From f4facef9ba0fa2f65c85e476d6b8f2943bc44ff3 Mon Sep 17 00:00:00 2001 From: Przemyslaw Stekiel Date: Wed, 2 Feb 2022 21:31:04 +0100 Subject: [PATCH] Adapt ssl_decrypt_non_etm_cbc() test for psa crypto and remove redundant test cases Signed-off-by: Przemyslaw Stekiel --- tests/suites/test_suite_ssl.data | 256 --------------------------- tests/suites/test_suite_ssl.function | 59 +++++- 2 files changed, 58 insertions(+), 257 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 03ea99434..4400afa10 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -4334,262 +4334,6 @@ Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=255 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:255 -Decrypt CBC !EtM, 3DES MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:-1 - -Decrypt CBC !EtM, 3DES MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:-2 - -Decrypt CBC !EtM, 3DES MD5 trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:-1 - -Decrypt CBC !EtM, 3DES MD5 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:-2 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:0 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:248 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:0 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:248 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:1 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:249 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:1 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:249 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:7 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:255 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:7 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:255 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:-1 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:-2 - -Decrypt CBC !EtM, 3DES SHA1 trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:-1 - -Decrypt CBC !EtM, 3DES SHA1 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:-2 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:0 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:248 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:0 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:248 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:1 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:249 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:1 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:249 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:7 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:255 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:7 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:255 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:-1 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:-2 - -Decrypt CBC !EtM, 3DES SHA256 trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:-1 - -Decrypt CBC !EtM, 3DES SHA256 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:-2 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:0 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:248 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:0 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:248 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:1 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:249 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:1 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:249 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:7 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:255 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:7 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:255 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-1 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-2 - -Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-1 - -Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-2 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:0 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:248 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:0 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:248 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:1 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:249 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:1 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:249 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:7 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:255 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:7 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:255 - SSL TLS 1.3 Key schedule: Secret evolution #1 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/) # Initial secret to Early Secret diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index e6d66c079..0351db093 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1186,6 +1186,44 @@ int psk_dummy_callback( void *p_info, mbedtls_ssl_context *ssl, #define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static int psa_cipher_encrypt_helper( mbedtls_ssl_transform *transform, + const unsigned char *iv, size_t iv_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen ) +{ + psa_status_t status; + psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT; + size_t part_len; + + status = psa_cipher_encrypt_setup( &cipher_op, + transform->psa_key_enc, transform->psa_alg ); + + if( status != PSA_SUCCESS ) + return( psa_ssl_status_to_mbedtls( status ) ); + + status = psa_cipher_set_iv( &cipher_op, iv, iv_len ); + + if( status != PSA_SUCCESS ) + return( psa_ssl_status_to_mbedtls( status ) ); + + status = psa_cipher_update( &cipher_op, + input, ilen, output, ilen, olen ); + + if( status != PSA_SUCCESS ) + return( psa_ssl_status_to_mbedtls( status ) ); + + status = psa_cipher_finish( &cipher_op, + output + *olen, ilen - *olen, &part_len ); + + if( status != PSA_SUCCESS ) + return( psa_ssl_status_to_mbedtls( status ) ); + + *olen += part_len; + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + static int build_transforms( mbedtls_ssl_transform *t_in, mbedtls_ssl_transform *t_out, int cipher_type, int hash_id, @@ -1440,6 +1478,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in, if ( status != PSA_SUCCESS) { ret = psa_ssl_status_to_mbedtls( status ); + mbedtls_fprintf( stderr, "mbedtls_ssl_cipher_to_psa: %d\n", (int)status); goto cleanup; } @@ -3547,7 +3586,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:!MBEDTLS_USE_PSA_CRYPTO */ +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, int length_selector ) { @@ -3680,10 +3719,16 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, /* * Encrypt and decrypt the correct record, expecting success */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_EQUAL( 0, psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, + rec.buf + rec.data_offset, rec.data_len, + rec.buf + rec.data_offset, &olen ) ); +#else TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset, rec.data_len, rec.buf + rec.data_offset, &olen ) ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ rec.data_offset -= t0.ivlen; rec.data_len += t0.ivlen; @@ -3706,10 +3751,16 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, rec.buf[i] ^= 0x01; /* Encrypt */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_EQUAL( 0, psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, + rec.buf + rec.data_offset, rec.data_len, + rec.buf + rec.data_offset, &olen ) ); +#else TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset, rec.data_len, rec.buf + rec.data_offset, &olen ) ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ rec.data_offset -= t0.ivlen; rec.data_len += t0.ivlen; @@ -3743,10 +3794,16 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, memset( buf + buflen - padlen - 1, i, padlen + 1 ); /* Encrypt */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_EQUAL( 0, psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, + rec.buf + rec.data_offset, rec.data_len, + rec.buf + rec.data_offset, &olen ) ); +#else TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset, rec.data_len, rec.buf + rec.data_offset, &olen ) ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ rec.data_offset -= t0.ivlen; rec.data_len += t0.ivlen;