From ad837528110ee5d3a6b17567ac9be9b3904f6afb Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 15 Dec 2021 15:28:49 +0100 Subject: [PATCH] PSA AEAD: test more combinations of generate_nonce and set_lengths Extend PSA AEAD testing by adding CCM and ChaChaPoly. Add more combinations of functions to test the API. Signed-off-by: Andrzej Kurek --- tests/suites/test_suite_psa_crypto.data | 8 + tests/suites/test_suite_psa_crypto.function | 255 ++++++++++++++++++-- 2 files changed, 244 insertions(+), 19 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c45f9f088..8088cbb7c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3619,6 +3619,14 @@ PSA Multipart State Checks, AES - GCM depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_state_test:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E" +PSA Multipart State Checks, AES - CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_state_test:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B0C":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E" + +PSA Multipart State Checks, AES - CHACHAPOLY +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305 +aead_multipart_state_test:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":PSA_ALG_CHACHA20_POLY1305:"000102030405060708090A0B":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E" + PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b6222b9d2..958d2c3c0 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4770,6 +4770,93 @@ void aead_multipart_state_test( int key_type_arg, data_t *key_data, psa_aead_abort( &operation ); + /* Test for generating nonce after calling set lengths */ + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ) ); + + PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer, + PSA_AEAD_NONCE_MAX_SIZE, + &nonce_length ) ); + + psa_aead_abort( &operation ); + + /* Test for generating nonce after calling set lengths with UINT32_MAX length */ + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + if( operation.alg == PSA_ALG_CCM ) + { + TEST_EQUAL( psa_aead_set_lengths( &operation, UINT32_MAX, + input_data->len ), + PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL( psa_aead_generate_nonce( &operation, nonce_buffer, + PSA_AEAD_NONCE_MAX_SIZE, + &nonce_length ), + PSA_ERROR_BAD_STATE ); + } + else + { + PSA_ASSERT( psa_aead_set_lengths( &operation, UINT32_MAX, + input_data->len ) ); + PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer, + PSA_AEAD_NONCE_MAX_SIZE, + &nonce_length ) ); + } + + psa_aead_abort( &operation ); + + /* Test for generating nonce after calling set lengths with SIZE_MAX length */ +#if SIZE_MAX > UINT32_MAX + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + if( operation.alg == PSA_ALG_CCM || operation.alg == PSA_ALG_GCM ) + { + TEST_EQUAL( psa_aead_set_lengths( &operation, SIZE_MAX, + input_data->len ), + PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL( psa_aead_generate_nonce( &operation, nonce_buffer, + PSA_AEAD_NONCE_MAX_SIZE, + &nonce_length ), + PSA_ERROR_BAD_STATE ); + } + else + { + PSA_ASSERT( psa_aead_set_lengths( &operation, SIZE_MAX, + input_data->len ) ); + PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer, + PSA_AEAD_NONCE_MAX_SIZE, + &nonce_length ) ); + } + + psa_aead_abort( &operation ); +#endif + + /* Test for calling set lengths with a length too long, after generating nonce */ + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer, + PSA_AEAD_NONCE_MAX_SIZE, + &nonce_length ) ); + + if( operation.alg == PSA_ALG_CCM ) + { + TEST_EQUAL( psa_aead_set_lengths( &operation, UINT32_MAX, + input_data->len ), + PSA_ERROR_INVALID_ARGUMENT ); + } + else + { + PSA_ASSERT( psa_aead_set_lengths( &operation, UINT32_MAX, + input_data->len ) ); + } + + psa_aead_abort( &operation ); + + /* ------------------------------------------------------- */ PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); @@ -4809,19 +4896,28 @@ void aead_multipart_state_test( int key_type_arg, data_t *key_data, psa_aead_abort( &operation ); - /* Test for setting lengths after already starting data. */ + /* Test for setting lengths after setting nonce + already starting data. */ PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); - PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x, - additional_data->len ) ); + if( operation.alg == PSA_ALG_CCM ) + { - TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, - input_data->len ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x, + additional_data->len ), + PSA_ERROR_BAD_STATE ); + } + else + { + PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x, + additional_data->len ) ); + TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ), + PSA_ERROR_BAD_STATE ); + } psa_aead_abort( &operation ); /* ------------------------------------------------------- */ @@ -4830,14 +4926,133 @@ void aead_multipart_state_test( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); - PSA_ASSERT( psa_aead_update( &operation, input_data->x, - input_data->len, output_data, - output_size, &output_length ) ); + if( operation.alg == PSA_ALG_CCM ) + { + TEST_EQUAL( psa_aead_update( &operation, input_data->x, + input_data->len, output_data, + output_size, &output_length ), + PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, - input_data->len ), - PSA_ERROR_BAD_STATE ); + } + else + { + PSA_ASSERT( psa_aead_update( &operation, input_data->x, + input_data->len, output_data, + output_size, &output_length ) ); + TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ), + PSA_ERROR_BAD_STATE ); + } + psa_aead_abort( &operation ); + + /* ------------------------------------------------------- */ + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); + + if( operation.alg == PSA_ALG_CCM ) + { + PSA_ASSERT( psa_aead_finish( &operation, final_data, + finish_output_size, + &output_part_length, + tag_buffer, tag_length, + &tag_size ) ); + } + else + { + PSA_ASSERT( psa_aead_finish( &operation, final_data, + finish_output_size, + &output_part_length, + tag_buffer, tag_length, + &tag_size ) ); + + TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ), + PSA_ERROR_BAD_STATE ); + } + psa_aead_abort( &operation ); + + /* Test for setting lengths after generating nonce + already starting data. */ + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer, + PSA_AEAD_NONCE_MAX_SIZE, + &nonce_length ) ); + if( operation.alg == PSA_ALG_CCM ) + { + + TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x, + additional_data->len ), + PSA_ERROR_BAD_STATE ); + } + else + { + PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x, + additional_data->len ) ); + + TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ), + PSA_ERROR_BAD_STATE ); + } + psa_aead_abort( &operation ); + + /* ------------------------------------------------------- */ + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer, + PSA_AEAD_NONCE_MAX_SIZE, + &nonce_length ) ); + if( operation.alg == PSA_ALG_CCM ) + { + TEST_EQUAL( psa_aead_update( &operation, input_data->x, + input_data->len, output_data, + output_size, &output_length ), + PSA_ERROR_BAD_STATE ); + + } + else + { + PSA_ASSERT( psa_aead_update( &operation, input_data->x, + input_data->len, output_data, + output_size, &output_length ) ); + + TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ), + PSA_ERROR_BAD_STATE ); + } + psa_aead_abort( &operation ); + + /* ------------------------------------------------------- */ + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer, + PSA_AEAD_NONCE_MAX_SIZE, + &nonce_length ) ); + if( operation.alg == PSA_ALG_CCM ) + { + PSA_ASSERT( psa_aead_finish( &operation, final_data, + finish_output_size, + &output_part_length, + tag_buffer, tag_length, + &tag_size ) ); + } + else + { + PSA_ASSERT( psa_aead_finish( &operation, final_data, + finish_output_size, + &output_part_length, + tag_buffer, tag_length, + &tag_size ) ); + + TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ), + PSA_ERROR_BAD_STATE ); + } psa_aead_abort( &operation ); /* Test for not sending any additional data or data after setting non zero @@ -4993,14 +5208,16 @@ void aead_multipart_state_test( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); - PSA_ASSERT( psa_aead_update( &operation, input_data->x, - input_data->len, output_data, - output_size, &output_length ) ); - - TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x, - additional_data->len ), - PSA_ERROR_BAD_STATE ); + if( operation.alg != PSA_ALG_CCM ) + { + PSA_ASSERT( psa_aead_update( &operation, input_data->x, + input_data->len, output_data, + output_size, &output_length ) ); + TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x, + additional_data->len ), + PSA_ERROR_BAD_STATE ); + } psa_aead_abort( &operation ); /* Test calling finish on decryption. */