2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_HEADER */
|
2015-03-09 18:05:11 +01:00
|
|
|
#include "mbedtls/cipher.h"
|
2013-09-03 20:17:35 +02:00
|
|
|
|
2019-07-29 17:46:29 +02:00
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
#include "mbedtls/aes.h"
|
|
|
|
#endif
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2015-03-09 18:05:11 +01:00
|
|
|
#include "mbedtls/gcm.h"
|
2013-09-03 20:17:35 +02:00
|
|
|
#endif
|
2019-08-01 12:47:40 +02:00
|
|
|
|
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
2020-05-27 09:22:32 +02:00
|
|
|
#include "test/psa_crypto_helpers.h"
|
2019-08-01 12:47:40 +02:00
|
|
|
#endif
|
|
|
|
|
2020-11-26 10:22:50 +01:00
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
|
|
|
|
#define MBEDTLS_CIPHER_AUTH_CRYPT
|
|
|
|
#endif
|
|
|
|
|
2020-11-27 09:32:55 +01:00
|
|
|
#if defined(MBEDTLS_CIPHER_AUTH_CRYPT)
|
|
|
|
/* Helper for resetting key/direction
|
|
|
|
*
|
|
|
|
* The documentation doesn't explicitly say whether calling
|
|
|
|
* mbedtls_cipher_setkey() twice is allowed or not. This currently works with
|
|
|
|
* the default software implementation, but only by accident. It isn't
|
|
|
|
* guaranteed to work with new ciphers or with alternative implementations of
|
|
|
|
* individual ciphers, and it doesn't work with the PSA wrappers. So don't do
|
|
|
|
* it, and instead start with a fresh context.
|
|
|
|
*/
|
|
|
|
static void cipher_reset_key( mbedtls_cipher_context_t *ctx, int cipher_id,
|
|
|
|
int use_psa, size_t tag_len, const data_t *key, int direction )
|
|
|
|
{
|
|
|
|
mbedtls_cipher_free( ctx );
|
|
|
|
mbedtls_cipher_init( ctx );
|
|
|
|
|
|
|
|
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
|
|
(void) use_psa;
|
|
|
|
(void) tag_len;
|
|
|
|
#else
|
|
|
|
if( use_psa == 1 )
|
|
|
|
{
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( ctx,
|
|
|
|
mbedtls_cipher_info_from_type( cipher_id ),
|
|
|
|
tag_len ) );
|
|
|
|
}
|
|
|
|
else
|
|
|
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
|
|
|
{
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( ctx,
|
|
|
|
mbedtls_cipher_info_from_type( cipher_id ) ) );
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( ctx, key->x, 8 * key->len,
|
|
|
|
direction ) );
|
|
|
|
exit:
|
|
|
|
;
|
|
|
|
}
|
|
|
|
#endif /* MBEDTLS_CIPHER_AUTH_CRYPT */
|
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_HEADER */
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_DEPENDENCIES
|
2015-04-08 12:49:31 +02:00
|
|
|
* depends_on:MBEDTLS_CIPHER_C
|
2013-08-20 11:48:36 +02:00
|
|
|
* END_DEPENDENCIES
|
|
|
|
*/
|
2011-05-26 15:16:06 +02:00
|
|
|
|
2014-03-29 16:10:55 +01:00
|
|
|
/* BEGIN_CASE */
|
2017-05-30 15:23:15 +02:00
|
|
|
void mbedtls_cipher_list( )
|
2014-03-29 16:10:55 +01:00
|
|
|
{
|
|
|
|
const int *cipher_type;
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
for( cipher_type = mbedtls_cipher_list(); *cipher_type != 0; cipher_type++ )
|
|
|
|
TEST_ASSERT( mbedtls_cipher_info_from_type( *cipher_type ) != NULL );
|
2014-03-29 16:10:55 +01:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2014-06-13 16:08:07 +02:00
|
|
|
/* BEGIN_CASE */
|
2019-01-31 14:20:20 +01:00
|
|
|
void cipher_invalid_param_unconditional( )
|
2014-06-13 16:08:07 +02:00
|
|
|
{
|
2019-01-31 14:20:20 +01:00
|
|
|
mbedtls_cipher_context_t valid_ctx;
|
|
|
|
mbedtls_cipher_context_t invalid_ctx;
|
|
|
|
mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT;
|
|
|
|
mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
|
|
|
|
unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
|
|
|
|
int valid_size = sizeof(valid_buffer);
|
|
|
|
int valid_bitlen = valid_size * 8;
|
|
|
|
const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type(
|
|
|
|
*( mbedtls_cipher_list() ) );
|
|
|
|
size_t size_t_var;
|
2014-06-13 16:08:07 +02:00
|
|
|
|
2019-01-31 14:20:20 +01:00
|
|
|
(void)valid_mode; /* In some configurations this is unused */
|
|
|
|
|
|
|
|
mbedtls_cipher_init( &valid_ctx );
|
|
|
|
mbedtls_cipher_setup( &valid_ctx, valid_info );
|
|
|
|
mbedtls_cipher_init( &invalid_ctx );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_setup() */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, NULL ) ==
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_get_block_size() */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_get_block_size( &invalid_ctx ) == 0 );
|
2014-06-13 16:08:07 +02:00
|
|
|
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_get_cipher_mode() */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_get_cipher_mode( &invalid_ctx ) ==
|
|
|
|
MBEDTLS_MODE_NONE );
|
2014-06-13 16:08:07 +02:00
|
|
|
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_get_iv_size() */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_get_iv_size( &invalid_ctx ) == 0 );
|
2014-06-13 16:08:07 +02:00
|
|
|
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_get_type() */
|
|
|
|
TEST_ASSERT(
|
|
|
|
mbedtls_cipher_get_type( &invalid_ctx ) ==
|
|
|
|
MBEDTLS_CIPHER_NONE);
|
2014-06-13 16:08:07 +02:00
|
|
|
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_get_name() */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_get_name( &invalid_ctx ) == 0 );
|
2014-06-13 16:08:07 +02:00
|
|
|
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_get_key_bitlen() */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_get_key_bitlen( &invalid_ctx ) ==
|
|
|
|
MBEDTLS_KEY_LENGTH_NONE );
|
2014-06-13 16:08:07 +02:00
|
|
|
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_get_operation() */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_get_operation( &invalid_ctx ) ==
|
|
|
|
MBEDTLS_OPERATION_NONE );
|
2014-06-13 16:08:07 +02:00
|
|
|
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_setkey() */
|
|
|
|
TEST_ASSERT(
|
|
|
|
mbedtls_cipher_setkey( &invalid_ctx,
|
|
|
|
valid_buffer,
|
|
|
|
valid_bitlen,
|
|
|
|
valid_operation ) ==
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
2014-06-13 16:08:07 +02:00
|
|
|
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_set_iv() */
|
|
|
|
TEST_ASSERT(
|
|
|
|
mbedtls_cipher_set_iv( &invalid_ctx,
|
|
|
|
valid_buffer,
|
|
|
|
valid_size ) ==
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_reset() */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_reset( &invalid_ctx ) ==
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
2014-06-13 16:08:07 +02:00
|
|
|
|
2018-05-07 10:43:27 +02:00
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_update_ad() */
|
|
|
|
TEST_ASSERT(
|
|
|
|
mbedtls_cipher_update_ad( &invalid_ctx,
|
|
|
|
valid_buffer,
|
|
|
|
valid_size ) ==
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
|
|
|
#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
|
|
|
|
/* mbedtls_cipher_set_padding_mode() */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_set_padding_mode( &invalid_ctx, valid_mode ) ==
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
2014-06-13 16:08:07 +02:00
|
|
|
#endif
|
|
|
|
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_update() */
|
|
|
|
TEST_ASSERT(
|
|
|
|
mbedtls_cipher_update( &invalid_ctx,
|
|
|
|
valid_buffer,
|
|
|
|
valid_size,
|
|
|
|
valid_buffer,
|
|
|
|
&size_t_var ) ==
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_finish() */
|
|
|
|
TEST_ASSERT(
|
|
|
|
mbedtls_cipher_finish( &invalid_ctx,
|
|
|
|
valid_buffer,
|
|
|
|
