diff --git a/ChangeLog.d/one-shot_cipher_functions.txt b/ChangeLog.d/one-shot_cipher_functions.txt new file mode 100644 index 000000000..3bb85e10d --- /dev/null +++ b/ChangeLog.d/one-shot_cipher_functions.txt @@ -0,0 +1,4 @@ +API changes + * Implement one-shot cipher functions, psa_cipher_encrypt and + psa_cipher_decrypt, according to the PSA Crypto API 1.0.0 + specification. diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index 20451c95e..31f4aa6d5 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -104,7 +104,10 @@ typedef struct { psa_algorithm_t MBEDTLS_PRIVATE(alg); uint8_t MBEDTLS_PRIVATE(iv_length); uint8_t MBEDTLS_PRIVATE(block_length); - mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher); + union { + unsigned int MBEDTLS_PRIVATE(dummy); + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher); + } MBEDTLS_PRIVATE(ctx); } mbedtls_psa_cipher_operation_t; #define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}} diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d089fe0ac..6e73d12c6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3246,14 +3246,12 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, goto exit; } - /* The requested algorithm must be one that can be processed by cipher. */ if( ! PSA_ALG_IS_CIPHER( alg ) ) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - /* Fetch key material from key storage. */ status = psa_get_and_lock_key_slot_with_policy( key, &slot, usage, alg ); if( status != PSA_SUCCESS ) goto exit; @@ -3483,6 +3481,107 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) return( PSA_SUCCESS ); } +psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot; + psa_key_type_t key_type; + size_t iv_length; + + *output_length = 0; + + if( ! PSA_ALG_IS_CIPHER( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + status = psa_get_and_lock_key_slot_with_policy( key, &slot, + PSA_KEY_USAGE_ENCRYPT, + alg ); + if( status != PSA_SUCCESS ) + return( status ); + + psa_key_attributes_t attributes = { + .core = slot->attr + }; + + key_type = slot->attr.type; + iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg ); + + if( iv_length > 0 ) + { + if( output_size < iv_length ) + { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } + + status = psa_generate_random( output, iv_length ); + if( status != PSA_SUCCESS ) + goto exit; + } + + status = psa_driver_wrapper_cipher_encrypt( + &attributes, slot->key.data, slot->key.bytes, + alg, input, input_length, + output, output_size, output_length ); + +exit: + unlock_status = psa_unlock_key_slot( slot ); + + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); +} + +psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot; + + *output_length = 0; + + if( ! PSA_ALG_IS_CIPHER( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + status = psa_get_and_lock_key_slot_with_policy( key, &slot, + PSA_KEY_USAGE_DECRYPT, + alg ); + if( status != PSA_SUCCESS ) + return( status ); + + psa_key_attributes_t attributes = { + .core = slot->attr + }; + + if( input_length < PSA_CIPHER_IV_LENGTH( slot->attr.type, alg ) ) + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + status = psa_driver_wrapper_cipher_decrypt( + &attributes, slot->key.data, slot->key.bytes, + alg, input, input_length, + output, output_size, output_length ); + +exit: + unlock_status = psa_unlock_key_slot( slot ); + + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); +} + + /****************************************************************/ /* AEAD */ /****************************************************************/ diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index a65e88492..d8c722bb1 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -160,9 +160,7 @@ static psa_status_t cipher_setup( (void)key_buffer_size; - /* Proceed with initializing an mbed TLS cipher context if no driver is - * available for the given algorithm & key. */ - mbedtls_cipher_init( &operation->cipher ); + mbedtls_cipher_init( &operation->ctx.cipher ); operation->alg = alg; key_bits = attributes->core.bits; @@ -171,7 +169,7 @@ static psa_status_t cipher_setup( if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - ret = mbedtls_cipher_setup( &operation->cipher, cipher_info ); + ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info ); if( ret != 0 ) goto exit; @@ -182,14 +180,14 @@ static psa_status_t cipher_setup( uint8_t keys[24]; memcpy( keys, key_buffer, 16 ); memcpy( keys + 16, key_buffer, 8 ); - ret = mbedtls_cipher_setkey( &operation->cipher, + ret = mbedtls_cipher_setkey( &operation->ctx.cipher, keys, 192, cipher_operation ); } else #endif { - ret = mbedtls_cipher_setkey( &operation->cipher, key_buffer, + ret = mbedtls_cipher_setkey( &operation->ctx.cipher, key_buffer, (int) key_bits, cipher_operation ); } if( ret != 0 ) @@ -200,11 +198,11 @@ static psa_status_t cipher_setup( switch( alg ) { case PSA_ALG_CBC_NO_PADDING: - ret = mbedtls_cipher_set_padding_mode( &operation->cipher, + ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, MBEDTLS_PADDING_NONE ); break; case PSA_ALG_CBC_PKCS7: - ret = mbedtls_cipher_set_padding_mode( &operation->cipher, + ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, MBEDTLS_PADDING_PKCS7 ); break; default: @@ -253,7 +251,7 @@ static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, return( PSA_ERROR_INVALID_ARGUMENT ); return( mbedtls_to_psa_error( - mbedtls_cipher_set_iv( &operation->cipher, + mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length ) ) ); } @@ -362,7 +360,7 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, * the last partial block, if any. You get the data that will be * output in this call. */ expected_output_size = - ( operation->cipher.unprocessed_len + input_length ) + ( operation->ctx.cipher.unprocessed_len + input_length ) / operation->block_length * operation->block_length; } else @@ -378,7 +376,7 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, /* mbedtls_cipher_update has an API inconsistency: it will only * process a single block at a time in ECB mode. Abstract away that * inconsistency here to match the PSA API behaviour. */ - status = psa_cipher_update_ecb( &operation->cipher, + status = psa_cipher_update_ecb( &operation->ctx.cipher, input, input_length, output, @@ -388,8 +386,11 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, else { status = mbedtls_to_psa_error( - mbedtls_cipher_update( &operation->cipher, input, + mbedtls_cipher_update( &operation->ctx.cipher, input, input_length, output, output_length ) ); + + if( *output_length > output_size ) + return( PSA_ERROR_CORRUPTION_DETECTED ); } return( status ); @@ -403,7 +404,7 @@ static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation, psa_status_t status = PSA_ERROR_GENERIC_ERROR; uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; - if( operation->cipher.unprocessed_len != 0 ) + if( operation->ctx.cipher.unprocessed_len != 0 ) { if( operation->alg == PSA_ALG_ECB_NO_PADDING || operation->alg == PSA_ALG_CBC_NO_PADDING ) @@ -414,7 +415,7 @@ static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation, } status = mbedtls_to_psa_error( - mbedtls_cipher_finish( &operation->cipher, + mbedtls_cipher_finish( &operation->ctx.cipher, temp_output_buffer, output_length ) ); if( status != PSA_SUCCESS ) @@ -441,10 +442,112 @@ static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation ) if( ! PSA_ALG_IS_CIPHER( operation->alg ) ) return( PSA_ERROR_BAD_STATE ); - mbedtls_cipher_free( &operation->cipher ); + mbedtls_cipher_free( &operation->ctx.cipher ); return( PSA_SUCCESS ); } + +static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; + size_t olength, accumulated_length; + + status = cipher_encrypt_setup( &operation, attributes, + key_buffer, key_buffer_size, alg ); + if( status != PSA_SUCCESS ) + goto exit; + + accumulated_length = 0; + if( operation.iv_length > 0 ) + { + status = cipher_set_iv( &operation, output, operation.iv_length ); + if( status != PSA_SUCCESS ) + goto exit; + + accumulated_length = operation.iv_length; + } + + status = cipher_update( &operation, input, input_length, + output + operation.iv_length, + output_size - operation.iv_length, + &olength ); + if( status != PSA_SUCCESS ) + goto exit; + + accumulated_length += olength; + + status = cipher_finish( &operation, output + accumulated_length, + output_size - accumulated_length, &olength ); + if( status != PSA_SUCCESS ) + goto exit; + + *output_length = accumulated_length + olength; + +exit: + if( status == PSA_SUCCESS ) + status = cipher_abort( &operation ); + else + cipher_abort( &operation ); + return( status ); +} + +static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; + size_t olength, accumulated_length; + + status = cipher_decrypt_setup( &operation, attributes, + key_buffer, key_buffer_size, alg ); + if( status != PSA_SUCCESS ) + goto