From e193ea8cb9df86586d1b90f88a8c1c97851de1cd Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 1 Oct 2021 13:00:16 +0100 Subject: [PATCH 01/12] Add Multipart AEAD CCM internal implementation Signed-off-by: Paul Elliott --- library/psa_crypto.c | 23 ++++++++++++ library/psa_crypto_aead.c | 77 +++++++++++++++++++++++++++++++-------- 2 files changed, 84 insertions(+), 16 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ece64b100..d8c9d1455 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3868,6 +3868,15 @@ psa_status_t psa_aead_generate_nonce( psa_aead_operation_t *operation, goto exit; } + /* For CCM, this size may not be correct according to the PSA + * specification. The PSA Crypto 1.0.1 specification states: + * + * CCM encodes the plaintext length pLen in L octets, with L the smallest + * integer >= 2 where pLen < 2^(8L). The nonce length is then 15 - L bytes. + * + * However this restriction that L has to be the smallest integer is not + * applied in practice, and it is not implementable here since the + * plaintext length may or may not be known at this time. */ required_nonce_size = PSA_AEAD_NONCE_LENGTH( operation->key_type, operation->alg ); if( nonce_size < required_nonce_size ) @@ -4030,6 +4039,13 @@ psa_status_t psa_aead_update_ad( psa_aead_operation_t *operation, operation->ad_remaining -= input_length; } +#if defined(PSA_WANT_ALG_CCM) + else if( operation->alg == PSA_ALG_CCM ) + { + status = PSA_ERROR_BAD_STATE; + goto exit; + } +#endif /* PSA_WANT_ALG_CCM */ status = psa_driver_wrapper_aead_update_ad( operation, input, input_length ); @@ -4087,6 +4103,13 @@ psa_status_t psa_aead_update( psa_aead_operation_t *operation, operation->body_remaining -= input_length; } +#if defined(PSA_WANT_ALG_CCM) + else if( operation->alg == PSA_ALG_CCM ) + { + status = PSA_ERROR_BAD_STATE; + goto exit; + } +#endif /* PSA_WANT_ALG_CCM */ status = psa_driver_wrapper_aead_update( operation, input, input_length, output, output_size, diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index a72865c04..9dd40dd54 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -346,13 +346,6 @@ psa_status_t mbedtls_psa_aead_encrypt_setup( { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; -#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) - if( operation->alg == PSA_ALG_CCM ) - { - return( PSA_ERROR_NOT_SUPPORTED ); - } -#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ - status = psa_aead_setup( operation, attributes, key_buffer, key_buffer_size, alg ); @@ -373,13 +366,6 @@ psa_status_t mbedtls_psa_aead_decrypt_setup( { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; -#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) - if( operation->alg == PSA_ALG_CCM ) - { - return( PSA_ERROR_NOT_SUPPORTED ); - } -#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ - status = psa_aead_setup( operation, attributes, key_buffer, key_buffer_size, alg ); @@ -409,6 +395,18 @@ psa_status_t mbedtls_psa_aead_set_nonce( } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) + if( operation->alg == PSA_ALG_CCM ) + { + status = mbedtls_to_psa_error( + mbedtls_ccm_starts( &operation->ctx.ccm, + operation->is_encrypt ? + MBEDTLS_CCM_ENCRYPT : MBEDTLS_CCM_DECRYPT, + nonce, + nonce_length ) ); + } + else +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) if( operation->alg == PSA_ALG_CHACHA20_POLY1305 ) { @@ -446,11 +444,22 @@ psa_status_t mbedtls_psa_aead_set_lengths( size_t ad_length, size_t plaintext_length ) { - /* Nothing here yet, work is currently done in PSA Core, however support - * for CCM will require this function. */ + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) + if( operation->alg == PSA_ALG_CCM ) + { + return( mbedtls_to_psa_error( + mbedtls_ccm_set_lengths( &operation->ctx.ccm, + ad_length, + plaintext_length, + operation->tag_length ) ) ); + + } +#else /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ ( void ) operation; ( void ) ad_length; ( void ) plaintext_length; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ return ( PSA_SUCCESS ); } @@ -471,6 +480,14 @@ psa_status_t mbedtls_psa_aead_update_ad( } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) + if( operation->alg == PSA_ALG_CCM ) + { + status = mbedtls_to_psa_error( + mbedtls_ccm_update_ad( &operation->ctx.ccm, input, input_length ) ); + } + else +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) if( operation->alg == PSA_ALG_CHACHA20_POLY1305 ) { @@ -521,6 +538,20 @@ psa_status_t mbedtls_psa_aead_update( } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) + if( operation->alg == PSA_ALG_CCM ) + { + if( output_size < input_length ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + status = mbedtls_to_psa_error( + mbedtls_ccm_update( &operation->ctx.ccm, + input, input_length, + output, output_size, + &update_output_length ) ); + } + else +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) if( operation->alg == PSA_ALG_CHACHA20_POLY1305 ) { @@ -577,6 +608,20 @@ psa_status_t mbedtls_psa_aead_finish( } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) + if( operation->alg == PSA_ALG_CCM ) + { + /* tag must be big enough to store a tag of size passed into set + * lengths. */ + if( tag_size < operation->tag_length ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + status = mbedtls_to_psa_error( + mbedtls_ccm_finish( &operation->ctx.ccm, + tag, operation->tag_length ) ); + } + else +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) if( operation->alg == PSA_ALG_CHACHA20_POLY1305 ) { From 2cc1ee31ca9c724f494f638544ede75cf7aeee5c Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 1 Oct 2021 16:05:47 +0100 Subject: [PATCH 02/12] Add Multipart AEAD CCM encrypt / decrypt tests Encrypt / Decrypt with expected result. Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.data | 72 +++++++++++++++++++++++++ 1 file changed, 72 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 063629e59..c3d9af2ef 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2782,6 +2782,78 @@ PSA AEAD encrypt/decrypt: invalid algorithm (ChaCha20) depends_on:MBEDTLS_CHACHA20_C aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_STREAM_CIPHER:"":"":"":PSA_ERROR_NOT_SUPPORTED +PSA Multipart AEAD encrypt: AES - CCM, 23 bytes (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":1:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" + +PSA Multipart AEAD encrypt: AES - CCM, 24 bytes (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" + +PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 4 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39" + +PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 6 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,6):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc" + +PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 8 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776" + +PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 10 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,10):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e" + +PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 12 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,12):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846" + +PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 14 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f" + +PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 16 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" + +PSA Multipart AEAD decrypt: AES - CCM, 39 bytes (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":1:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C" + +PSA Multipart AEAD decrypt, AES - CCM, 40 bytes (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef" + +PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 4 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef" + +PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 6 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,6):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef" + +PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 8 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef" + +PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 10 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,10):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef" + +PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 12 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,12):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef" + +PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 14 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef" + +PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 16 (lengths set) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef" + PSA Multipart AEAD encrypt, AES-GCM, 128 bytes #1 depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":0:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" From fec6f37669430cc371aa398ab05fdd46fe494abe Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 6 Oct 2021 17:15:02 +0100 Subject: [PATCH 03/12] Add Multipart AEAD CCM verify tests Known failures, concentrating on verify (bad signature etc.) Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.data | 40 +++++++++++++++++++++ tests/suites/test_suite_psa_crypto.function | 11 ++++++ 2 files changed, 51 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c3d9af2ef..ab0697f70 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3286,6 +3286,46 @@ PSA Multipart AEAD decrypt: ChaCha20 - Poly1305 (good tag, zero - length input) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"":"a0784d7a4716f3feb4f64e7f4b39bf04":1:"" +PSA Multipart AEAD verify: AES - CCM, invalid signature +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"7c0a61c9f825a48671ea05910748c8ef":1:PSA_ERROR_INVALID_SIGNATURE + +PSA Multipart AEAD verify: AES - CCM, invalid signature, T = 4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":"0748c8ef":1:PSA_ERROR_INVALID_SIGNATURE + +PSA Multipart AEAD verify: AES - CCM, T = 4, tag is truncated tag for T = 16 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d":"0748c8ef":1:PSA_ERROR_INVALID_SIGNATURE + +PSA Multipart AEAD verify: AES - CCM, invalid tag length 0 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,0):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"":1:PSA_ERROR_INVALID_ARGUMENT + +PSA Multipart AEAD verify: AES - CCM, invalid tag length 2 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,2):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"c8ef":1:PSA_ERROR_INVALID_ARGUMENT + +PSA Multipart AEAD verify: AES - CCM, invalid tag length 15 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,15):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"0a61c9f825a48671ea05910748c8ef":1:PSA_ERROR_INVALID_ARGUMENT + +PSA Multipart AEAD verify: AES - CCM, T = 16, but passing 15 bytes +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"0a61c9f825a48671ea05910748c8ef":1:PSA_ERROR_INVALID_SIGNATURE + +PSA Multipart AEAD verify: AES - CCM, T = 16, but passing 17 bytes +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"532b0a61c9f825a48671ea05910748c8ef":1:PSA_ERROR_INVALID_SIGNATURE + +PSA Multipart AEAD verify: AES - CCM, T = 16 but passing 0 bytes (valid buffer) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"":1:PSA_ERROR_INVALID_SIGNATURE + +PSA Multipart AEAD verify: AES - CCM, T = 16 but passing 0 bytes (NULL buffer) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"":0:PSA_ERROR_INVALID_SIGNATURE + PSA Multipart AEAD verify, AES - GCM, invalid signature depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_verify:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f":"6bac793bdc2190a195122c98544ccf56":1:PSA_ERROR_INVALID_SIGNATURE diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 