&size_t_var ) ==
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
|
|
|
/* mbedtls_cipher_write_tag() */
|
|
|
|
TEST_ASSERT(
|
|
|
|
mbedtls_cipher_write_tag( &invalid_ctx,
|
|
|
|
valid_buffer,
|
|
|
|
valid_size ) ==
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_check_tag() */
|
|
|
|
TEST_ASSERT(
|
|
|
|
mbedtls_cipher_check_tag( &invalid_ctx,
|
|
|
|
valid_buffer,
|
|
|
|
valid_size ) ==
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
|
|
|
#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
|
|
|
|
|
|
|
|
exit:
|
|
|
|
mbedtls_cipher_free( &invalid_ctx );
|
|
|
|
mbedtls_cipher_free( &valid_ctx );
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
|
|
|
|
void cipher_invalid_param_conditional( )
|
|
|
|
{
|
|
|
|
mbedtls_cipher_context_t valid_ctx;
|
|
|
|
|
|
|
|
mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT;
|
|
|
|
mbedtls_operation_t invalid_operation = 100;
|
|
|
|
mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
|
|
|
|
unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
|
|
|
|
int valid_size = sizeof(valid_buffer);
|
|
|
|
int valid_bitlen = valid_size * 8;
|
|
|
|
const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type(
|
|
|
|
*( mbedtls_cipher_list() ) );
|
|
|
|
|
|
|
|
size_t size_t_var;
|
|
|
|
|
|
|
|
(void)valid_mode; /* In some configurations this is unused */
|
|
|
|
|
|
|
|
/* mbedtls_cipher_init() */
|
|
|
|
TEST_VALID_PARAM( mbedtls_cipher_init( &valid_ctx ) );
|
|
|
|
TEST_INVALID_PARAM( mbedtls_cipher_init( NULL ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_setup() */
|
|
|
|
TEST_VALID_PARAM( mbedtls_cipher_setup( &valid_ctx, valid_info ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_setup( NULL, valid_info ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_get_block_size() */
|
|
|
|
TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_block_size( NULL ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_get_cipher_mode() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_MODE_NONE,
|
|
|
|
mbedtls_cipher_get_cipher_mode( NULL ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_get_iv_size() */
|
|
|
|
TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_iv_size( NULL ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_get_type() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_CIPHER_NONE,
|
|
|
|
mbedtls_cipher_get_type( NULL ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_get_name() */
|
|
|
|
TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_name( NULL ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_get_key_bitlen() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_KEY_LENGTH_NONE,
|
|
|
|
mbedtls_cipher_get_key_bitlen( NULL ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_get_operation() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_OPERATION_NONE,
|
|
|
|
mbedtls_cipher_get_operation( NULL ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_setkey() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_setkey( NULL,
|
|
|
|
valid_buffer,
|
|
|
|
valid_bitlen,
|
|
|
|
valid_operation ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_setkey( &valid_ctx,
|
|
|
|
NULL,
|
|
|
|
valid_bitlen,
|
|
|
|
valid_operation ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_setkey( &valid_ctx,
|
|
|
|
valid_buffer,
|
|
|
|
valid_bitlen,
|
|
|
|
invalid_operation ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_set_iv() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_set_iv( NULL,
|
|
|
|
valid_buffer,
|
|
|
|
valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_set_iv( &valid_ctx,
|
|
|
|
NULL,
|
|
|
|
valid_size ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_reset() */
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_reset( NULL ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
|
2018-05-07 10:43:27 +02:00
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
2019-01-31 14:20:20 +01:00
|
|
|
/* mbedtls_cipher_update_ad() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_update_ad( NULL,
|
|
|
|
valid_buffer,
|
|
|
|
valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_update_ad( &valid_ctx,
|
|
|
|
NULL,
|
|
|
|
valid_size ) );
|
|
|
|
#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
|
|
|
|
/* mbedtls_cipher_set_padding_mode() */
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_set_padding_mode( NULL, valid_mode ) );
|
2014-06-13 16:08:07 +02:00
|
|
|
#endif
|
2019-01-31 14:20:20 +01:00
|
|
|
|
|
|
|
/* mbedtls_cipher_update() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_update( NULL,
|
|
|
|
valid_buffer,
|
|
|
|
valid_size,
|
|
|
|
valid_buffer,
|
|
|
|
&size_t_var ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_update( &valid_ctx,
|
|
|
|
NULL, valid_size,
|
|
|
|
valid_buffer,
|
|
|
|
&size_t_var ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_update( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
NULL,
|
|
|
|
&size_t_var ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_update( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer,
|
|
|
|
NULL ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_finish() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_finish( NULL,
|
|
|
|
valid_buffer,
|
|
|
|
&size_t_var ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_finish( &valid_ctx,
|
|
|
|
NULL,
|
|
|
|
&size_t_var ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_finish( &valid_ctx,
|
|
|
|
valid_buffer,
|
|
|
|
NULL ) );
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
|
|
|
/* mbedtls_cipher_write_tag() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_write_tag( NULL,
|
|
|
|
valid_buffer,
|
|
|
|
valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_write_tag( &valid_ctx,
|
|
|
|
NULL,
|
|
|
|
valid_size ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_check_tag() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_check_tag( NULL,
|
|
|
|
valid_buffer,
|
|
|
|
valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_check_tag( &valid_ctx,
|
|
|
|
NULL,
|
|
|
|
valid_size ) );
|
|
|
|
#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
|
|
|
|
|
|
|
|
/* mbedtls_cipher_crypt() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_crypt( NULL,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, &size_t_var ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_crypt( &valid_ctx,
|
|
|
|
NULL, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, &size_t_var ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_crypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
NULL, valid_size,
|
|
|
|
valid_buffer, &size_t_var ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_crypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
NULL, &size_t_var ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_crypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, NULL ) );
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_AEAD)
|
|
|
|
/* mbedtls_cipher_auth_encrypt() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_encrypt( NULL,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, &size_t_var,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_encrypt( &valid_ctx,
|
|
|
|
NULL, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, &size_t_var,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_encrypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
