From 469c9f35f6934e5e0727a5d47c5dd598a9ab4afd Mon Sep 17 00:00:00 2001
From: Mateusz Starzyk <mateusz.starzyk@mobica.com>
Date: Fri, 18 Jun 2021 00:06:52 +0200
Subject: [PATCH] Add GCM tests for empty ciphertext/plaintext and empty AD.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
---
 tests/suites/test_suite_gcm.aes128_de.data |  4 ++
 tests/suites/test_suite_gcm.aes128_en.data |  4 ++
 tests/suites/test_suite_gcm.function       | 53 ++++++++++++++++++++++
 3 files changed, 61 insertions(+)

diff --git a/tests/suites/test_suite_gcm.aes128_de.data b/tests/suites/test_suite_gcm.aes128_de.data
index 7b823dd78..3df31e56b 100644
--- a/tests/suites/test_suite_gcm.aes128_de.data
+++ b/tests/suites/test_suite_gcm.aes128_de.data
@@ -718,6 +718,10 @@ AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 2
 depends_on:MBEDTLS_AES_C
 gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":2
 
+AES-GCM NIST - empty AD, empty ciphertext
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_no_ad_no_cipher:MBEDTLS_CIPHER_ID_AES:"cf063a34d4a9a76c2c86787d3f96db71":"113b9785971864c83b01c787":"72ac8493e3a5228b5d130a69d2510e42"
+
 AES-GCM Bad IV (AES-128,128,0,0,32) #0
 depends_on:MBEDTLS_AES_C
 gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT
diff --git a/tests/suites/test_suite_gcm.aes128_en.data b/tests/suites/test_suite_gcm.aes128_en.data
index f4856bff2..d60c458bc 100644
--- a/tests/suites/test_suite_gcm.aes128_en.data
+++ b/tests/suites/test_suite_gcm.aes128_en.data
@@ -718,6 +718,10 @@ AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 2
 depends_on:MBEDTLS_AES_C
 gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":2
 
+AES-GCM NIST - empty AD, empty plaintext
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_verify_no_ad_no_cipher:MBEDTLS_CIPHER_ID_AES:"11754cd72aec309bf52f7687212e8957":"3c819d9a9bed087615030b65":"250327c674aaf477aef2675748cf6971"
+
 AES-GCM Bad IV (AES-128,128,0,0,32) #0
 depends_on:MBEDTLS_AES_C
 gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT
diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function
index af5cacd98..005c49884 100644
--- a/tests/suites/test_suite_gcm.function
+++ b/tests/suites/test_suite_gcm.function
@@ -132,6 +132,23 @@ exit:
     mbedtls_free( output_tag );
 }
 
+static void check_no_cipher_no_ad( mbedtls_gcm_context *ctx,
+                                   int mode,
+                                   const data_t *iv,
+                                   const data_t *tag )
+{
+    uint8_t *output = NULL;
+
+    TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode,
+                                       iv->x, iv->len ) );
+    ASSERT_ALLOC( output, tag->len );
+    TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output, tag->len ) );
+    ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
+
+exit:
+    mbedtls_free( output );
+}
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -307,6 +324,24 @@ void gcm_decrypt_and_verify_empty_ad( int cipher_id,
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void gcm_decrypt_and_verify_no_ad_no_cipher( int cipher_id,
+                                             data_t * key_str,
+                                             data_t * iv_str,
+                                             data_t * tag_str )
+{
+    mbedtls_gcm_context ctx;
+
+    mbedtls_gcm_init( &ctx );
+
+    TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
+    check_no_cipher_no_ad( &ctx, MBEDTLS_GCM_DECRYPT,
+                           iv_str, tag_str );
+
+    mbedtls_gcm_free( &ctx );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void gcm_encrypt_and_tag_empty_cipher( int cipher_id,
                                        data_t * key_str,
@@ -352,6 +387,24 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void gcm_encrypt_and_verify_no_ad_no_cipher( int cipher_id,
+                                             data_t * key_str,
+                                             data_t * iv_str,
+                                             data_t * tag_str )
+{
+    mbedtls_gcm_context ctx;
+
+    mbedtls_gcm_init( &ctx );
+
+    TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
+    check_no_cipher_no_ad( &ctx, MBEDTLS_GCM_ENCRYPT,
+                           iv_str, tag_str );
+
+    mbedtls_gcm_free( &ctx );
+}
+/* END_CASE */
+
 /* BEGIN_CASE depends_on:NOT_DEFINED */
 void gcm_invalid_param( )
 {