Merge pull request #5344 from AndrzejKurek/psa-aead-more-generate-nonce-combinations

PSA AEAD: test more combinations of generate_nonce and set_lengths
This commit is contained in:
Manuel Pégourié-Gonnard 2022-01-17 13:12:04 +01:00 committed by GitHub
commit a15503fcdd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 244 additions and 19 deletions

View file

@ -3619,6 +3619,14 @@ PSA Multipart State Checks, AES - GCM
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_state_test:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E"
PSA Multipart State Checks, AES - CCM
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_state_test:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B0C":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E"
PSA Multipart State Checks, AES - CHACHAPOLY
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305
aead_multipart_state_test:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":PSA_ALG_CHACHA20_POLY1305:"000102030405060708090A0B":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E"
PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128

View file

@ -4781,6 +4781,93 @@ void aead_multipart_state_test( int key_type_arg, data_t *key_data,
psa_aead_abort( &operation );
/* Test for generating nonce after calling set lengths */
PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len,
input_data->len ) );
PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
PSA_AEAD_NONCE_MAX_SIZE,
&nonce_length ) );
psa_aead_abort( &operation );
/* Test for generating nonce after calling set lengths with UINT32_MAX length */
PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
if( operation.alg == PSA_ALG_CCM )
{
TEST_EQUAL( psa_aead_set_lengths( &operation, UINT32_MAX,
input_data->len ),
PSA_ERROR_INVALID_ARGUMENT );
TEST_EQUAL( psa_aead_generate_nonce( &operation, nonce_buffer,
PSA_AEAD_NONCE_MAX_SIZE,
&nonce_length ),
PSA_ERROR_BAD_STATE );
}
else
{
PSA_ASSERT( psa_aead_set_lengths( &operation, UINT32_MAX,
input_data->len ) );
PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
PSA_AEAD_NONCE_MAX_SIZE,
&nonce_length ) );
}
psa_aead_abort( &operation );
/* Test for generating nonce after calling set lengths with SIZE_MAX length */
#if SIZE_MAX > UINT32_MAX
PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
if( operation.alg == PSA_ALG_CCM || operation.alg == PSA_ALG_GCM )
{
TEST_EQUAL( psa_aead_set_lengths( &operation, SIZE_MAX,
input_data->len ),
PSA_ERROR_INVALID_ARGUMENT );
TEST_EQUAL( psa_aead_generate_nonce( &operation, nonce_buffer,
PSA_AEAD_NONCE_MAX_SIZE,
&nonce_length ),
PSA_ERROR_BAD_STATE );
}
else
{
PSA_ASSERT( psa_aead_set_lengths( &operation, SIZE_MAX,
input_data->len ) );
PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
PSA_AEAD_NONCE_MAX_SIZE,
&nonce_length ) );
}
psa_aead_abort( &operation );
#endif
/* Test for calling set lengths with a length too long, after generating nonce */
PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
PSA_AEAD_NONCE_MAX_SIZE,
&nonce_length ) );
if( operation.alg == PSA_ALG_CCM )
{
TEST_EQUAL( psa_aead_set_lengths( &operation, UINT32_MAX,
input_data->len ),
PSA_ERROR_INVALID_ARGUMENT );
}
else
{
PSA_ASSERT( psa_aead_set_lengths( &operation, UINT32_MAX,
input_data->len ) );
}
psa_aead_abort( &operation );
/* ------------------------------------------------------- */
PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
@ -4820,19 +4907,28 @@ void aead_multipart_state_test( int key_type_arg, data_t *key_data,
psa_aead_abort( &operation );
/* Test for setting lengths after already starting data. */
/* Test for setting lengths after setting nonce + already starting data. */
PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x,
additional_data->len ) );
if( operation.alg == PSA_ALG_CCM )
{
TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
input_data->len ),
PSA_ERROR_BAD_STATE );
TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x,
additional_data->len ),
PSA_ERROR_BAD_STATE );
}
else
{
PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x,
additional_data->len ) );
TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
input_data->len ),
PSA_ERROR_BAD_STATE );
}
psa_aead_abort( &operation );
/* ------------------------------------------------------- */
@ -4841,14 +4937,133 @@ void aead_multipart_state_test( int key_type_arg, data_t *key_data,
PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
PSA_ASSERT( psa_aead_update( &operation, input_data->x,
input_data->len, output_data,
output_size, &output_length ) );
if( operation.alg == PSA_ALG_CCM )
{
TEST_EQUAL( psa_aead_update( &operation, input_data->x,
input_data->len, output_data,
output_size, &output_length ),
PSA_ERROR_BAD_STATE );
TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
input_data->len ),
PSA_ERROR_BAD_STATE );
}
else
{
PSA_ASSERT( psa_aead_update( &operation, input_data->x,
input_data->len, output_data,
output_size, &output_length ) );
TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
input_data->len ),
PSA_ERROR_BAD_STATE );
}
psa_aead_abort( &operation );
/* ------------------------------------------------------- */
PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
if( operation.alg == PSA_ALG_CCM )
{
PSA_ASSERT( psa_aead_finish( &operation, final_data,
finish_output_size,
&output_part_length,
tag_buffer, tag_length,
&tag_size ) );
}
else
{
PSA_ASSERT( psa_aead_finish( &operation, final_data,
finish_output_size,
&output_part_length,
tag_buffer, tag_length,
&tag_size ) );
TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
input_data->len ),
PSA_ERROR_BAD_STATE );
}
psa_aead_abort( &operation );
/* Test for setting lengths after generating nonce + already starting data. */
PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
PSA_AEAD_NONCE_MAX_SIZE,
&nonce_length ) );
if( operation.alg == PSA_ALG_CCM )
{
TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x,
additional_data->len ),
PSA_ERROR_BAD_STATE );
}
else
{
PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x,
additional_data->len ) );
TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
input_data->len ),
PSA_ERROR_BAD_STATE );
}
psa_aead_abort( &operation );
/* ------------------------------------------------------- */
PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
PSA_AEAD_NONCE_MAX_SIZE,
&nonce_length ) );
if( operation.alg == PSA_ALG_CCM )
{
TEST_EQUAL( psa_aead_update( &operation, input_data->x,
input_data->len, output_data,
output_size, &output_length ),
PSA_ERROR_BAD_STATE );
}
else
{
PSA_ASSERT( psa_aead_update( &operation, input_data->x,
input_data->len, output_data,
output_size, &output_length ) );
TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
input_data->len ),
PSA_ERROR_BAD_STATE );
}
psa_aead_abort( &operation );
/* ------------------------------------------------------- */
PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
PSA_AEAD_NONCE_MAX_SIZE,
&nonce_length ) );
if( operation.alg == PSA_ALG_CCM )
{
PSA_ASSERT( psa_aead_finish( &operation, final_data,
finish_output_size,
&output_part_length,
tag_buffer, tag_length,
&tag_size ) );
}
else
{
PSA_ASSERT( psa_aead_finish( &operation, final_data,
finish_output_size,
&output_part_length,
tag_buffer, tag_length,
&tag_size ) );
TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
input_data->len ),
PSA_ERROR_BAD_STATE );
}
psa_aead_abort( &operation );
/* Test for not sending any additional data or data after setting non zero
@ -5004,14 +5219,16 @@ void aead_multipart_state_test( int key_type_arg, data_t *key_data,
PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
PSA_ASSERT( psa_aead_update( &operation, input_data->x,
input_data->len, output_data,
output_size, &output_length ) );
TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x,
additional_data->len ),
PSA_ERROR_BAD_STATE );
if( operation.alg != PSA_ALG_CCM )
{
PSA_ASSERT( psa_aead_update( &operation, input_data->x,
input_data->len, output_data,
output_size, &output_length ) );
TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x,
additional_data->len ),
PSA_ERROR_BAD_STATE );
}
psa_aead_abort( &operation );
/* Test calling finish on decryption. */