NULL, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, &size_t_var,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_encrypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
NULL, valid_size,
|
|
|
|
valid_buffer, &size_t_var,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_encrypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
NULL, &size_t_var,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_encrypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, NULL,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_encrypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, &size_t_var,
|
|
|
|
NULL, valid_size ) );
|
|
|
|
|
|
|
|
/* mbedtls_cipher_auth_decrypt() */
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_decrypt( NULL,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, &size_t_var,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_decrypt( &valid_ctx,
|
|
|
|
NULL, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, &size_t_var,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_decrypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
NULL, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, &size_t_var,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_decrypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
NULL, valid_size,
|
|
|
|
valid_buffer, &size_t_var,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_decrypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
NULL, &size_t_var,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_decrypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, NULL,
|
|
|
|
valid_buffer, valid_size ) );
|
|
|
|
TEST_INVALID_PARAM_RET(
|
|
|
|
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
|
|
|
|
mbedtls_cipher_auth_decrypt( &valid_ctx,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, valid_size,
|
|
|
|
valid_buffer, &size_t_var,
|
|
|
|
NULL, valid_size ) );
|
|
|
|
#endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */
|
|
|
|
|
|
|
|
/* mbedtls_cipher_free() */
|
|
|
|
TEST_VALID_PARAM( mbedtls_cipher_free( NULL ) );
|
|
|
|
exit:
|
|
|
|
TEST_VALID_PARAM( mbedtls_cipher_free( &valid_ctx ) );
|
2014-06-13 16:08:07 +02:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2016-07-14 14:46:10 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
|
2017-05-30 15:23:15 +02:00
|
|
|
void cipher_special_behaviours( )
|
2016-07-14 14:46:10 +02:00
|
|
|
{
|
|
|
|
const mbedtls_cipher_info_t *cipher_info;
|
|
|
|
mbedtls_cipher_context_t ctx;
|
|
|
|
unsigned char input[32];
|
|
|
|
unsigned char output[32];
|
2017-09-26 11:08:54 +02:00
|
|
|
#if defined (MBEDTLS_CIPHER_MODE_CBC)
|
2016-07-14 14:46:10 +02:00
|
|
|
unsigned char iv[32];
|
2017-09-26 11:08:54 +02:00
|
|
|
#endif
|
2016-07-14 14:46:10 +02:00
|
|
|
size_t olen = 0;
|
|
|
|
|
|
|
|
mbedtls_cipher_init( &ctx );
|
|
|
|
memset( input, 0, sizeof( input ) );
|
|
|
|
memset( output, 0, sizeof( output ) );
|
2017-10-01 16:04:54 +02:00
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2016-07-14 14:46:10 +02:00
|
|
|
memset( iv, 0, sizeof( iv ) );
|
|
|
|
|
|
|
|
/* Check and get info structures */
|
2017-09-25 16:03:12 +02:00
|
|
|
cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_CBC );
|
2016-07-14 14:46:10 +02:00
|
|
|
TEST_ASSERT( NULL != cipher_info );
|
|
|
|
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
|
|
|
|
|
|
|
|
/* IV too big */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1 )
|
|
|
|
== MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
|
|
|
|
|
|
|
|
/* IV too small */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, 0 )
|
|
|
|
== MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
|
|
|
|
2017-09-25 17:22:32 +02:00
|
|
|
mbedtls_cipher_free( &ctx );
|
2017-10-01 16:04:54 +02:00
|
|
|
mbedtls_cipher_init( &ctx );
|
2017-09-26 11:08:54 +02:00
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
2017-09-25 17:22:32 +02:00
|
|
|
cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
|
2017-09-25 16:03:12 +02:00
|
|
|
TEST_ASSERT( NULL != cipher_info );
|
|
|
|
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
|
|
|
|
|
2016-07-14 14:46:10 +02:00
|
|
|
/* Update ECB with partial block */
|
|
|
|
TEST_ASSERT( mbedtls_cipher_update( &ctx, input, 1, output, &olen )
|
|
|
|
== MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
|
|
|
|
|
|
|
|
exit:
|
|
|
|
mbedtls_cipher_free( &ctx );
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2017-05-30 15:23:15 +02:00
|
|
|
void enc_dec_buf( int cipher_id, char * cipher_string, int key_len,
|
2013-08-20 11:48:36 +02:00
|
|
|
int length_val, int pad_mode )
|
2013-08-16 13:38:47 +02:00
|
|
|
{
|
2015-06-24 01:08:09 +02:00
|
|
|
size_t length = length_val, outlen, total_len, i, block_size;
|
2018-06-08 12:03:16 +02:00
|
|
|
unsigned char key[64];
|
2011-01-06 16:37:30 +01:00
|
|
|
unsigned char iv[16];
|
2013-08-31 17:31:03 +02:00
|
|
|
unsigned char ad[13];
|
|
|
|
unsigned char tag[16];
|
2011-01-06 16:37:30 +01:00
|
|
|
unsigned char inbuf[64];
|
|
|
|
unsigned char encbuf[64];
|
|
|
|
unsigned char decbuf[64];
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
const mbedtls_cipher_info_t *cipher_info;
|
|
|
|
mbedtls_cipher_context_t ctx_dec;
|
|
|
|
mbedtls_cipher_context_t ctx_enc;
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2013-09-05 10:30:32 +02:00
|
|
|
/*
|
|
|
|
* Prepare contexts
|
|
|
|
*/
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_init( &ctx_dec );
|
|
|
|
mbedtls_cipher_init( &ctx_enc );
|
2013-09-05 10:30:32 +02:00
|
|
|
|
|
|
|
memset( key, 0x2a, sizeof( key ) );
|
2011-01-06 16:37:30 +01:00
|
|
|
|
|
|
|
/* Check and get info structures */
|
2015-04-08 12:49:31 +02:00
|
|
|
cipher_info = mbedtls_cipher_info_from_type( cipher_id );
|
2011-01-06 16:37:30 +01:00
|
|
|
TEST_ASSERT( NULL != cipher_info );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_cipher_info_from_string( cipher_string ) == cipher_info );
|
2011-01-06 16:37:30 +01:00
|
|
|
|
|
|
|
/* Initialise enc and dec contexts */
|
2015-05-14 13:51:45 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) );
|
2013-09-05 10:30:32 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) );
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
|
2013-08-20 11:48:36 +02:00
|
|
|
if( -1 != pad_mode )
|
2013-07-26 13:20:42 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) );
|
2013-07-26 13:20:42 +02:00
|
|
|
}
|
2013-09-13 14:41:45 +02:00
|
|
|
#else
|
|
|
|
(void) pad_mode;
|
2015-04-08 12:49:31 +02:00
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
|
2013-07-26 13:20:42 +02:00
|
|
|
|
2013-09-05 10:30:32 +02:00
|
|
|
/*
|
|
|
|
* Do a few encode/decode cycles
|
|
|
|
*/
|
|
|
|
for( i = 0; i < 3; i++ )
|
|
|
|
{
|
|
|
|
memset( iv , 0x00 + i, sizeof( iv ) );
|
|
|
|
memset( ad, 0x10 + i, sizeof( ad ) );
|
|
|
|
memset( inbuf, 0x20 + i, sizeof( inbuf ) );
|
|
|
|
|
|
|
|
memset( encbuf, 0, sizeof( encbuf ) );
|
|
|
|
memset( decbuf, 0, sizeof( decbuf ) );
|
|
|
|
memset( tag, 0, sizeof( tag ) );
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, sizeof( iv ) ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, sizeof( iv ) ) );
|
2013-09-03 13:04:44 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) );
|
2013-09-03 13:54:12 +02:00
|
|
|
|
2018-05-07 10:43:27 +02:00
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) );
