diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ea54dcc1b..b74a959bb 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2394,6 +2394,10 @@ PSA Multipart Nonce Generation: ChaCha20 - Poly1305, IV = 0 depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_generate_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:0:PSA_ERROR_BUFFER_TOO_SMALL +PSA Multipart State Checks, AES - GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_state_test:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E" + PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 576d46700..fdec30fb9 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4193,6 +4193,288 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void aead_multipart_state_test( int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_aead_operation_t operation; + unsigned char *output_data = NULL; + unsigned char *final_data = NULL; + size_t output_size = 0; + size_t finish_output_size = 0; + size_t output_length = 0; + size_t key_bits = 0; + size_t tag_length = 0; + size_t tag_size = 0; + size_t nonce_length = 0; + uint8_t nonce_buffer[PSA_AEAD_NONCE_MAX_SIZE]; + uint8_t tag_buffer[PSA_AEAD_TAG_MAX_SIZE]; + size_t output_part_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( & attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( & attributes, alg ); + psa_set_key_type( & attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); + + tag_length = PSA_AEAD_TAG_LENGTH( key_type, key_bits, alg ); + + TEST_ASSERT( tag_length <= PSA_AEAD_TAG_MAX_SIZE ); + + output_size = PSA_AEAD_UPDATE_OUTPUT_SIZE( key_type, alg, input_data->len ); + + ASSERT_ALLOC( output_data, output_size ); + + finish_output_size = PSA_AEAD_FINISH_OUTPUT_SIZE( key_type, alg ); + + TEST_ASSERT( finish_output_size <= PSA_AEAD_FINISH_OUTPUT_MAX_SIZE ); + + ASSERT_ALLOC( final_data, finish_output_size ); + + /* Test all operations error without calling setup first. */ + + operation = psa_aead_operation_init( ); + + TEST_EQUAL( psa_aead_set_nonce( &operation, nonce->x, nonce->len ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + operation = psa_aead_operation_init( ); + + TEST_EQUAL( psa_aead_generate_nonce( &operation, nonce_buffer, + PSA_AEAD_NONCE_MAX_SIZE, + &nonce_length ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + operation = psa_aead_operation_init( ); + + TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + operation = psa_aead_operation_init( ); + + TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x, + additional_data->len ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + operation = psa_aead_operation_init( ); + + TEST_EQUAL( psa_aead_update( &operation, input_data->x, + input_data->len, output_data, + output_size, &output_length ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + operation = psa_aead_operation_init( ); + + TEST_EQUAL( psa_aead_finish( &operation, final_data, + finish_output_size, + &output_part_length, + tag_buffer, tag_length, + &tag_size ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + operation = psa_aead_operation_init( ); + + TEST_EQUAL( psa_aead_verify( &operation, final_data, + finish_output_size, + &output_part_length, + tag_buffer, + tag_length ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + /* Test for double setups. */ + + operation = psa_aead_operation_init( ); + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + TEST_EQUAL( psa_aead_encrypt_setup( &operation, key, alg ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + operation = psa_aead_operation_init( ); + + PSA_ASSERT( psa_aead_decrypt_setup( &operation, key, alg ) ); + + TEST_EQUAL( psa_aead_decrypt_setup( &operation, key, alg ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + /* Test for not setting a nonce. */ + + operation = psa_aead_operation_init( ); + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x, + additional_data->len ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + /* Test for double setting nonce. */ + + operation = psa_aead_operation_init( ); + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); + + TEST_EQUAL( psa_aead_set_nonce( &operation, nonce->x, nonce->len ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + /* Test for setting lengths twice. */ + + operation = psa_aead_operation_init( ); + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); + + PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ) ); + + TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + /* Test for setting lengths after already starting data. */ + + operation = psa_aead_operation_init( ); + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); + + PSA_ASSERT( psa_aead_update( &operation, input_data->x, + input_data->len, output_data, + output_size, &output_length ) ); + + TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + + /* Test for not sending any additional data or data (encrypt) */ + + operation = psa_aead_operation_init( ); + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); + + PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ) ); + + TEST_EQUAL( psa_aead_finish( &operation, final_data, + finish_output_size, + &output_part_length, + tag_buffer, tag_length, + &tag_size ), + PSA_ERROR_INVALID_ARGUMENT ); + + psa_aead_abort( &operation ); + + /* Test for not sending any additional data or data (decrypt) */ + + operation = psa_aead_operation_init( ); + + PSA_ASSERT( psa_aead_decrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); + + PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ) ); + + TEST_EQUAL( psa_aead_verify( &operation, final_data, + finish_output_size, + &output_part_length, + tag_buffer, + tag_length ), + PSA_ERROR_INVALID_ARGUMENT ); + + psa_aead_abort( &operation ); + + /* Test for not sending any additional data. */ + + operation = psa_aead_operation_init( ); + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); + + PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ) ); + + TEST_EQUAL( psa_aead_update( &operation, input_data->x, + input_data->len, output_data, + output_size, &output_length ), + PSA_ERROR_INVALID_ARGUMENT ); + + psa_aead_abort( &operation ); + + /* Test sending additional data after data. */ + + operation = psa_aead_operation_init( ); + + PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); + + PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); + + PSA_ASSERT( psa_aead_update( &operation, input_data->x, + input_data->len, output_data, + output_size, &output_length ) ); + + TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x, + additional_data->len ), + PSA_ERROR_BAD_STATE ); + + psa_aead_abort( &operation ); + +exit: + psa_destroy_key( key ); + psa_aead_abort( &operation ); + mbedtls_free( output_data ); + mbedtls_free( final_data ); + PSA_DONE( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void signature_size( int type_arg, int bits,