exit; + + if( operation.iv_length > 0 ) + { + status = cipher_set_iv( &operation, input, operation.iv_length ); + if( status != PSA_SUCCESS ) + goto exit; + } + + status = cipher_update( &operation, input + operation.iv_length, + input_length - operation.iv_length, + output, output_size, &olength ); + if( status != PSA_SUCCESS ) + goto exit; + + accumulated_length = olength; + + status = cipher_finish( &operation, output + accumulated_length, + output_size - accumulated_length, &olength ); + if( status != PSA_SUCCESS ) + goto exit; + + *output_length = accumulated_length + olength; + +exit: + if ( status == PSA_SUCCESS ) + status = cipher_abort( &operation ); + else + cipher_abort( &operation ); + return( status ); +} #endif /* MBEDTLS_PSA_BUILTIN_CIPHER || PSA_CRYPTO_DRIVER_TEST */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -498,6 +601,36 @@ psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation { return( cipher_abort( operation ) ); } + +psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + return( cipher_encrypt( attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +} + +psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + return( cipher_decrypt( attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +} #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ /* @@ -553,6 +686,38 @@ psa_status_t mbedtls_transparent_test_driver_cipher_abort( { return( cipher_abort( operation ) ); } + +psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + return( cipher_encrypt( attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +} + +psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + return( cipher_decrypt( attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +} #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 3e1a7a0de..5971e8d3f 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -199,6 +199,111 @@ psa_status_t mbedtls_psa_cipher_finish( */ psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation ); +/** Encrypt a message using a symmetric cipher. + * + * \note The signature of this function is that of a PSA driver + * cipher_encrypt entry point. This function behaves as a + * cipher_encrypt entry point as defined in the PSA driver + * interface specification for transparent drivers. + * + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] key_buffer The buffer containing the key context. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[in] alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[in] input Buffer containing the message to encrypt. + * \param[in] input_length Size of the \p input buffer in bytes. + * \param[in,out] output Buffer where the output is to be written. + * The core has generated and written the IV + * at the beginning of this buffer before + * this function is called. The size of the IV + * is PSA_CIPHER_IV_LENGTH( key_type, alg ) where + * \c key_type is the type of the key identified + * by \p key and \p alg is the cipher algorithm + * to compute. + * \param[in] output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes that make up + * the returned output. Initialized to zero + * by the core. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size of \p iv is not acceptable for the chosen algorithm, + * or the chosen algorithm does not use an IV. + * The total input size passed to this operation is not valid for + * this particular algorithm. For example, the algorithm is a based + * on block cipher and requires a whole number of blocks, but the + * total input size is not a multiple of the block size. + * \retval #PSA_ERROR_INVALID_PADDING + * This is a decryption operation for an algorithm that includes + * padding, and the ciphertext does not contain valid padding. + */ +psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + +/** Decrypt a message using a symmetric cipher. + * + * \note The signature of this function is that of a PSA driver + * cipher_decrypt entry point. This function behaves as a + * cipher_decrypt entry point as defined in the PSA driver + * interface specification for transparent drivers. + * + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] key_buffer The buffer containing the key context. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[in] alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[in] input Buffer containing the iv and the ciphertext. + * \param[in] input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the output is to be written. + * \param[in] output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes that make up + * the returned output. Initialized to zero + * by the core. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size of \p iv is not acceptable for the chosen algorithm, + * or the chosen algorithm does not use an IV. + * The total input size passed to this operation is not valid for + * this particular algorithm. For example, the algorithm is a based + * on block cipher and requires a whole number of blocks, but the + * total input size is not a multiple of the block size. + * \retval #PSA_ERROR_INVALID_PADDING + * This is a decryption operation for an algorithm that includes + * padding, and the ciphertext does not contain valid padding. + */ +psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + /* * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ @@ -231,6 +336,28 @@ psa_status_t mbedtls_transparent_test_driver_cipher_finish( psa_status_t mbedtls_transparent_test_driver_cipher_abort( mbedtls_psa_cipher_operation_t *operation ); + +psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + +psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_CIPHER_H */ diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 19260c45e..38d0e300e 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -737,7 +737,9 @@ psa_status_t psa_driver_wrapper_get_builtin_key( * Cipher functions */ psa_status_t psa_driver_wrapper_cipher_encrypt( - psa_key_slot_t *slot, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -745,22 +747,20 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( size_t output_size, size_t *output_length ) { -#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) - psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime); - psa_key_attributes_t attributes = { - .core = slot->attr - }; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); switch( location ) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_cipher_encrypt( &attributes, - slot->key.data, - slot->key.bytes, + status = mbedtls_test_transparent_cipher_encrypt( attributes, + key_buffer, + key_buffer_size, alg, input, input_length, @@ -771,14 +771,29 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); #endif /* PSA_CRYPTO_DRIVER_TEST */ - /* Fell through, meaning no accelerator supports this operation */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + +#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_encrypt( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + output, + output_size, + output_length ) ); +#else return( PSA_ERROR_NOT_SUPPORTED ); +#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ + /* Add cases for opaque driver here */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_cipher_encrypt( &attributes, - slot->key.data, - slot->key.bytes, + return( mbedtls_test_opaque_cipher_encrypt( attributes, + key_buffer, + key_buffer_size, alg, input, input_length, @@ -786,25 +801,27 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( output_size, output_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: /* Key is declared with a lifetime not known to us */ - return( status ); + (void)status; + (void)key_buffer; + (void)key_buffer_size; + (void)alg; + (void)input; + (void)input_length; + (void)output; + (void)output_size; + (void)output_length; + return( PSA_ERROR_INVALID_ARGUMENT ); } -#else /* PSA_CRYPTO_DRIVER_PRESENT */ - (void) slot; - (void) alg; - (void) input; - (void) input_length; - (void) output; - (void) output_size; - (void) output_length; - - return( PSA_ERROR_NOT_SUPPORTED ); -#endif /* PSA_CRYPTO_DRIVER_PRESENT */ } psa_status_t psa_driver_wrapper_cipher_decrypt( - psa_key_slot_t *slot, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -812,22 +829,20 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( size_t output_size, size_t *output_length ) { -#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) - psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime); - psa_key_attributes_t attributes = { - .core = slot->attr - }; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); switch( location ) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_cipher_decrypt( &attributes, - slot->key.data, - slot->key.bytes, + status = mbedtls_test_transparent_cipher_decrypt( attributes, + key_buffer, + key_buffer_size, alg, input, input_length, @@ -838,14 +853,29 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); #endif /* PSA_CRYPTO_DRIVER_TEST */ - /* Fell through, meaning no accelerator supports this operation */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + +#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_decrypt( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + output, + output_size, + output_length ) ); +#else return( PSA_ERROR_NOT_SUPPORTED ); +#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ + /* Add cases for opaque driver here */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_cipher_decrypt( &attributes, - slot->key.data, - slot->key.bytes, + return( mbedtls_test_opaque_cipher_decrypt( attributes, + key_buffer, + key_buffer_size, alg, input, input_length, @@ -853,21 +883,21 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( output_size, output_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: /* Key is declared with a lifetime not known to us */ - return( status ); + (void)status; + (void)key_buffer; + (void)key_buffer_size; + (void)alg; + (void)input; + (void)input_length; + (void)output; + (void)output_size; + (void)output_length; + return( PSA_ERROR_INVALID_ARGUMENT ); } -#else /* PSA_CRYPTO_DRIVER_PRESENT */ - (void) slot; - (void) alg; - (void) input; - (void) input_length; - (void) output; - (void) output_size; - (void) output_length; - - return( PSA_ERROR_NOT_SUPPORTED ); -#endif /* PSA_CRYPTO_DRIVER_PRESENT */ } psa_status_t psa_driver_wrapper_cipher_encrypt_setup( diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 732ed2a7f..38a6ee82a 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -98,7 +98,9 @@ psa_status_t psa_driver_wrapper_get_builtin_key( * Cipher functions */ psa_status_t psa_driver_wrapper_cipher_encrypt( - psa_key_slot_t *slot, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -107,7 +109,9 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( size_t *output_length ); psa_status_t psa_driver_wrapper_cipher_decrypt( - psa_key_slot_t *slot, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 9c95cc8f8..89a7b5994 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -35,26 +35,19 @@ mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks = MBEDTLS_TEST_DRIVER_CIPHER_INIT; -static psa_status_t mbedtls_test_transparent_cipher_oneshot( - mbedtls_operation_t direction, +psa_status_t mbedtls_test_transparent_cipher_encrypt( const psa_key_attributes_t *attributes, - const uint8_t *key, size_t key_length, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length) + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) { mbedtls_test_driver_cipher_hooks.hits++; - /* Test driver supports AES-CTR only, to verify operation calls. */ - if( alg != PSA_ALG_CTR || - psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) - return( PSA_ERROR_NOT_SUPPORTED ); - - /* If test driver response code is not SUCCESS, we can return early */ - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); - - /* If test driver output is overridden, we don't need to do actual crypto */ if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) { if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) @@ -68,133 +61,50 @@ static psa_status_t mbedtls_test_transparent_cipher_oneshot( return( mbedtls_test_driver_cipher_hooks.forced_status ); } - /* Run AES-CTR using the cipher module */ - { - mbedtls_test_rnd_pseudo_info rnd_info; - memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); - const mbedtls_cipher_info_t *cipher_info = - mbedtls_cipher_info_from_values( MBEDTLS_CIPHER_ID_AES, - key_length * 8, - MBEDTLS_MODE_CTR ); - mbedtls_cipher_context_t cipher; - int ret = 0; - uint8_t temp_output_buffer[16] = {0}; - size_t temp_output_length = 0; + psa_generate_random( output, PSA_CIPHER_IV_LENGTH( attributes->core.type, alg ) ); - if( direction == MBEDTLS_ENCRYPT ) - { - /* Oneshot encrypt needs to prepend the IV to the output */ - if( output_size < ( input_length + 16 ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - } - else - { - /* Oneshot decrypt has the IV prepended to the input */ - if( output_size < ( input_length - 16 ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - } - - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - - mbedtls_cipher_init( &cipher ); - ret = mbedtls_cipher_setup( &cipher, cipher_info ); - if( ret != 0 ) - goto exit; - - ret = mbedtls_cipher_setkey( &cipher, - key, - key_length * 8, direction ); - if( ret != 0 ) - goto exit; - - if( direction == MBEDTLS_ENCRYPT ) - { - mbedtls_test_rnd_pseudo_info rnd_info; - memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) ); - - ret = mbedtls_test_rnd_pseudo_rand( &rnd_info, - temp_output_buffer, - 16 ); - if( ret != 0 ) - goto exit; - - ret = mbedtls_cipher_set_iv( &cipher, temp_output_buffer, 16 ); - } - else - ret = mbedtls_cipher_set_iv( &cipher, input, 16 ); - - if( ret != 0 ) - goto exit; - - if( direction == MBEDTLS_ENCRYPT ) - { - ret = mbedtls_cipher_update( &cipher, - input, input_length, - &output[16], output_length ); - if( ret == 0 ) - { - memcpy( output, temp_output_buffer, 16 ); - *output_length += 16; - } - } - else - ret = mbedtls_cipher_update( &cipher, - &input[16], input_length - 16, - output, output_length ); - - if( ret != 0 ) - goto exit; - - ret = mbedtls_cipher_finish( &cipher, - temp_output_buffer, - &temp_output_length ); - -exit: - if( ret != 0 ) - { - *output_length = 0; - memset(output, 0, output_size); - } - - mbedtls_cipher_free( &cipher ); - return( mbedtls_to_psa_error( ret ) ); - } -} - -psa_status_t mbedtls_test_transparent_cipher_encrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key, size_t key_length, - psa_algorithm_t alg, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length) -{ - return ( - mbedtls_test_transparent_cipher_oneshot( - MBEDTLS_ENCRYPT, - attributes, - key, key_length, - alg, - input, input_length, - output, output_size, output_length) ); + return( mbedtls_transparent_test_driver_cipher_encrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); } psa_status_t mbedtls_test_transparent_cipher_decrypt( const psa_key_attributes_t *attributes, - const uint8_t *key, size_t key_length, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length) + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) { - return ( - mbedtls_test_transparent_cipher_oneshot( - MBEDTLS_DECRYPT, - attributes, - key, key_length, - alg, - input, input_length, - output, output_size, output_length) ); + mbedtls_test_driver_cipher_hooks.hits++; + + if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) + { + if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length ); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; + + return( mbedtls_test_driver_cipher_hooks.forced_status ); + } + + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); + + return( mbedtls_transparent_test_driver_cipher_decrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); } psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 47c5b25be..8671e3718 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1459,132 +1459,292 @@ depends_on:MBEDTLS_CIPHER_MODE_CTR cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED PSA cipher setup: incompatible key ChaCha20 for CTR -depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR +depends_on:PSA_WANT_KEY_TYPE_CHACHA20:MBEDTLS_CIPHER_MODE_CTR # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here cipher_setup:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED PSA cipher: bad order function calls cipher_bad_order: -PSA symmetric encrypt: AES-ECB, 0 bytes, good +PSA cipher encrypt: without initialization depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS +cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":PSA_ERROR_BAD_STATE -PSA symmetric encrypt: AES-ECB, 16 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS +PSA cipher encrypt: invalid key type +depends_on:PSA_WANT_ALG_ECB_NO_PADDING +cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED -PSA symmetric encrypt: AES-ECB, 32 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS +PSA cipher encrypt: incompatible key ChaCha20 for CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CHACHA20 +# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here +cipher_encrypt_fail:PSA_ALG_CTR:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":"":PSA_ERROR_NOT_SUPPORTED -PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS +PSA cipher encrypt: bad algorithm (unknown cipher algorithm) +depends_on:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_fail:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED -PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS - -PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS +PSA cipher encrypt: bad algorithm (not a cipher algorithm) +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_MD5 +cipher_encrypt_fail:PSA_ALG_MD5:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":PSA_ERROR_INVALID_ARGUMENT PSA symmetric encrypt: AES-ECB, input too short (15 bytes) depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":"":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT PSA symmetric encrypt: AES-CBC-nopad, input too short depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT -PSA symmetric encrypt: AES-CTR, 16 bytes, good -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"" -PSA symmetric encrypt: AES-CTR, 15 bytes, good -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS +PSA symmetric encrypt: AES-ECB, 16 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97" -PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS - -PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS - -PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS +PSA symmetric encrypt: AES-ECB, 32 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1" PSA symmetric encrypt: 2-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":"5d0652429c5b0ac7":PSA_SUCCESS +cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"c78e2b38139610e3":"5d0652429c5b0ac7" PSA symmetric encrypt: 3-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":"817ca7d69b80d86a":PSA_SUCCESS +cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"c78e2b38139610e3":"817ca7d69b80d86a" -PSA symmetric decrypt: AES-ECB, 0 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS - -PSA symmetric decrypt: AES-ECB, 16 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS - -PSA symmetric decrypt: AES-ECB, 32 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS - -PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good +PSA symmetric encrypt validation: AES-CBC-nopad, 16 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS +cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good +PSA symmetric encrypt validation: AES-CBC-PKCS#7, 16 bytes, good depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS +cipher_encrypt_validation:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good +PSA symmetric encrypt validation: AES-CBC-PKCS#7, 15 bytes, good depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS +cipher_encrypt_validation:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" + +PSA symmetric encrypt validation: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" + +PSA symmetric encrypt validation: AES-CTR, 15 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" + +PSA symmetric encrypt validation: DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9" + +PSA symmetric encrypt validation: 2-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9" + +PSA symmetric encrypt validation: 3-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9" + +PSA symmetric encrypt multipart: AES-ECB, 0 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-ECB, 16 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-ECB, 32 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":32:32:0:"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CBC-nopad, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 15 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:0:0:"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-ECB, input too short (15 bytes) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":0:0:0:"":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric encrypt multipart: AES-CBC-nopad, input too short +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":0:0:0:"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS + +PSA symmetric encrypt multipart: DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"64f917b0152f8f05":PSA_SUCCESS + +PSA symmetric encrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"5d0652429c5b0ac7":PSA_SUCCESS + +PSA symmetric encrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"817ca7d69b80d86a":PSA_SUCCESS + +PSA symmetric encrypt multipart: 2-key 3DES-ECB, 8 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":8:8:0:"5d0652429c5b0ac7":PSA_SUCCESS + +PSA symmetric encrypt multipart: 3-key 3DES-ECB, 8 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":8:8:0:"817ca7d69b80d86a":PSA_SUCCESS + +PSA cipher decrypt: without initialization +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":"":PSA_ERROR_BAD_STATE + +PSA cipher decrypt: invalid key type +depends_on:PSA_WANT_ALG_ECB_NO_PADDING +cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED + +PSA cipher decrypt: incompatible key ChaCha20 for CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CHACHA20 +# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here +cipher_decrypt_fail:PSA_ALG_CTR:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED + +PSA cipher decrypt: bad algorithm (unknown cipher algorithm) +cipher_decrypt_fail:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED + +PSA cipher decrypt: bad algorithm (not a cipher algorithm) +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_MD5 +cipher_decrypt_fail:PSA_ALG_MD5:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes) depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT - -PSA symmetric decrypt: AES-CTR, 16 bytes, good -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS +cipher_decrypt_fail:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-ECB, input too short (15 bytes) depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT +cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes) depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +cipher_decrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric decrypt: AES-ECB, 0 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"" + +PSA symmetric decrypt: AES-ECB, 16 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f" + +PSA symmetric decrypt: AES-ECB, 32 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97" + +PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955" + +PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a" + +PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317" + +PSA symmetric decrypt: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2" PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9" PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9" PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9" PSA symmetric decrypt: 2-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3":PSA_SUCCESS +cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3" PSA symmetric decrypt: 3-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3":PSA_SUCCESS +cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3" + +PSA symmetric decrypt multipart: AES-ECB, 0 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-ECB, 16 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-ECB, 32 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":32:32:0:"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CBC-nopad, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":16:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 15 bytes, good +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":16:0:0:"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CBC-PKCS#7, input too short (15 bytes) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:0:"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-ECB, input too short (15 bytes) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":0:0:0:"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric decrypt multipart: AES-CBC-nopad, input too short (5 bytes) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":0:0:0:"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT + +PSA symmetric decrypt multipart: DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS + +PSA symmetric decrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS + +PSA symmetric decrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS + +PSA symmetric decrypt multipart: 2-key 3DES-ECB, 8 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":8:8:0:"c78e2b38139610e3":PSA_SUCCESS + +PSA symmetric decrypt multipart: 3-key 3DES-ECB, 8 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":8:8:0:"c78e2b38139610e3":PSA_SUCCESS PSA symmetric encrypt/decrypt: AES-ECB, 16 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES @@ -1608,151 +1768,171 @@ cipher_verify_output:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4 PSA symmetric encryption multipart: AES-ECB, 16+16 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c" +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS PSA symmetric encryption multipart: AES-ECB, 13+19 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":13:0:32:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c" +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":13:0:32:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS