output_ret )
2018-05-29 15:12:26 +02:00
{
unsigned char iv[13];
unsigned char result[50];
mbedtls_ccm_context ctx;
size_t i, iv_len, tag_len;
2018-05-29 15:12:26 +02:00
int ret;
mbedtls_ccm_init( &ctx );
memset( iv, 0x00, sizeof( iv ) );
memset( result, '+', sizeof( result ) );
2018-05-29 15:12:26 +02:00
if( sec_level % 4 == 0)
tag_len = 0;
else
tag_len = 1 << ( sec_level % 4 + 1);
for( i = 0; i < source_address->len; i++ )
iv[i] = source_address->x[i];
2018-05-29 15:12:26 +02:00
for( i = 0; i < frame_counter->len; i++ )
iv[source_address->len + i] = frame_counter->x[i];
2018-05-29 15:12:26 +02:00
iv[source_address->len + frame_counter->len] = sec_level;
2018-05-29 15:12:26 +02:00
iv_len = sizeof( iv );
TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
2018-05-29 15:12:26 +02:00
ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg->len - tag_len, iv, iv_len,
add->x, add->len, msg->x, result,
msg->x + msg->len - tag_len, tag_len );
2018-05-29 15:12:26 +02:00
TEST_ASSERT( ret == output_ret );
TEST_ASSERT( memcmp( result, expected_result->x,
expected_result->len ) == 0 );
2018-05-29 15:12:26 +02:00
/* Check we didn't write past the end (where the original tag is) */
TEST_ASSERT( ( msg->len + 2 ) <= sizeof( result ) );
TEST_EQUAL( result[msg->len], '+' );
TEST_EQUAL( result[msg->len + 1], '+' );
2018-05-29 15:12:26 +02:00
exit:
mbedtls_ccm_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
void ccm_invalid_param( )
{
struct mbedtls_ccm_context ctx;
unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES;
int valid_len = sizeof(valid_buffer);
int valid_bitlen = valid_len * 8;
mbedtls_ccm_init( &ctx );
/* mbedtls_ccm_init() */
TEST_INVALID_PARAM( mbedtls_ccm_init( NULL ) );
/* mbedtls_ccm_setkey() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_setkey( NULL, valid_cipher, valid_buffer, valid_bitlen ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_setkey( &ctx, valid_cipher, NULL, valid_bitlen ) );
/* mbedtls_ccm_encrypt_and_tag() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_encrypt_and_tag( NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_encrypt_and_tag( &ctx, valid_len,
NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_encrypt_and_tag( &ctx, valid_len,
valid_buffer, valid_len,
NULL, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_encrypt_and_tag( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
NULL, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_encrypt_and_tag( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, NULL,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_encrypt_and_tag( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
NULL, valid_len ) );
/* mbedtls_ccm_star_encrypt_and_tag() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_encrypt_and_tag( NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len,
NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len,
valid_buffer, valid_len,
NULL, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
NULL, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, NULL,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
NULL, valid_len ) );
/* mbedtls_ccm_auth_decrypt() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_auth_decrypt( NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_auth_decrypt( &ctx, valid_len,
NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_auth_decrypt( &ctx, valid_len,
valid_buffer, valid_len,
NULL, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_auth_decrypt( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
NULL, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_auth_decrypt( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, NULL,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_auth_decrypt( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
NULL, valid_len ) );
/* mbedtls_ccm_star_auth_decrypt() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_auth_decrypt( NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_auth_decrypt( &ctx, valid_len,
NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_auth_decrypt( &ctx, valid_len,
valid_buffer, valid_len,
NULL, valid_len,
valid_buffer, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_auth_decrypt( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
NULL, valid_buffer,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_auth_decrypt( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, NULL,
valid_buffer, valid_len ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CCM_BAD_INPUT,
mbedtls_ccm_star_auth_decrypt( &ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
NULL, valid_len ) );
exit:
mbedtls_ccm_free( &ctx );
return;
}
/* END_CASE */
/* BEGIN_CASE */
void ccm_valid_param( )
{
TEST_VALID_PARAM( mbedtls_ccm_free( NULL ) );
exit:
return;
}
/* END_CASE */