|
2014-06-24 15:26:28 +02:00
|
|
|
#endif
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2015-06-24 01:08:09 +02:00
|
|
|
block_size = mbedtls_cipher_get_block_size( &ctx_enc );
|
|
|
|
TEST_ASSERT( block_size != 0 );
|
|
|
|
|
2011-01-06 16:37:30 +01:00
|
|
|
/* encode length number of bytes from inbuf */
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) );
|
2013-07-25 15:26:54 +02:00
|
|
|
total_len = outlen;
|
|
|
|
|
|
|
|
TEST_ASSERT( total_len == length ||
|
2015-06-24 01:08:09 +02:00
|
|
|
( total_len % block_size == 0 &&
|
2013-07-25 15:26:54 +02:00
|
|
|
total_len < length &&
|
2015-06-24 01:08:09 +02:00
|
|
|
total_len + block_size > length ) );
|
2011-06-09 16:27:58 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) );
|
2013-07-25 15:26:54 +02:00
|
|
|
total_len += outlen;
|
2011-06-09 16:27:58 +02:00
|
|
|
|
2018-05-07 10:43:27 +02:00
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) );
|
2014-06-24 15:26:28 +02:00
|
|
|
#endif
|
2013-09-03 16:19:22 +02:00
|
|
|
|
2013-07-25 15:26:54 +02:00
|
|
|
TEST_ASSERT( total_len == length ||
|
2015-06-24 01:08:09 +02:00
|
|
|
( total_len % block_size == 0 &&
|
2013-07-25 15:26:54 +02:00
|
|
|
total_len > length &&
|
2015-06-24 01:08:09 +02:00
|
|
|
total_len <= length + block_size ) );
|
2011-01-06 16:37:30 +01:00
|
|
|
|
|
|
|
/* decode the previously encoded string */
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, total_len, decbuf, &outlen ) );
|
2013-07-25 15:26:54 +02:00
|
|
|
total_len = outlen;
|
|
|
|
|
|
|
|
TEST_ASSERT( total_len == length ||
|
2015-06-24 01:08:09 +02:00
|
|
|
( total_len % block_size == 0 &&
|
2013-07-25 15:26:54 +02:00
|
|
|
total_len < length &&
|
2015-06-24 01:08:09 +02:00
|
|
|
total_len + block_size >= length ) );
|
2011-06-09 16:27:58 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) );
|
2013-07-25 15:26:54 +02:00
|
|
|
total_len += outlen;
|
2011-06-09 16:27:58 +02:00
|
|
|
|
2018-05-07 10:43:27 +02:00
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) );
|
2014-06-24 15:26:28 +02:00
|
|
|
#endif
|
2013-09-03 16:19:22 +02:00
|
|
|
|
2013-09-05 10:30:32 +02:00
|
|
|
/* check result */
|
2013-07-25 15:26:54 +02:00
|
|
|
TEST_ASSERT( total_len == length );
|
2011-01-06 16:37:30 +01:00
|
|
|
TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) );
|
2013-09-05 10:30:32 +02:00
|
|
|
}
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2013-09-05 10:30:32 +02:00
|
|
|
/*
|
|
|
|
* Done
|
|
|
|
*/
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_free( &ctx_dec );
|
|
|
|
mbedtls_cipher_free( &ctx_enc );
|
2013-08-16 13:38:47 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2017-05-30 15:23:15 +02:00
|
|
|
void enc_fail( int cipher_id, int pad_mode, int key_len, int length_val,
|
|
|
|
int ret )
|
2013-08-16 13:38:47 +02:00
|
|
|
{
|
2013-08-20 11:48:36 +02:00
|
|
|
size_t length = length_val;
|
2013-07-26 16:50:44 +02:00
|
|
|
unsigned char key[32];
|
|
|
|
unsigned char iv[16];
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
const mbedtls_cipher_info_t *cipher_info;
|
|
|
|
mbedtls_cipher_context_t ctx;
|
2013-07-26 16:50:44 +02:00
|
|
|
|
|
|
|
unsigned char inbuf[64];
|
|
|
|
unsigned char encbuf[64];
|
|
|
|
|
|
|
|
size_t outlen = 0;
|
|
|
|
|
|
|
|
memset( key, 0, 32 );
|
|
|
|
memset( iv , 0, 16 );
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_init( &ctx );
|
2013-07-26 16:50:44 +02:00
|
|
|
|
|
|
|
memset( inbuf, 5, 64 );
|
|
|
|
memset( encbuf, 0, 64 );
|
|
|
|
|
|
|
|
/* Check and get info structures */
|
2015-04-08 12:49:31 +02:00
|
|
|
cipher_info = mbedtls_cipher_info_from_type( cipher_id );
|
2013-07-26 16:50:44 +02:00
|
|
|
TEST_ASSERT( NULL != cipher_info );
|
|
|
|
|
|
|
|
/* Initialise context */
|
2015-05-14 13:51:45 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, key_len, MBEDTLS_ENCRYPT ) );
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
|
2013-09-13 14:41:45 +02:00
|
|
|
#else
|
|
|
|
(void) pad_mode;
|
2015-04-08 12:49:31 +02:00
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, 16 ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) );
|
2018-05-07 10:43:27 +02:00
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, NULL, 0 ) );
|
2014-06-24 15:26:28 +02:00
|
|
|
#endif
|
2013-07-26 16:50:44 +02:00
|
|
|
|
|
|
|
/* encode length number of bytes from inbuf */
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, inbuf, length, encbuf, &outlen ) );
|
|
|
|
TEST_ASSERT( ret == mbedtls_cipher_finish( &ctx, encbuf + outlen, &outlen ) );
|
2013-07-26 16:50:44 +02:00
|
|
|
|
|
|
|
/* done */
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_free( &ctx );
|
2013-08-16 13:38:47 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2013-07-26 16:50:44 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2019-07-29 17:46:29 +02:00
|
|
|
void dec_empty_buf( int cipher,
|
|
|
|
int expected_update_ret,
|
|
|
|
int expected_finish_ret )
|
2013-08-16 13:38:47 +02:00
|
|
|
{
|
2011-01-06 16:37:30 +01:00
|
|
|
unsigned char key[32];
|
|
|
|
unsigned char iv[16];
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_context_t ctx_dec;
|
|
|
|
const mbedtls_cipher_info_t *cipher_info;
|
2011-01-06 16:37:30 +01:00
|
|
|
|
|
|
|
unsigned char encbuf[64];
|
|
|
|
unsigned char decbuf[64];
|
|
|
|
|
2011-04-24 17:53:29 +02:00
|
|
|
size_t outlen = 0;
|
2011-01-06 16:37:30 +01:00
|
|
|
|
|
|
|
memset( key, 0, 32 );
|
|
|
|
memset( iv , 0, 16 );
|
2014-07-01 15:45:49 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_init( &ctx_dec );
|
2014-07-01 15:45:49 +02:00
|
|
|
|
2011-01-06 16:37:30 +01:00
|
|
|
memset( encbuf, 0, 64 );
|
|
|
|
memset( decbuf, 0, 64 );
|
|
|
|
|
2013-09-03 13:04:44 +02:00
|
|
|
/* Initialise context */
|
2019-06-05 16:35:08 +02:00
|
|
|
cipher_info = mbedtls_cipher_info_from_type( cipher );
|
2011-01-06 16:37:30 +01:00
|
|
|
TEST_ASSERT( NULL != cipher_info);
|
2019-06-05 16:35:08 +02:00
|
|
|
TEST_ASSERT( sizeof(key) * 8 >= cipher_info->key_bitlen );
|
2014-07-01 15:45:49 +02:00
|
|
|
|
2015-05-14 13:51:45 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2019-06-05 16:35:08 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec,
|
|
|
|
key, cipher_info->key_bitlen,
|
|
|
|
MBEDTLS_DECRYPT ) );
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) );
|
2013-09-03 13:04:44 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
|
2013-09-03 13:54:12 +02:00
|
|
|
|
2018-05-07 10:43:27 +02:00
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) );
|
2014-06-24 15:26:28 +02:00
|
|
|
#endif
|
2011-01-06 16:37:30 +01:00
|
|
|
|
|
|
|
/* decode 0-byte string */
|
2019-07-29 17:46:29 +02:00
|
|
|
TEST_ASSERT( expected_update_ret ==
|
|
|
|
mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) );
|
2011-01-06 16:37:30 +01:00
|
|
|
TEST_ASSERT( 0 == outlen );
|
2019-06-05 16:35:08 +02:00
|
|
|
|
2019-07-29 17:46:29 +02:00
|
|
|
if ( expected_finish_ret == 0 &&
|
|
|
|
( cipher_info->mode == MBEDTLS_MODE_CBC ||
|
|
|
|
cipher_info->mode == MBEDTLS_MODE_ECB ) )
|
2019-06-05 16:35:08 +02:00
|
|
|
{
|
|
|
|
/* Non-CBC and non-ECB ciphers are OK with decrypting empty buffers and
|
|
|
|
* return success, not MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED, when
|
2019-07-29 17:46:29 +02:00
|
|
|
* decrypting an empty buffer.
|
|
|
|
* On the other hand, CBC and ECB ciphers need a full block of input.