591c2960d..dfcf94d3f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4408,6 +4408,17 @@ void aead_multipart_verify( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); + status = psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ); + + if( status != PSA_SUCCESS ) + { + /* Invalid tag lengths are detected in CCM at this point, as they + * would be written into the first block. */ + TEST_EQUAL( status, expected_status ); + goto exit; + } + PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x, additional_data->len ) ); From 15116bf711378572f725647cf9c04bbcc49f4d0e Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 6 Oct 2021 17:24:47 +0100 Subject: [PATCH 04/12] Add Multipart AEAD CCM setup tests Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.data | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ab0697f70..20cae3c0b 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3498,6 +3498,10 @@ PSA AEAD setup: invalid algorithm (ChaCha20 - Poly1305 with short tag) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_setup:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,12):PSA_ERROR_NOT_SUPPORTED +PSA AEAD setup: AES - CCM, invalid tag length 18 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_setup:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,18):PSA_ERROR_INVALID_ARGUMENT + PSA Multipart State Checks, AES - GCM depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_state_test:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E" From e4c08ed257c9602345b17ec9c3632a9e4c8279c8 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 6 Oct 2021 18:53:04 +0100 Subject: [PATCH 05/12] Add Multipart AEAD CCM set nonce tests Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.data | 24 +++++++++++++++++++++ tests/suites/test_suite_psa_crypto.function | 2 ++ 2 files changed, 26 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 20cae3c0b..37a10fff8 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3390,6 +3390,30 @@ PSA Multipart Nonce Generation: ChaCha20 - Poly1305, NONCE = (Req 16 / Expect 12 depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_generate_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:16:12:"":"":PSA_SUCCESS +PSA Multipart Set Nonce: AES - CCM, NONCE = 0 (NULL) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT + +PSA Multipart Set Nonce: AES - CCM, NONCE = 0 (NON-NULL) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:-1:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT + +PSA Multipart Set Nonce: AES - CCM, NONCE = 6 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:6:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT + +PSA Multipart Set Nonce: AES - CCM, NONCE = 14 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:14:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT + +PSA Multipart Set Nonce: AES - CCM_8, NONCE = 6 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):6:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT + +PSA Multipart Set Nonce: AES - CCM_8, NONCE = 14 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):14:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT + PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (NULL) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:0:"":"":PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index dfcf94d3f..000806d08 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4157,6 +4157,8 @@ void aead_multipart_set_nonce( int key_type_arg, data_t *key_data, if( expected_status == PSA_SUCCESS ) { /* Ensure we can still complete operation. */ + PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ) ); PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x, additional_data->len ) ); From d79c5c5105f0f05d26709e469ab279e3a3023121 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 6 Oct 2021 21:49:41 +0100 Subject: [PATCH 06/12] Add Multipart AEAD CCM generate nonce tests Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.data | 16 ++++++++++++++++ tests/suites/test_suite_psa_crypto.function | 5 +++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 37a10fff8..c010083fd 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3358,6 +3358,22 @@ PSA Multipart AEAD verify: ChaCha20 - Poly1305 (RFC7539, bad tag) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_verify:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116":"1ae10b594f09e26a7e902ecbd0600690":1:PSA_ERROR_INVALID_SIGNATURE +PSA Multipart Nonce Generation: AES - CCM, NONCE = (Req 13 / Expect 13) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:13:13:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_SUCCESS + +PSA Multipart Nonce Generation: AES - CCM, NONCE = (Req 12 / Expect 0) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:12:0:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_BUFFER_TOO_SMALL + +PSA Multipart Nonce Generation: AES - CCM, NONCE = (Req 0 / Expect 0) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:0:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_BUFFER_TOO_SMALL + +PSA Multipart Nonce Generation: AES - CCM, NONCE = (Req 16 / Expect 13) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:16:13:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_SUCCESS + PSA Multipart Nonce Generation, AES - GCM, NONCE = (Req 12 / Expect 12) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:12:12:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 000806d08..3e1355d18 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4039,12 +4039,13 @@ void aead_multipart_generate_nonce( int key_type_arg, data_t *key_data, TEST_EQUAL( actual_nonce_length, PSA_AEAD_NONCE_LENGTH( key_type, alg ) ); - TEST_ASSERT( actual_nonce_length < PSA_AEAD_NONCE_MAX_SIZE ); + TEST_ASSERT( actual_nonce_length <= PSA_AEAD_NONCE_MAX_SIZE ); if( expected_status == PSA_SUCCESS ) { - /* Ensure we can still complete operation. */ + PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ) ); PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x, additional_data->len ) ); From 47b9a14dc6d9b1121b9d06a9a41b5160f5dadc5c Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 7 Oct 2021 15:04:57 +0100 Subject: [PATCH 07/12] Add Multipart AEAD CCM update buffer tests Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.data | 8 ++++++++ tests/suites/test_suite_psa_crypto.function | 3 +++ 2 files changed, 11 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c010083fd..381fc636b 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3482,6 +3482,14 @@ PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 0 (Non-NULL) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:-1:"":"":PSA_ERROR_INVALID_ARGUMENT +PSA AEAD output buffer test: AES - CCM, IN = 40 BUF = 39 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_update_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:39:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_BUFFER_TOO_SMALL + +PSA AEAD output buffer test: AES - CCM, IN = 40 BUF = 0 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_update_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_BUFFER_TOO_SMALL + PSA AEAD output buffer test: AES - GCM, IN = 16, BUF = 15 depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_update_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:15:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_ERROR_BUFFER_TOO_SMALL diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3e1355d18..8b73ae7e8 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4238,6 +4238,9 @@ void aead_multipart_update_buffer_test( int key_type_arg, data_t *key_data, PSA_ASSERT( status ); + PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ) ); + PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x, From 76bda48f8c9932452a4a01cf2129deb2cdae2e0d Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 7 Oct 2021 17:07:23 +0100 Subject: [PATCH 08/12] Add Multipart AEAD CCM Finish buffer tests Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.data | 12 ++++++++++++ tests/suites/test_suite_psa_crypto.function | 3 +++ 2 files changed, 15 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 381fc636b..e15e66a24 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3506,6 +3506,18 @@ PSA AEAD output buffer test: ChaCha20 - Poly1305 IN = 130, BUF = 0 depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_update_buffer_test:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:0:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691":PSA_ERROR_BUFFER_TOO_SMALL +PSA AEAD finish buffer test: AES - CCM, BUF = 0, TAG = 20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:20:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_SUCCESS + +PSA AEAD finish buffer test: AES - CCM, BUF = 0, TAG = 15 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:15:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_BUFFER_TOO_SMALL + +PSA AEAD finish buffer test: AES - CCM, BUF = 0, TAG = 0 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:0:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_BUFFER_TOO_SMALL + PSA AEAD finish buffer test: AES - GCM, BUF = 8, TAG = 16 depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:8:16:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_ERROR_BUFFER_TOO_SMALL diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8b73ae7e8..21de8a9a2 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4329,6 +4329,9 @@ void aead_multipart_finish_buffer_test( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); + PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, + input_data->len ) ); + PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x, additional_data->len ) ); From f76dcb2efc0e291abdb8e4fe8dd96b057163d48a Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 7 Oct 2021 18:21:40 +0100 Subject: [PATCH 09/12] Add Changelog.d entry Signed-off-by: Paul Elliott --- ChangeLog.d/add_psa_m_aead_ccm.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/add_psa_m_aead_ccm.txt diff --git a/ChangeLog.d/add_psa_m_aead_ccm.txt b/ChangeLog.d/add_psa_m_aead_ccm.txt new file mode 100644 index 000000000..d7588ee46 --- /dev/null +++ b/ChangeLog.d/add_psa_m_aead_ccm.txt @@ -0,0 +1,3 @@ +Features + * Add the internal implementation of and support for CCM to the PSA multipart + AEAD interface. From 82d2dc24bb2f1ef873f3dc20777a0d3045e83897 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 28 Oct 2021 16:38:29 +0100 Subject: [PATCH 10/12] Remove redundant blank line Signed-off-by: Paul Elliott --- library/psa_crypto_aead.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index 9dd40dd54..e87cda282 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -444,7 +444,6 @@ psa_status_t mbedtls_psa_aead_set_lengths( size_t ad_length, size_t plaintext_length ) { - #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) if( operation->alg == PSA_ALG_CCM ) { From 3938fef25c546f628161c3b6ee00d02056d3adac Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 8 Dec 2021 20:09:09 +0000 Subject: [PATCH 11/12] Indicate set nonce negative test failure reasons Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.data | 34 ++++++++++++------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e15e66a24..e88ae09b8 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3414,71 +3414,71 @@ PSA Multipart Set Nonce: AES - CCM, NONCE = 0 (NON-NULL) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:-1:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce: AES - CCM, NONCE = 6 +PSA Multipart Set Nonce: AES - CCM, NONCE = 6 (too small) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:6:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce: AES - CCM, NONCE = 14 +PSA Multipart Set Nonce: AES - CCM, NONCE = 14 (too long) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:14:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce: AES - CCM_8, NONCE = 6 +PSA Multipart Set Nonce: AES - CCM_8, NONCE = 6 (too small) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):6:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce: AES - CCM_8, NONCE = 14 +PSA Multipart Set Nonce: AES - CCM_8, NONCE = 14 (too long) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):14:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (NULL) +PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (NULL) (too small) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:0:"":"":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (Non-NULL) +PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (Non-NULL) (too small) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:-1:"":"":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce, AES - GCM, NONCE = 16 +PSA Multipart Set Nonce, AES - GCM, NONCE = 16 (ok) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:16:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS -PSA Multipart Set Nonce, AES - GCM, NONCE = 20 +PSA Multipart Set Nonce, AES - GCM, NONCE = 20 (ok) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:20:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS -PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (NULL) +PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (NULL) (too small) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):0:"":"":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (Non-NULL) +PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (Non-NULL) (too small) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):-1:"":"":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce, AES - GCM_12, NONCE = 16 +PSA Multipart Set Nonce, AES - GCM_12, NONCE = 16 (ok) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):16:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS -PSA Multipart Set Nonce, AES - GCM_12, NONCE = 20 +PSA Multipart Set Nonce, AES - GCM_12, NONCE = 20 (ok) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):20:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS -PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 11 +PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 11 (too small) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:11:"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 12 +PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 12 (ok) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:12:"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_SUCCESS -PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 13 +PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 13 (too big) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:13:"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 0 (NULL) +PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 0 (NULL) (too small) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:0:"":"":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 0 (Non-NULL) +PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 0 (Non-NULL) (too small) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:-1:"":"":PSA_ERROR_INVALID_ARGUMENT From 37ec16b579f1ed9ba57c711d561de2cc3f473fb1 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 8 Dec 2021 20:14:49 +0000 Subject: [PATCH 12/12] Add explanation for workaround in test code Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.data | 10 +++++----- tests/suites/test_suite_psa_crypto.function | 5 ++++- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e88ae09b8..6f52c74e0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3438,11 +3438,11 @@ PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (Non-NULL) (too small) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:-1:"":"":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce, AES - GCM, NONCE = 16 (ok) +PSA Multipart Set Nonce, AES - GCM, NONCE = 16 depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:16:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS -PSA Multipart Set Nonce, AES - GCM, NONCE = 20 (ok) +PSA Multipart Set Nonce, AES - GCM, NONCE = 20 depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:20:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS @@ -3454,11 +3454,11 @@ PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (Non-NULL) (too small) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):-1:"":"":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce, AES - GCM_12, NONCE = 16 (ok) +PSA Multipart Set Nonce, AES - GCM_12, NONCE = 16 depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):16:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS -PSA Multipart Set Nonce, AES - GCM_12, NONCE = 20 (ok) +PSA Multipart Set Nonce, AES - GCM_12, NONCE = 20 depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):20:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS @@ -3466,7 +3466,7 @@ PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 11 (too small) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:11:"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_ERROR_INVALID_ARGUMENT -PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 12 (ok) +PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 12 depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:12:"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 21de8a9a2..e1f90d261 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4423,7 +4423,10 @@ void aead_multipart_verify( int key_type_arg, data_t *key_data, if( status != PSA_SUCCESS ) { /* Invalid tag lengths are detected in CCM at this point, as they - * would be written into the first block. */ + * would be written into the first block. They should really be + * detected in psa_aead_encrypt/decrypt_setup, and will be fixed + * to do so in the future, until that point, this is a + * workaround.*/ TEST_EQUAL( status, expected_status ); goto exit; }