PSA symmetric encryption multipart: AES-ECB, 24+12 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":24:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c" +cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":24:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 16+16 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 12+20 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 11+5 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 16+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 12+20 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 20+12 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 12+10 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 0+15 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 15+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 0+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 16+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric decryption multipart: AES-ECB, 16+16 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-ECB, 11+21 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-ECB, 28+4 bytes depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 16+16 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 12+20 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 11+5 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 16+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 12+20 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 20+12 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 12+10 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 0+15 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 15+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 0+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 16+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS + +PSA symmetric encrypt/decrypt multipart: AES-ECB, 16 bytes, good +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_verify_output_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16 + +PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 16 bytes, good +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16 + +PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7, 16 bytes +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16 + +PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7, 15 bytes +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15 + +PSA symmetric encrypt/decrypt multipart: AES-CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_verify_output_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16 PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES @@ -1762,25 +1942,33 @@ PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 -PSA symmetric encrypt: ChaCha20, K=0 N=0 +PSA symmetric encrypt validation: ChaCha20, K=0 N=0 depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_encrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS +cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" -PSA symmetric encrypt: ChaCha20, K=rand N=rand +PSA symmetric encrypt validation: ChaCha20, K=rand N=rand depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_encrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS +cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + +PSA symmetric encrypt multipart: ChaCha20, K=0 N=0 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS + +PSA symmetric encrypt multipart: ChaCha20, K=rand N=rand +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS PSA symmetric encryption multipart: ChaCha20, 14+50 bytes depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4" +cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS -PSA symmetric decrypt: ChaCha20, K=rand N=rand +PSA symmetric decrypt multipart: ChaCha20, K=rand N=rand depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_decrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS +cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS PSA symmetric decryption multipart: ChaCha20, 14+50 bytes depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 -cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4" +cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1 depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 85999a1c8..9136cb91d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2472,10 +2472,11 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, data_t *expected_output, - int expected_status_arg ) +void cipher_encrypt_fail( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -2484,8 +2485,97 @@ void cipher_encrypt( int alg_arg, int key_type_arg, psa_status_t expected_status = expected_status_arg; unsigned char *output = NULL; size_t output_buffer_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + if ( PSA_ERROR_BAD_STATE != expected_status ) + { + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, + input->len ); + ASSERT_ALLOC( output, output_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + } + + status = psa_cipher_encrypt( key, alg, input->x, input->len, output, + output_buffer_size, &output_length ); + + TEST_EQUAL( status, expected_status ); + +exit: + mbedtls_free( output ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_encrypt_alg_without_iv( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input, + data_t *expected_output ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *output = NULL; + size_t output_buffer_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); + ASSERT_ALLOC( output, output_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output, + output_buffer_size, &output_length ) ); + TEST_ASSERT( output_length <= + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); + TEST_ASSERT( output_length <= + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); + + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, output_length ); +exit: + mbedtls_free( output ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_encrypt_validation( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg ); + unsigned char *output1 = NULL; + size_t output1_buffer_size = 0; + size_t output1_length = 0; + unsigned char *output2 = NULL; + size_t output2_buffer_size = 0; + size_t output2_length = 0; size_t function_output_length = 0; - size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -2495,53 +2585,55 @@ void cipher_encrypt( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); + output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); + output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + + PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); + ASSERT_ALLOC( output1, output1_buffer_size ); + ASSERT_ALLOC( output2, output2_buffer_size ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - - if( iv->len > 0 ) - { - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - } - - output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_ASSERT( output_buffer_size <= + /* The one-shot cipher encryption uses generated iv so validating + the output is not possible. Validating with multipart encryption. */ + PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1, + output1_buffer_size, &output1_length ) ); + TEST_ASSERT( output1_length <= + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); + TEST_ASSERT( output1_length <= PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); - ASSERT_ALLOC( output, output_buffer_size ); + + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) ); PSA_ASSERT( psa_cipher_update( &operation, input->x, input->len, - output, output_buffer_size, + output2, output2_buffer_size, &function_output_length ) ); TEST_ASSERT( function_output_length <= PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) ); TEST_ASSERT( function_output_length <= PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); - total_output_length += function_output_length; + output2_length += function_output_length; - status = psa_cipher_finish( &operation, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ); + PSA_ASSERT( psa_cipher_finish( &operation, + output2 + output2_length, + output2_buffer_size - output2_length, + &function_output_length ) ); TEST_ASSERT( function_output_length <= PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); TEST_ASSERT( function_output_length <= PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); - total_output_length += function_output_length; + output2_length += function_output_length; - TEST_EQUAL( status, expected_status ); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); - } + PSA_ASSERT( psa_cipher_abort( &operation ) ); + ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size, + output2, output2_length ); exit: psa_cipher_abort( &operation ); - mbedtls_free( output ); + mbedtls_free( output1 ); + mbedtls_free( output2 ); psa_destroy_key( key ); PSA_DONE( ); } @@ -2553,11 +2645,14 