|
|
|
|
*/
|
|
|
|
expected_finish_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
|
2019-06-05 16:35:08 +02:00
|
|
|
}
|
|
|
|
|
2019-07-29 17:46:29 +02:00
|
|
|
TEST_ASSERT( expected_finish_ret == mbedtls_cipher_finish(
|
|
|
|
&ctx_dec, decbuf + outlen, &outlen ) );
|
2011-01-06 16:37:30 +01:00
|
|
|
TEST_ASSERT( 0 == outlen );
|
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_free( &ctx_dec );
|
2013-08-16 13:38:47 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
|
|
|
void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val,
|
2018-03-28 04:16:17 +02:00
|
|
|
int second_length_val, int pad_mode,
|
|
|
|
int first_encrypt_output_len, int second_encrypt_output_len,
|
|
|
|
int first_decrypt_output_len, int second_decrypt_output_len )
|
2013-08-16 13:38:47 +02:00
|
|
|
{
|
2013-08-20 11:48:36 +02:00
|
|
|
size_t first_length = first_length_val;
|
|
|
|
size_t second_length = second_length_val;
|
2011-04-24 10:57:21 +02:00
|
|
|
size_t length = first_length + second_length;
|
2015-06-24 01:08:09 +02:00
|
|
|
size_t block_size;
|
2011-01-06 16:37:30 +01:00
|
|
|
unsigned char key[32];
|
|
|
|
unsigned char iv[16];
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_context_t ctx_dec;
|
|
|
|
mbedtls_cipher_context_t ctx_enc;
|
|
|
|
const mbedtls_cipher_info_t *cipher_info;
|
2011-01-06 16:37:30 +01:00
|
|
|
|
|
|
|
unsigned char inbuf[64];
|
|
|
|
unsigned char encbuf[64];
|
|
|
|
unsigned char decbuf[64];
|
|
|
|
|
2011-04-24 10:57:21 +02:00
|
|
|
size_t outlen = 0;
|
|
|
|
size_t totaloutlen = 0;
|
2011-01-06 16:37:30 +01:00
|
|
|
|
|
|
|
memset( key, 0, 32 );
|
|
|
|
memset( iv , 0, 16 );
|
2014-07-01 15:45:49 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_init( &ctx_dec );
|
|
|
|
mbedtls_cipher_init( &ctx_enc );
|
2014-07-01 15:45:49 +02:00
|
|
|
|
2011-01-06 16:37:30 +01:00
|
|
|
memset( inbuf, 5, 64 );
|
|
|
|
memset( encbuf, 0, 64 );
|
|
|
|
memset( decbuf, 0, 64 );
|
|
|
|
|
|
|
|
/* Initialise enc and dec contexts */
|
2015-04-08 12:49:31 +02:00
|
|
|
cipher_info = mbedtls_cipher_info_from_type( cipher_id );
|
2011-01-06 16:37:30 +01:00
|
|
|
TEST_ASSERT( NULL != cipher_info);
|
2014-07-01 15:45:49 +02:00
|
|
|
|
2015-05-14 13:51:45 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) );
|
2014-07-01 15:45:49 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) );
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2018-03-28 04:16:17 +02:00
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
|
|
|
|
if( -1 != pad_mode )
|
|
|
|
{
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) );
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
(void) pad_mode;
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, 16 ) );
|
2013-09-03 13:04:44 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) );
|
2013-09-03 13:54:12 +02:00
|
|
|
|
2018-05-07 10:43:27 +02:00
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) );
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, NULL, 0 ) );
|
2014-06-24 15:26:28 +02:00
|
|
|
#endif
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2015-06-24 01:08:09 +02:00
|
|
|
block_size = mbedtls_cipher_get_block_size( &ctx_enc );
|
|
|
|
TEST_ASSERT( block_size != 0 );
|
|
|
|
|
2011-01-06 16:37:30 +01:00
|
|
|
/* encode length number of bytes from inbuf */
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) );
|
2018-03-28 04:16:17 +02:00
|
|
|
TEST_ASSERT( (size_t)first_encrypt_output_len == outlen );
|
2011-01-06 16:37:30 +01:00
|
|
|
totaloutlen = outlen;
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf + first_length, second_length, encbuf + totaloutlen, &outlen ) );
|
2018-03-28 04:16:17 +02:00
|
|
|
TEST_ASSERT( (size_t)second_encrypt_output_len == outlen );
|
2011-01-06 16:37:30 +01:00
|
|
|
totaloutlen += outlen;
|
2013-07-25 15:26:54 +02:00
|
|
|
TEST_ASSERT( totaloutlen == length ||
|
2015-06-24 01:08:09 +02:00
|
|
|
( totaloutlen % block_size == 0 &&
|
2013-07-25 15:26:54 +02:00
|
|
|
totaloutlen < length &&
|
2015-06-24 01:08:09 +02:00
|
|
|
totaloutlen + block_size > length ) );
|
2013-07-25 15:26:54 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + totaloutlen, &outlen ) );
|
2011-01-06 16:37:30 +01:00
|
|
|
totaloutlen += outlen;
|
2013-07-25 15:26:54 +02:00
|
|
|
TEST_ASSERT( totaloutlen == length ||
|
2015-06-24 01:08:09 +02:00
|
|
|
( totaloutlen % block_size == 0 &&
|
2013-07-25 15:26:54 +02:00
|
|
|
totaloutlen > length &&
|
2015-06-24 01:08:09 +02:00
|
|
|
totaloutlen <= length + block_size ) );
|
2011-01-06 16:37:30 +01:00
|
|
|
|
|
|
|
/* decode the previously encoded string */
|
2018-03-28 04:16:17 +02:00
|
|
|
second_length = totaloutlen - first_length;
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, first_length, decbuf, &outlen ) );
|
|
|
|
TEST_ASSERT( (size_t)first_decrypt_output_len == outlen );
|
2013-07-25 15:26:54 +02:00
|
|
|
totaloutlen = outlen;
|
2018-03-28 04:16:17 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf + first_length, second_length, decbuf + totaloutlen, &outlen ) );
|
|
|
|
TEST_ASSERT( (size_t)second_decrypt_output_len == outlen );
|
|
|
|
totaloutlen += outlen;
|
2013-07-25 15:26:54 +02:00
|
|
|
|
|
|
|
TEST_ASSERT( totaloutlen == length ||
|
2015-06-24 01:08:09 +02:00
|
|
|
( totaloutlen % block_size == 0 &&
|
2013-07-25 15:26:54 +02:00
|
|
|
totaloutlen < length &&
|
2015-06-24 01:08:09 +02:00
|
|
|
totaloutlen + block_size >= length ) );
|
2013-07-25 15:26:54 +02:00
|
|
|
|
2018-03-28 04:16:17 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + totaloutlen, &outlen ) );
|
2013-07-25 15:26:54 +02:00
|
|
|
totaloutlen += outlen;
|
|
|
|
|
|
