yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

CCM operations allow input == output

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-05-07 14:43:46 +02:00
parent aed6065793
commit 0f6b66dba1
3 changed files with 14 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
include/polarssl/ccm.h
View file

@ -67,8 +67,6 @@ void ccm_free( ccm_context *ctx );
/** /**
* \brief CCM buffer encryption * \brief CCM buffer encryption
* *
* \todo Document if input/output buffers can be the same
*
* \param ctx CCM context * \param ctx CCM context
* \param length length of the input data in bytes * \param length length of the input data in bytes
* \param iv nonce (initialization vector) * \param iv nonce (initialization vector)
@ -100,8 +98,6 @@ int ccm_encrypt_and_tag( ccm_context *ctx, size_t length,
/** /**
* \brief CCM buffer authenticated decryption * \brief CCM buffer authenticated decryption
* *
* \todo Document if input/output buffers can be the same
*
* \param ctx CCM context * \param ctx CCM context
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector * \param iv initialization vector

2
library/ccm.c
View file

@ -103,7 +103,7 @@ void ccm_free( ccm_context *ctx )
/* /*
* Encrypt or decrypt a partial block with CTR * Encrypt or decrypt a partial block with CTR
* Warning: using b for temporary storage! src and dst must not be b! * Warning: using b for temporary storage! src and dst must not be b!
* (This avoids allocating one more 16 bytes buffer.) * This avoids allocating one more 16 bytes buffer while allowing src == dst.
*/ */
#define CTR_CRYPT( dst, src, len ) \ #define CTR_CRYPT( dst, src, len ) \
if( ( ret = cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 ) \ if( ( ret = cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 ) \

25
tests/suites/test_suite_ccm.function
View file

@ -78,7 +78,6 @@ void ccm_encrypt_and_tag( int cipher_id,
unsigned char msg[50]; unsigned char msg[50];
unsigned char iv[13]; unsigned char iv[13];
unsigned char add[32]; unsigned char add[32];
unsigned char output[50];
unsigned char result[50]; unsigned char result[50];
ccm_context ctx; ccm_context ctx;
size_t key_len, msg_len, iv_len, add_len, tag_len, result_len; size_t key_len, msg_len, iv_len, add_len, tag_len, result_len;
@ -87,7 +86,6 @@ void ccm_encrypt_and_tag( int cipher_id,
memset( msg, 0x00, sizeof( msg ) ); memset( msg, 0x00, sizeof( msg ) );
memset( iv, 0x00, sizeof( iv ) ); memset( iv, 0x00, sizeof( iv ) );
memset( add, 0x00, sizeof( add ) ); memset( add, 0x00, sizeof( add ) );
memset( output, 0x00, sizeof( output ) );
memset( result, 0x00, sizeof( result ) ); memset( result, 0x00, sizeof( result ) );
key_len = unhexify( key, key_hex ); key_len = unhexify( key, key_hex );
@ -99,13 +97,14 @@ void ccm_encrypt_and_tag( int cipher_id,
TEST_ASSERT( ccm_init( &ctx, cipher_id, key, key_len * 8 ) == 0 ); TEST_ASSERT( ccm_init( &ctx, cipher_id, key, key_len * 8 ) == 0 );
/* Test with input == output */
TEST_ASSERT( ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len, TEST_ASSERT( ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
msg, output, output + msg_len, tag_len ) == 0 ); msg, msg, msg + msg_len, tag_len ) == 0 );
TEST_ASSERT( memcmp( output, result, result_len ) == 0 ); TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
/* Check we didn't write past the end */ /* Check we didn't write past the end */
TEST_ASSERT( output[result_len] == 0 && output[result_len + 1] == 0 ); TEST_ASSERT( msg[result_len] == 0 && msg[result_len + 1] == 0 );
ccm_free( &ctx ); ccm_free( &ctx );
} }
@ -121,7 +120,7 @@ void ccm_auth_decrypt( int cipher_id,
unsigned char msg[50]; unsigned char msg[50];
unsigned char iv[13]; unsigned char iv[13];
unsigned char add[32]; unsigned char add[32];
unsigned char output[50]; unsigned char tag[16];
unsigned char result[50]; unsigned char result[50];
ccm_context ctx; ccm_context ctx;
size_t key_len, msg_len, iv_len, add_len, result_len; size_t key_len, msg_len, iv_len, add_len, result_len;
@ -131,7 +130,7 @@ void ccm_auth_decrypt( int cipher_id,
memset( msg, 0x00, sizeof( msg ) ); memset( msg, 0x00, sizeof( msg ) );
memset( iv, 0x00, sizeof( iv ) ); memset( iv, 0x00, sizeof( iv ) );
memset( add, 0x00, sizeof( add ) ); memset( add, 0x00, sizeof( add ) );
memset( output, 0xFF, sizeof( output ) ); memset( tag, 0x00, sizeof( tag ) );
memset( result, 0x00, sizeof( result ) ); memset( result, 0x00, sizeof( result ) );
key_len = unhexify( key, key_hex ); key_len = unhexify( key, key_hex );
@ -139,6 +138,7 @@ void ccm_auth_decrypt( int cipher_id,
iv_len = unhexify( iv, iv_hex ); iv_len = unhexify( iv, iv_hex );
add_len = unhexify( add, add_hex ); add_len = unhexify( add, add_hex );
msg_len -= tag_len; msg_len -= tag_len;
memcpy( tag, msg + msg_len, tag_len );
if( strcmp( "FAIL", result_hex ) == 0 ) if( strcmp( "FAIL", result_hex ) == 0 )
{ {
@ -152,23 +152,24 @@ void ccm_auth_decrypt( int cipher_id,
TEST_ASSERT( ccm_init( &ctx, cipher_id, key, key_len * 8 ) == 0 ); TEST_ASSERT( ccm_init( &ctx, cipher_id, key, key_len * 8 ) == 0 );
/* Test with input == output */
TEST_ASSERT( ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len, TEST_ASSERT( ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len,
msg, output, msg + msg_len, tag_len ) == ret ); msg, msg, msg + msg_len, tag_len ) == ret );
if( ret == 0 ) if( ret == 0 )
{ {
TEST_ASSERT( memcmp( output, result, result_len ) == 0 ); TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
} }
else else
{ {
size_t i; size_t i;
for( i = 0; i < msg_len; i++ ) for( i = 0; i < msg_len; i++ )
TEST_ASSERT( output[i] == 0 ); TEST_ASSERT( msg[i] == 0 );
} }
/* Check we didn't write past the end */ /* Check we didn't write past the end (where the original tag is) */
TEST_ASSERT( output[msg_len] == 0xFF && output[msg_len + 1] == 0xFF ); TEST_ASSERT( memcmp( msg + msg_len, tag, tag_len ) == 0 );
ccm_free( &ctx ); ccm_free( &ctx );
} }