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, data_t *input, int first_part_size_arg, int output1_length_arg, int output2_length_arg, - data_t *expected_output ) + data_t *expected_output, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t status; + psa_status_t expected_status = expected_status_arg; size_t first_part_size = first_part_size_arg; size_t output1_length = output1_length_arg; size_t output2_length = output2_length_arg; @@ -2584,9 +2679,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); } - output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_ASSERT( output_buffer_size <= - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); + output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + + PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( first_part_size <= input->len ); @@ -2600,36 +2694,44 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size) ); total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output2_length ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - input->len - first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); - total_output_length += function_output_length; + if( first_part_size < input->len ) + { + PSA_ASSERT( psa_cipher_update( &operation, + input->x + first_part_size, + input->len - first_part_size, + ( output_buffer_size == 0 ? NULL : + output + total_output_length ), + output_buffer_size - total_output_length, + &function_output_length ) ); + TEST_ASSERT( function_output_length == output2_length ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, + alg, + input->len - first_part_size ) ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); + total_output_length += function_output_length; + } - PSA_ASSERT( psa_cipher_finish( &operation, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); + status = psa_cipher_finish( &operation, + ( output_buffer_size == 0 ? NULL : + output + total_output_length ), + output_buffer_size - total_output_length, + &function_output_length ); TEST_ASSERT( function_output_length <= PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); TEST_ASSERT( function_output_length <= PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); + TEST_EQUAL( status, expected_status ); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + if( expected_status == PSA_SUCCESS ) + { + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, total_output_length ); + } exit: psa_cipher_abort( &operation ); @@ -2645,11 +2747,14 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, data_t *input, int first_part_size_arg, int output1_length_arg, int output2_length_arg, - data_t *expected_output ) + data_t *expected_output, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t status; + psa_status_t expected_status = expected_status_arg; size_t first_part_size = first_part_size_arg; size_t output1_length = output1_length_arg; size_t output2_length = output2_length_arg; @@ -2676,9 +2781,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); } - output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_ASSERT( output_buffer_size <= - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input->len ) ); + output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + + PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( first_part_size <= input->len ); @@ -2693,94 +2797,25 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) ); total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output2_length ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - input->len - first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); - total_output_length += function_output_length; - - PSA_ASSERT( psa_cipher_finish( &operation, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); - - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); - -exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void cipher_decrypt( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, data_t *expected_output, - int expected_status_arg ) -{ - mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; - psa_status_t status; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - psa_status_t expected_status = expected_status_arg; - unsigned char *output = NULL; - size_t output_buffer_size = 0; - size_t function_output_length = 0; - size_t total_output_length = 0; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - - if( iv->len > 0 ) + if( first_part_size < input->len ) { - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); + PSA_ASSERT( psa_cipher_update( &operation, + input->x + first_part_size, + input->len - first_part_size, + ( output_buffer_size == 0 ? NULL : + output + total_output_length ), + output_buffer_size - total_output_length, + &function_output_length ) ); + TEST_ASSERT( function_output_length == output2_length ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, + alg, + input->len - first_part_size ) ); + TEST_ASSERT( function_output_length <= + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); + total_output_length += function_output_length; } - output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_ASSERT( output_buffer_size <= - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input->len ) ); - ASSERT_ALLOC( output, output_buffer_size ); - - PSA_ASSERT( psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); - total_output_length += function_output_length; - status = psa_cipher_finish( &operation, ( output_buffer_size == 0 ? NULL : output + total_output_length ), @@ -2796,6 +2831,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { PSA_ASSERT( psa_cipher_abort( &operation ) ); + ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); } @@ -2809,25 +2845,132 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_verify_output( int alg_arg, int key_type_arg, +void cipher_decrypt_fail( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + int expected_status_arg ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_status_t status; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; + unsigned char *input = NULL; + size_t input_buffer_size = 0; + unsigned char *output = NULL; + size_t output_buffer_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + if ( PSA_ERROR_BAD_STATE != expected_status ) + { + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + } + + /* Allocate input buffer and copy the iv and the plaintext */ + input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); + if ( input_buffer_size > 0 ) + { + ASSERT_ALLOC( input, input_buffer_size ); + memcpy( input, iv->x, iv->len ); + memcpy( input + iv->len, input_arg->x, input_arg->len ); + } + + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); + ASSERT_ALLOC( output, output_buffer_size ); + + status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length ); + TEST_EQUAL( status, expected_status ); + +exit: + mbedtls_free( input ); + mbedtls_free( output ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_decrypt( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + data_t *expected_output ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *input = NULL; + size_t input_buffer_size = 0; + unsigned char *output = NULL; + size_t output_buffer_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + /* Allocate input buffer and copy the iv and the plaintext */ + input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); + if ( input_buffer_size > 0 ) + { + ASSERT_ALLOC( input, input_buffer_size ); + memcpy( input, iv->x, iv->len ); + memcpy( input + iv->len, input_arg->x, input_arg->len ); + } + + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); + ASSERT_ALLOC( output, output_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + PSA_ASSERT( psa_cipher_decrypt( key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length ) ); + TEST_ASSERT( output_length <= + PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ) ); + TEST_ASSERT( output_length <= + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input_buffer_size ) ); + + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, output_length ); +exit: + mbedtls_free( input ); + mbedtls_free( output ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_verify_output( int alg_arg, + int key_type_arg, data_t *key_data, data_t *input ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char iv[16] = {0}; - size_t iv_size = 16; - size_t iv_length = 0; unsigned char *output1 = NULL; size_t output1_size = 0; size_t output1_length = 0; unsigned char *output2 = NULL; size_t output2_size = 0; size_t output2_length = 0; - size_t function_output_length = 0; - psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT; - psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -2838,82 +2981,31 @@ void cipher_verify_output( int alg_arg, int