|
|
TEST_ASSERT( totaloutlen == length );
|
2011-01-06 16:37:30 +01:00
|
|
|
|
|
|
|
TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) );
|
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_free( &ctx_dec );
|
|
|
|
mbedtls_cipher_free( &ctx_enc );
|
2013-08-16 13:38:47 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2013-09-03 18:31:25 +02:00
|
|
|
/* BEGIN_CASE */
|
2018-06-29 12:05:32 +02:00
|
|
|
void decrypt_test_vec( int cipher_id, int pad_mode, data_t * key,
|
|
|
|
data_t * iv, data_t * cipher,
|
|
|
|
data_t * clear, data_t * ad, data_t * tag,
|
2017-06-09 05:32:58 +02:00
|
|
|
int finish_result, int tag_result )
|
2013-09-03 18:31:25 +02:00
|
|
|
{
|
2018-05-10 12:54:32 +02:00
|
|
|
unsigned char output[265];
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_context_t ctx;
|
2013-09-03 18:31:25 +02:00
|
|
|
size_t outlen, total_len;
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_init( &ctx );
|
2014-07-01 15:45:49 +02:00
|
|
|
|
2013-09-03 18:31:25 +02:00
|
|
|
memset( output, 0x00, sizeof( output ) );
|
|
|
|
|
2017-05-30 15:23:15 +02:00
|
|
|
#if !defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CHACHAPOLY_C)
|
2017-06-13 15:55:58 +02:00
|
|
|
((void) ad);
|
|
|
|
((void) tag);
|
2013-09-20 11:29:59 +02:00
|
|
|
#endif
|
2013-09-03 18:31:25 +02:00
|
|
|
|
|
|
|
/* Prepare context */
|
2015-05-14 13:51:45 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_info_from_type( cipher_id ) ) );
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
|
2013-09-03 18:31:25 +02:00
|
|
|
if( pad_mode != -1 )
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
|
2013-09-13 14:41:45 +02:00
|
|
|
#else
|
|
|
|
(void) pad_mode;
|
2015-04-08 12:49:31 +02:00
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv->x, iv->len ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) );
|
2018-05-07 10:43:27 +02:00
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, ad->x, ad->len ) );
|
2014-06-24 15:26:28 +02:00
|
|
|
#endif
|
2013-09-03 18:31:25 +02:00
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
/* decode buffer and check tag->x */
|
2013-09-03 18:31:25 +02:00
|
|
|
total_len = 0;
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, cipher->x, cipher->len, output, &outlen ) );
|
2013-09-03 18:31:25 +02:00
|
|
|
total_len += outlen;
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen,
|
2013-09-03 18:31:25 +02:00
|
|
|
&outlen ) );
|
|
|
|
total_len += outlen;
|
2018-05-07 10:43:27 +02:00
|
|
|
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( tag_result == mbedtls_cipher_check_tag( &ctx, tag->x, tag->len ) );
|
2014-06-24 15:26:28 +02:00
|
|
|
#endif
|
2013-09-03 18:31:25 +02:00
|
|
|
|
|
|
|
/* check plaintext only if everything went fine */
|
|
|
|
if( 0 == finish_result && 0 == tag_result )
|
|
|
|
{
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( total_len == clear->len );
|
|
|
|
TEST_ASSERT( 0 == memcmp( output, clear->x, clear->len ) );
|
2013-09-03 18:31:25 +02:00
|
|
|
}
|
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_free( &ctx );
|
2013-09-03 18:31:25 +02:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2020-11-26 10:22:50 +01:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_AUTH_CRYPT */
|
2018-06-29 12:05:32 +02:00
|
|
|
void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
|
|
|
|
data_t * ad, data_t * cipher, data_t * tag,
|
2018-11-12 17:27:30 +01:00
|
|
|
char * result, data_t * clear, int use_psa )
|
2014-05-15 16:03:07 +02:00
|
|
|
{
|
2020-11-26 10:22:50 +01:00
|
|
|
/*
|
|
|
|
* Take an AEAD ciphertext + tag and perform a pair
|
|
|
|
* of AEAD decryption and AEAD encryption. Check that
|
2018-11-12 17:27:30 +01:00
|
|
|
* this results in the expected plaintext, and that
|
2020-11-26 10:22:50 +01:00
|
|
|
* decryption and encryption are inverse to one another.
|
2020-11-30 10:17:01 +01:00
|
|
|
*
|
|
|
|
* Do that twice:
|
|
|
|
* - once with legacy functions auth_decrypt/auth_encrypt
|
|
|
|
* - once with new functions auth_decrypt_ext/auth_encrypt_ext
|
|
|
|
* This allows testing both without duplicating test cases.
|
2020-11-26 10:22:50 +01:00
|
|
|
*/
|
2018-11-12 17:27:30 +01:00
|
|
|
|
2014-05-15 16:03:07 +02:00
|
|
|
int ret;
|
2020-11-30 10:17:01 +01:00
|
|
|
int using_nist_kw, using_nist_kw_padding;
|
2018-11-12 17:27:30 +01:00
|
|
|
unsigned char output[300]; /* Temporary buffer for results of
|
|
|
|
* encryption and decryption. */
|
|
|
|
unsigned char *output_tag = NULL; /* Temporary buffer for tag in the
|
|
|
|
* encryption step. */
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_context_t ctx;
|
2014-05-15 16:03:07 +02:00
|
|
|
size_t outlen;
|
|
|
|
|
2018-11-12 17:27:30 +01:00
|
|
|
unsigned char *tmp_tag = NULL;
|
|
|
|
unsigned char *tmp_cipher = NULL;
|
2014-07-01 15:45:49 +02:00
|
|
|
|
2020-11-30 10:17:01 +01:00
|
|
|
unsigned char *cipher_plus_tag = NULL;
|
|
|
|
size_t cipher_plus_tag_len;
|
|
|
|
unsigned char *decrypt_buf = NULL;
|
|
|
|
size_t decrypt_buf_len = 0;
|
|
|
|
unsigned char *encrypt_buf = NULL;
|
|
|
|
size_t encrypt_buf_len = 0;
|
|
|
|
|
2018-11-12 17:27:30 +01:00
|
|
|
mbedtls_cipher_init( &ctx );
|
2014-05-15 16:03:07 +02:00
|
|
|
memset( output, 0xFF, sizeof( output ) );
|
|
|
|
|
2020-11-26 10:22:50 +01:00
|
|
|
/* Initialize PSA Crypto */
|
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
|
|
if( use_psa == 1 )
|
|
|
|
PSA_ASSERT( psa_crypto_init( ) );
|
2018-11-12 17:27:30 +01:00
|
|
|
#else
|
2020-11-26 10:22:50 +01:00
|
|
|
(void) use_psa;
|
|
|
|
#endif
|
|
|
|
|
2020-11-30 10:17:01 +01:00
|
|
|
/*
|
|
|
|
* Are we using NIST_KW? with padding?
|
|
|
|
*/
|
|
|
|
using_nist_kw_padding = cipher_id == MBEDTLS_CIPHER_AES_128_KWP ||
|
|
|
|
cipher_id == MBEDTLS_CIPHER_AES_192_KWP ||
|
|
|
|
cipher_id == MBEDTLS_CIPHER_AES_256_KWP;
|
|
|
|
using_nist_kw = cipher_id == MBEDTLS_CIPHER_AES_128_KW ||
|
|
|
|
cipher_id == MBEDTLS_CIPHER_AES_192_KW ||
|
|
|
|
cipher_id == MBEDTLS_CIPHER_AES_256_KW ||
|
|
|
|
using_nist_kw_padding;
|
|
|
|
|
2020-11-26 10:22:50 +01:00
|
|
|
/*
|
|
|
|
* Prepare context for decryption
|
|
|
|
*/
|
2020-11-27 09:32:55 +01:00
|
|
|
cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
|
|
|
|
MBEDTLS_DECRYPT );
|
2020-11-26 10:22:50 +01:00
|
|
|
|
|
|
|
/*
|
2020-11-30 10:17:01 +01:00
|
|
|
* prepare buffer for decryption
|
|
|
|
* (we need the tag appended to the ciphertext)
|
|
|
|
*/
|
|
|
|
cipher_plus_tag_len = cipher->len + tag->len;
|
|
|
|
ASSERT_ALLOC( cipher_plus_tag, cipher_plus_tag_len );
|
|
|
|
memcpy( cipher_plus_tag, cipher->x, cipher->len );
|
|
|
|
memcpy( cipher_plus_tag + cipher->len, tag->x, tag->len );
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Compute length of output buffer according to the documentation
|
|
|
|
*/
|
|
|
|
if( using_nist_kw )
|
|
|
|
decrypt_buf_len = cipher_plus_tag_len - 8;
|
|
|
|
else
|
|
|
|
decrypt_buf_len = cipher_plus_tag_len - tag->len;
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Try decrypting to a buffer that's 1B too small
|
|
|
|
*/
|
|
|
|
if( decrypt_buf_len != 0 )
|
|
|
|
{
|
|
|
|
ASSERT_ALLOC( decrypt_buf, decrypt_buf_len - 1 );
|
|
|
|
|
|
|
|
outlen = 0;
|
|
|
|
ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len,
|
|
|
|
ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len,
|
|
|
|
decrypt_buf, decrypt_buf_len - 1, &outlen, tag->len );
|
|
|
|
TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
|
|
|
|
|
|
|
mbedtls_free( decrypt_buf );
|
|
|
|
decrypt_buf = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Authenticate and decrypt, and check result
|
|
|
|
*/
|
|
|
|
ASSERT_ALLOC( decrypt_buf, decrypt_buf_len );
|
|
|
|
|
|
|
|
outlen = 0;
|
|
|
|
ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len,
|
|
|
|
ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len,
|
|
|
|
decrypt_buf, decrypt_buf_len, &outlen, tag->len );
|
|
|
|
|
|
|
|
if( strcmp( result, "FAIL" ) == 0 )
|
|
|
|
{
|
|
|
|
TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
TEST_ASSERT( ret == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( outlen == clear->len );
|
|
|
|
if( clear->len != 0 )
|
|
|
|
TEST_ASSERT( memcmp( decrypt_buf, clear->x, clear->len ) == 0 );
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Free this, but keep cipher_plus_tag for legacy function with PSA */
|
|
|
|
mbedtls_free( decrypt_buf );
|
|
|
|
decrypt_buf = NULL;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Encrypt back if test data was authentic
|
|
|
|
*/
|
|
|
|
if( strcmp( result, "FAIL" ) != 0 )
|
|
|
|
{
|
|
|
|
/* prepare context for encryption */
|
|
|
|
cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
|
|
|
|
MBEDTLS_ENCRYPT );
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Compute size of output buffer according to documentation
|
|
|
|
*/
|
|
|
|
if( using_nist_kw )
|
|
|
|
{
|
|
|
|
encrypt_buf_len = clear->len + 8;
|
|
|
|
if( using_nist_kw_padding && encrypt_buf_len % 8 != 0 )
|
|
|
|
encrypt_buf_len += 8 - encrypt_buf_len % 8;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
encrypt_buf_len = clear->len + tag->len;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Try encrypting with an output buffer that's 1B too small
|
|
|
|
*/
|
|
|
|
ASSERT_ALLOC( encrypt_buf, encrypt_buf_len - 1 );
|
|
|
|
|
|
|
|
outlen = 0;
|
|
|
|
ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len,
|
|
|
|
ad->x, ad->len, clear->x, clear->len,
|
|
|
|
encrypt_buf, encrypt_buf_len - 1, &outlen, tag->len );
|
|
|
|
TEST_ASSERT( ret != 0 );
|
|
|
|
|
|
|
|
mbedtls_free( encrypt_buf );
|
|
|
|
encrypt_buf = NULL;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Encrypt and check the result
|
|
|
|
*/
|
|
|
|
ASSERT_ALLOC( encrypt_buf, encrypt_buf_len );
|
|
|
|
|
|
|
|
outlen = 0;
|
|
|
|
ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len,
|
|
|
|
ad->x, ad->len, clear->x, clear->len,
|
|
|
|
encrypt_buf, encrypt_buf_len, &outlen, tag->len );
|
|
|
|
TEST_ASSERT( ret == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( outlen == cipher->len + tag->len );
|
|
|
|
TEST_ASSERT( memcmp( encrypt_buf, cipher->x, cipher->len ) == 0 );
|
|
|
|
TEST_ASSERT( memcmp( encrypt_buf + cipher->len,
|
|
|
|
tag->x, tag->len ) == 0 );
|
|
|
|
|
|
|
|
mbedtls_free( encrypt_buf );
|
|
|
|
encrypt_buf = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Prepare context for decryption
|
|
|
|
*/
|
|
|
|
cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
|
|
|
|
MBEDTLS_DECRYPT );
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Prepare pointers for decryption
|
2020-11-26 10:22:50 +01:00
|
|
|
*/
|
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
|
|
if( use_psa == 1 )
|
|
|
|
{
|
2020-11-30 10:17:01 +01:00
|
|
|
/* PSA requires that the tag immediately follows the ciphertext.
|
|
|
|
* Fortunately, we already have that from testing the new API. */
|
|
|
|
tmp_cipher = cipher_plus_tag;
|
2018-11-12 17:27:30 +01:00
|
|
|
tmp_tag = tmp_cipher + cipher->len;
|
|
|
|
}
|
|
|
|
else
|
2020-11-26 10:22:50 +01:00
|
|
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
2018-11-12 17:27:30 +01:00
|
|
|
{
|
|
|
|
tmp_cipher = cipher->x;
|
2020-11-30 10:17:01 +01:00
|
|
|
tmp_tag = tag->x;
|
2018-11-12 17:27:30 +01:00
|
|
|
}
|
|
|
|
|
2020-11-26 10:22:50 +01:00
|
|
|
/*
|
|
|
|
* Authenticate and decrypt, and check result
|
|
|
|
*/
|
2014-05-15 16:03:07 +02:00
|
|
|
|
2018-11-12 17:27:30 +01:00
|
|
|
/* Sanity check that we don't use overly long inputs. */
|
|
|
|
TEST_ASSERT( sizeof( output ) >= cipher->len );
|
|
|
|
|
|
|
|
ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
|
|
|
|
tmp_cipher, cipher->len, output, &outlen,
|
|
|
|
tmp_tag, tag->len );
|
2014-05-15 16:03:07 +02:00
|
|
|
|
2020-12-01 09:57:55 +01:00
|
|
|
if( using_nist_kw )
|
|
|
|
{
|
|
|
|
/* NIST_KW with legacy API */
|
|
|
|
TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
|
|
|
|
}
|
|
|
|
else if( strcmp( result, "FAIL" ) == 0 )
|
2014-05-15 16:03:07 +02:00
|
|
|
{
|
2020-12-01 09:57:55 +01:00
|
|
|
/* unauthentic message */
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
|
2014-05-15 16:03:07 +02:00
|
|
|
}
|
2020-11-26 10:22:50 +01:00
|
|
|
else
|
|
|
|
{
|
2020-12-01 09:57:55 +01:00
|
|
|
/* authentic message: is the plaintext correct? */
|
2020-11-26 10:22:50 +01:00
|
|
|
TEST_ASSERT( ret == 0 );
|
2014-05-15 16:03:07 +02:00
|
|
|
|
2020-11-26 10:22:50 +01:00
|
|
|
TEST_ASSERT( outlen == clear->len );
|
|
|
|
TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 );
|
2020-12-01 09:57:55 +01:00
|
|
|
}
|
2014-05-15 16:03:07 +02:00
|
|
|
|
2020-12-01 09:57:55 +01:00
|
|
|
/*
|
|
|
|
* Encrypt back if test data was authentic
|
|
|
|
*/
|
|
|
|
if( strcmp( result, "FAIL" ) != 0 )
|
|
|
|
{
|
|
|
|
/* prepare context for encryption */
|
2020-11-27 09:32:55 +01:00
|
|
|
cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
|
|
|
|
MBEDTLS_ENCRYPT );
|
2020-11-26 10:22:50 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Encrypt and check the result
|
|
|
|
*/
|
|
|
|
memset( output, 0xFF, sizeof( output ) );
|
|
|
|
outlen = 0;
|
2014-05-15 16:03:07 +02:00
|
|
|
|
2020-11-26 10:22:50 +01:00
|
|
|
/* Sanity check that we don't use overly long inputs. */