key_type_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); - - PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) ); - - if( alg != PSA_ALG_ECB_NO_PADDING ) - { - PSA_ASSERT( psa_cipher_generate_iv( &operation1, - iv, iv_size, - &iv_length ) ); - } output1_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_ASSERT( output1_size <= - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); ASSERT_ALLOC( output1, output1_size ); - PSA_ASSERT( psa_cipher_update( &operation1, input->x, input->len, - output1, output1_size, - &output1_length ) ); + PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, + output1, output1_size, + &output1_length ) ); TEST_ASSERT( output1_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) ); + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); TEST_ASSERT( output1_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); - - PSA_ASSERT( psa_cipher_finish( &operation1, - output1 + output1_length, - output1_size - output1_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); - - output1_length += function_output_length; - - PSA_ASSERT( psa_cipher_abort( &operation1 ) ); + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); output2_size = output1_length; - TEST_ASSERT( output2_size <= - PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) ); - TEST_ASSERT( output2_size <= - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) ); ASSERT_ALLOC( output2, output2_size ); - if( iv_length > 0 ) - { - PSA_ASSERT( psa_cipher_set_iv( &operation2, - iv, iv_length ) ); - } - - PSA_ASSERT( psa_cipher_update( &operation2, output1, output1_length, - output2, output2_size, - &output2_length ) ); + PSA_ASSERT( psa_cipher_decrypt( key, alg, output1, output1_length, + output2, output2_size, + &output2_length ) ); TEST_ASSERT( output2_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, output1_length ) ); + PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) ); TEST_ASSERT( output2_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( output1_length ) ); - - function_output_length = 0; - PSA_ASSERT( psa_cipher_finish( &operation2, - output2 + output2_length, - output2_size - output2_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); - - output2_length += function_output_length; - - PSA_ASSERT( psa_cipher_abort( &operation2 ) ); + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) ); ASSERT_COMPARE( input->x, input->len, output2, output2_length ); exit: - psa_cipher_abort( &operation1 ); - psa_cipher_abort( &operation2 ); mbedtls_free( output1 ); mbedtls_free( output2 ); psa_destroy_key( key ); diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index dbc5b1f20..ead7a699d 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -117,29 +117,45 @@ export_key private to public through driver: error depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 export_key:PSA_ERROR_GENERIC_ERROR:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_ERROR_GENERIC_ERROR -PSA symmetric encrypt: AES-CTR, 16 bytes, good +PSA symmetric encrypt validation: AES-CTR, 16 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA symmetric encrypt: AES-CTR, 15 bytes, good +PSA symmetric encrypt validation: AES-CTR, 15 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" -PSA symmetric encrypt: AES-CTR, 16 bytes, fallback +PSA symmetric encrypt validation: AES-CTR, 16 bytes, fallback depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA symmetric encrypt: AES-CTR, 15 bytes, fallback +PSA symmetric encrypt validation: AES-CTR, 15 bytes, fallback depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS +cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" -PSA symmetric encrypt: AES-CTR, 16 bytes, fake +PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS -PSA symmetric encrypt: AES-CTR, 15 bytes, fake +PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fallback +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fallback +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fake +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS + +PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fake +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decrypt: AES-CTR, 16 bytes, good depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES @@ -153,77 +169,89 @@ PSA symmetric decrypt: AES-CTR, 16 bytes, fake depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS +PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fallback +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS + +PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fake +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS + PSA symmetric encryption multipart: AES-CTR, 11+5 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 16+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 12+20 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 20+12 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 12+10 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 0+15 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 15+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 0+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encryption multipart: AES-CTR, 16+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 11+5 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 16+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 12+20 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 20+12 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 12+10 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 0+15 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 15+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 0+16 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decryption multipart: AES-CTR, 16+0 bytes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS Cipher driver: negative testing on all entry points depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 3a9eff955..6d78ad51a 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -422,19 +422,111 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) +void cipher_encrypt_validation( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; - psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg ); + unsigned char *output1 = NULL; + size_t output1_buffer_size = 0; + size_t output1_length = 0; + unsigned char *output2 = NULL; + size_t output2_buffer_size = 0; + size_t output2_length = 0; + size_t function_output_length = 0; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); + output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + + PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); + ASSERT_ALLOC( output1, output1_buffer_size ); + ASSERT_ALLOC( output2, output2_buffer_size ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1, + output1_buffer_size, &output1_length ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + PSA_ASSERT( psa_cipher_update( &operation, + input->x, input->len, + output2, output2_buffer_size, + &function_output_length ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + output2_length += function_output_length; + PSA_ASSERT( psa_cipher_finish( &operation, + output2 + output2_length, + output2_buffer_size - output2_length, + &function_output_length ) ); + /* Finish will have called abort as well, so expecting two hits here */ + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + output2_length += function_output_length; + + PSA_ASSERT( psa_cipher_abort( &operation ) ); + // driver function should've been called as part of the finish() core routine + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size, + output2, output2_length ); + +exit: + psa_cipher_abort( &operation ); + mbedtls_free( output1 ); + mbedtls_free( output2 ); + psa_destroy_key( key ); + PSA_DONE( ); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_encrypt_multipart( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input, + int first_part_size_arg, + int output1_length_arg, + int output2_length_arg, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_status_t status; psa_status_t expected_status = expected_status_arg; psa_status_t force_status = force_status_arg; + size_t first_part_size = first_part_size_arg; + size_t output1_length = output1_length_arg; + size_t output2_length = output2_length_arg; unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; @@ -444,6 +536,20 @@ void cipher_encrypt( int alg_arg, int key_type_arg, mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); mbedtls_test_driver_cipher_hooks.forced_status = force_status; + /* Test operation initialization */ + mbedtls_psa_cipher_operation_t mbedtls_operation = + MBEDTLS_PSA_CIPHER_OPERATION_INIT; + + mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = + MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; + + mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = + MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; + + operation.ctx.mbedtls_ctx = mbedtls_operation; + operation.ctx.transparent_test_driver_ctx = tranparent_operation; + operation.ctx.opaque_test_driver_ctx = opaque_operation; + PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); @@ -471,36 +577,52 @@ void cipher_encrypt( int alg_arg, int key_type_arg, mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } - PSA_ASSERT( psa_cipher_update( &operation, - input->x, input->len, + TEST_ASSERT( first_part_size <= input->len ); + PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, &function_output_length ) ); TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); mbedtls_test_driver_cipher_hooks.hits = 0; + TEST_ASSERT( function_output_length == output1_length ); + total_output_length += function_output_length; + + if( first_part_size < input->len ) + { + PSA_ASSERT( psa_cipher_update( &operation, + input->x + first_part_size, + input->len - first_part_size, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + TEST_ASSERT( function_output_length == output2_length ); + total_output_length += function_output_length; + } + if( mock_output_arg ) { mbedtls_test_driver_cipher_hooks.forced_output = NULL; mbedtls_test_driver_cipher_hooks.forced_output_length = 0; } - total_output_length += function_output_length; - status = psa_cipher_finish( &operation, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ); + status = psa_cipher_finish( &operation, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length ); /* Finish will have called abort as well, so expecting two hits here */ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); - mbedtls_test_driver_cipher_hooks.hits = 0; - + mbedtls_test_driver_cipher_hooks.hits = 0 ; total_output_length += function_output_length; - TEST_EQUAL( status, expected_status ); + if( expected_status == PSA_SUCCESS ) { PSA_ASSERT( psa_cipher_abort( &operation ) ); - // driver function should've been called as part of the finish() core routine TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); } @@ -515,16 +637,25 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_multipart( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, +void cipher_decrypt_multipart( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, data_t *input, int first_part_size_arg, - int output1_length_arg, int output2_length_arg, - data_t *expected_output ) + int output1_length_arg, + int output2_length_arg, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t status; + psa_status_t expected_status = expected_status_arg; + psa_status_t force_status = force_status_arg; size_t first_part_size = first_part_size_arg; size_t output1_length = output1_length_arg; size_t output2_length = output2_length_arg; @@ -535,91 +666,21 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks.forced_status = force_status; - PSA_ASSERT( psa_crypto_init( ) ); + /* Test operation initialization */ + mbedtls_psa_cipher_operation_t mbedtls_operation = + MBEDTLS_PSA_CIPHER_OPERATION_INIT; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = + MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = + MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - output_buffer_size = ( (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); - ASSERT_ALLOC( output, output_buffer_size ); - - TEST_ASSERT( first_part_size <= input->len ); - PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - TEST_ASSERT( function_output_length == output1_length ); - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_ASSERT( function_output_length == output2_length ); - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); - /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); - mbedtls_test_driver_cipher_hooks.hits = 0 ; - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); - -exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void cipher_decrypt_multipart( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, - int first_part_size_arg, - int output1_length_arg, int output2_length_arg, - data_t *expected_output ) -{ - mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - size_t first_part_size = first_part_size_arg; - size_t output1_length = output1_length_arg; - size_t output2_length = output2_length_arg; - unsigned char *output = NULL; - size_t output_buffer_size = 0; - size_t function_output_length = 0; - size_t total_output_length = 0; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + operation.ctx.mbedtls_ctx = mbedtls_operation; + operation.ctx.transparent_test_driver_ctx = tranparent_operation; + operation.ctx.opaque_test_driver_ctx = opaque_operation; PSA_ASSERT( psa_crypto_init( ) ); @@ -635,47 +696,69 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); mbedtls_test_driver_cipher_hooks.hits = 0; output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); + if( mock_output_arg ) + { + mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; + mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; + } + TEST_ASSERT( first_part_size <= input->len ); PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); mbedtls_test_driver_cipher_hooks.hits = 0; TEST_ASSERT( function_output_length == output1_length ); total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_ASSERT( function_output_length == output2_length ); - total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); + if( first_part_size < input->len ) + { + PSA_ASSERT( psa_cipher_update( &operation, + input->x + first_part_size, + input->len - first_part_size, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; + + TEST_ASSERT( function_output_length == output2_length ); + total_output_length += function_output_length; + } + + if( mock_output_arg ) + { + mbedtls_test_driver_cipher_hooks.forced_output = NULL; + mbedtls_test_driver_cipher_hooks.forced_output_length = 0; + } + + status = psa_cipher_finish( &operation, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length ); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); mbedtls_test_driver_cipher_hooks.hits = 0; total_output_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( status, expected_status ); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + if( expected_status == PSA_SUCCESS ) + { + PSA_ASSERT( psa_cipher_abort( &operation ) ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, total_output_length ); + } exit: psa_cipher_abort( &operation ); @@ -687,9 +770,12 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, data_t *expected_output, +void cipher_decrypt( int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + data_t *expected_output, int mock_output_arg, int force_status_arg, int expected_status_arg ) @@ -700,11 +786,11 @@ void cipher_decrypt( int alg_arg, int key_type_arg, psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; psa_status_t force_status = force_status_arg; + unsigned char *input = NULL; + size_t input_buffer_size = 0; unsigned char *output = NULL; size_t output_buffer_size = 0; - size_t function_output_length = 0; - size_t total_output_length = 0; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + size_t output_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); mbedtls_test_driver_cipher_hooks.forced_status = force_status; @@ -715,62 +801,42 @@ void cipher_decrypt( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); + /* Allocate input buffer and copy the iv and the plaintext */ + input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); + if ( input_buffer_size > 0 ) + { + ASSERT_ALLOC( input, input_buffer_size ); + memcpy( input, iv->x, iv->len ); + memcpy( input + iv->len, input_arg->x, input_arg->len ); + } + + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); + ASSERT_ALLOC( output, output_buffer_size ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - output_buffer_size = ( (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); - ASSERT_ALLOC( output, output_buffer_size ); - if( mock_output_arg ) { mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } - PSA_ASSERT( psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); mbedtls_test_driver_cipher_hooks.hits = 0; - if( mock_output_arg ) - { - mbedtls_test_driver_cipher_hooks.forced_output = NULL; - mbedtls_test_driver_cipher_hooks.forced_output_length = 0; - } - - total_output_length += function_output_length; - status = psa_cipher_finish( &operation, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ); - /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); - mbedtls_test_driver_cipher_hooks.hits = 0; - - total_output_length += function_output_length; TEST_EQUAL( status, expected_status ); if( expected_status == PSA_SUCCESS ) { - PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + output, output_length ); } exit: - psa_cipher_abort( &operation ); + mbedtls_free( input ); mbedtls_free( output ); psa_destroy_key( key ); PSA_DONE( );