|
|
|
|
TEST_ASSERT( sizeof( output ) >= clear->len + tag->len );
|
2018-11-12 17:27:30 +01:00
|
|
|
|
2020-11-26 10:22:50 +01:00
|
|
|
output_tag = output + clear->len;
|
|
|
|
ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
|
|
|
|
clear->x, clear->len, output, &outlen,
|
|
|
|
output_tag, tag->len );
|
2014-05-15 16:03:07 +02:00
|
|
|
|
2020-12-01 09:57:55 +01:00
|
|
|
if( using_nist_kw )
|
|
|
|
{
|
|
|
|
TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
TEST_ASSERT( ret == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( outlen == cipher->len );
|
|
|
|
TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 );
|
|
|
|
TEST_ASSERT( memcmp( output_tag, tag->x, tag->len ) == 0 );
|
|
|
|
}
|
2020-11-26 10:22:50 +01:00
|
|
|
}
|
2014-05-15 16:03:07 +02:00
|
|
|
|
2018-11-12 17:27:30 +01:00
|
|
|
exit:
|
2014-05-15 16:03:07 +02:00
|
|
|
|
2019-08-01 12:47:40 +02:00
|
|
|
mbedtls_cipher_free( &ctx );
|
2020-11-30 10:17:01 +01:00
|
|
|
mbedtls_free( decrypt_buf );
|
|
|
|
mbedtls_free( encrypt_buf );
|
|
|
|
mbedtls_free( cipher_plus_tag );
|
2019-08-01 12:47:40 +02:00
|
|
|
|
2018-11-12 17:27:30 +01:00
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
|
|
if( use_psa == 1 )
|
2019-08-01 12:47:40 +02:00
|
|
|
PSA_DONE( );
|
2018-11-12 17:27:30 +01:00
|
|
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
2014-05-15 16:03:07 +02:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2013-09-08 23:04:04 +02:00
|
|
|
/* BEGIN_CASE */
|
2018-06-29 12:05:32 +02:00
|
|
|
void test_vec_ecb( int cipher_id, int operation, data_t * key,
|
|
|
|
data_t * input, data_t * result, int finish_result
|
2017-06-09 05:32:58 +02:00
|
|
|
)
|
2013-09-08 23:04:04 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_context_t ctx;
|
2013-09-08 23:04:04 +02:00
|
|
|
unsigned char output[32];
|
|
|
|
size_t outlen;
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_init( &ctx );
|
2014-07-01 15:45:49 +02:00
|
|
|
|
2013-09-08 23:04:04 +02:00
|
|
|
memset( output, 0x00, sizeof( output ) );
|
|
|
|
|
|
|
|
/* Prepare context */
|
2015-05-14 13:51:45 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_info_from_type( cipher_id ) ) );
|
2013-09-08 23:04:04 +02:00
|
|
|
|
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) );
|
2013-09-08 23:04:04 +02:00
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, input->x,
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_get_block_size( &ctx ),
|
2013-09-08 23:04:04 +02:00
|
|
|
output, &outlen ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( outlen == mbedtls_cipher_get_block_size( &ctx ) );
|
|
|
|
TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen,
|
2013-09-08 23:04:04 +02:00
|
|
|
&outlen ) );
|
|
|
|
TEST_ASSERT( 0 == outlen );
|
|
|
|
|
|
|
|
/* check plaintext only if everything went fine */
|
|
|
|
if( 0 == finish_result )
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( 0 == memcmp( output, result->x,
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_get_block_size( &ctx ) ) );
|
2013-09-08 23:04:04 +02:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_free( &ctx );
|
2013-09-08 23:04:04 +02:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2017-09-25 16:03:12 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
|
2020-06-25 09:03:34 +02:00
|
|
|
void test_vec_crypt( int cipher_id, int operation, data_t *key,
|
|
|
|
data_t *iv, data_t *input, data_t *result,
|
2018-11-12 13:46:35 +01:00
|
|
|
int finish_result, int use_psa )
|
2017-09-25 16:03:12 +02:00
|
|
|
{
|
|
|
|
mbedtls_cipher_context_t ctx;
|
|
|
|
unsigned char output[32];
|
|
|
|
size_t outlen;
|
|
|
|
|
|
|
|
mbedtls_cipher_init( &ctx );
|
|
|
|
|
|
|
|
memset( output, 0x00, sizeof( output ) );
|
|
|
|
|
|
|
|
/* Prepare context */
|
2018-11-12 13:46:35 +01:00
|
|
|
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
|
|
(void) use_psa;
|
|
|
|
#else
|
|
|
|
if( use_psa == 1 )
|
|
|
|
{
|
2019-08-01 12:47:40 +02:00
|
|
|
PSA_ASSERT( psa_crypto_init( ) );
|
2018-11-12 13:46:35 +01:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
|
2018-11-12 17:27:30 +01:00
|
|
|
mbedtls_cipher_info_from_type( cipher_id ), 0 ) );
|
2018-11-12 13:46:35 +01:00
|
|
|
}
|
|
|
|
else
|
|
|
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
2017-09-25 16:03:12 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
|
2018-11-12 17:27:30 +01:00
|
|
|
mbedtls_cipher_info_from_type( cipher_id ) ) );
|
2017-09-25 16:03:12 +02:00
|
|
|
|
2020-06-25 09:03:34 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) );
|
2017-09-25 16:03:12 +02:00
|
|
|
if( MBEDTLS_MODE_CBC == ctx.cipher_info->mode )
|
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, MBEDTLS_PADDING_NONE ) );
|
|
|
|
|
2020-06-25 09:03:34 +02:00
|
|
|
TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv->len ? iv->x : NULL,
|
|
|
|
iv->len, input->x, input->len,
|
2017-09-25 16:03:12 +02:00
|
|
|
output, &outlen ) );
|
2020-06-25 09:03:34 +02:00
|
|
|
TEST_ASSERT( result->len == outlen );
|
2017-09-25 16:03:12 +02:00
|
|
|
/* check plaintext only if everything went fine */
|
|
|
|
if( 0 == finish_result )
|
2020-06-25 09:03:34 +02:00
|
|
|
TEST_ASSERT( 0 == memcmp( output, result->x, outlen ) );
|
2017-09-25 16:03:12 +02:00
|
|
|
|
|
|
|
exit:
|
|
|
|
mbedtls_cipher_free( &ctx );
|
2019-08-01 12:47:40 +02:00
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
|
|
PSA_DONE( );
|
|
|
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
2017-09-25 16:03:12 +02:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
|
2013-08-20 11:48:36 +02:00
|
|
|
void set_padding( int cipher_id, int pad_mode, int ret )
|
2013-08-16 13:38:47 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
const mbedtls_cipher_info_t *cipher_info;
|
|
|
|
mbedtls_cipher_context_t ctx;
|
2013-07-24 18:05:00 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_init( &ctx );
|
2014-07-01 15:45:49 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
cipher_info = mbedtls_cipher_info_from_type( cipher_id );
|
2013-07-24 18:05:00 +02:00
|
|
|
TEST_ASSERT( NULL != cipher_info );
|
2015-05-14 13:51:45 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
|
2013-07-24 18:05:00 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( ret == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
|
2013-07-24 18:05:00 +02:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_free( &ctx );
|
2013-08-16 13:38:47 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2011-01-06 16:37:30 +01:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
|
2018-06-29 12:05:32 +02:00
|
|
|
void check_padding( int pad_mode, data_t * input, int ret, int dlen_check
|
2017-06-09 05:32:58 +02:00
|
|
|
)
|
2013-08-16 13:38:47 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_info_t cipher_info;
|
|
|
|
mbedtls_cipher_context_t ctx;
|
2017-05-30 15:23:15 +02:00
|
|
|
size_t dlen;
|
2013-07-26 10:55:02 +02:00
|
|
|
|
|
|
|
/* build a fake context just for getting access to get_padding */
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_cipher_init( &ctx );
|
|
|
|
cipher_info.mode = MBEDTLS_MODE_CBC;
|
2013-07-26 10:55:02 +02:00
|
|
|
ctx.cipher_info = &cipher_info;
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
|
2013-07-26 10:55:02 +02:00
|
|
|
|
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( ret == ctx.get_padding( input->x, input->len, &dlen ) );
|
2013-08-20 11:48:36 +02:00
|
|
|
if( 0 == ret )
|
|
|
|
TEST_ASSERT( dlen == (size_t) dlen_check );
|
2013-08-16 13:38:47 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|