/* BEGIN_HEADER */ #include "mbedtls/ccm.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES * depends_on:MBEDTLS_CCM_C * END_DEPENDENCIES */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ void mbedtls_ccm_self_test( ) { TEST_ASSERT( mbedtls_ccm_self_test( 1 ) == 0 ); } /* END_CASE */ /* BEGIN_CASE */ void mbedtls_ccm_setkey( int cipher_id, int key_size, int result ) { mbedtls_ccm_context ctx; unsigned char key[32]; int ret; mbedtls_ccm_init( &ctx ); memset( key, 0x2A, sizeof( key ) ); TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) ); ret = mbedtls_ccm_setkey( &ctx, cipher_id, key, key_size ); TEST_ASSERT( ret == result ); exit: mbedtls_ccm_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res ) { mbedtls_ccm_context ctx; unsigned char key[16]; unsigned char msg[10]; unsigned char iv[14]; unsigned char add[10]; unsigned char out[10]; unsigned char tag[18]; int decrypt_ret; mbedtls_ccm_init( &ctx ); memset( key, 0, sizeof( key ) ); memset( msg, 0, sizeof( msg ) ); memset( iv, 0, sizeof( iv ) ); memset( add, 0, sizeof( add ) ); memset( out, 0, sizeof( out ) ); memset( tag, 0, sizeof( tag ) ); TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof( key ) ) == 0 ); TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len, msg, out, tag, tag_len ) == res ); decrypt_ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len, msg, out, tag, tag_len ); if( res == 0 ) TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED ); else TEST_ASSERT( decrypt_ret == res ); exit: mbedtls_ccm_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ void ccm_star_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res ) { mbedtls_ccm_context ctx; unsigned char key[16]; unsigned char msg[10]; unsigned char iv[14]; unsigned char add[10]; unsigned char out[10]; unsigned char tag[18]; int decrypt_ret; mbedtls_ccm_init( &ctx ); memset( key, 0, sizeof( key ) ); memset( msg, 0, sizeof( msg ) ); memset( iv, 0, sizeof( iv ) ); memset( add, 0, sizeof( add ) ); memset( out, 0, sizeof( out ) ); memset( tag, 0, sizeof( tag ) ); TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof( key ) ) == 0 ); TEST_ASSERT( mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len, msg, out, tag, tag_len ) == res ); decrypt_ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len, msg, out, tag, tag_len ); if( res == 0 && tag_len != 0 ) TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED ); else TEST_ASSERT( decrypt_ret == res ); exit: mbedtls_ccm_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE */ void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key, data_t * msg, data_t * iv, data_t * add, data_t * result ) { mbedtls_ccm_context ctx; size_t tag_len; uint8_t * msg_n_tag = (uint8_t *)malloc( result->len + 2 ); mbedtls_ccm_init( &ctx ); memset( msg_n_tag, 0, result->len + 2 ); memcpy( msg_n_tag, msg->x, msg->len ); tag_len = result->len - msg->len; TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); /* Test with input == output */ TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg->len, iv->x, iv->len, add->x, add->len, msg_n_tag, msg_n_tag, msg_n_tag + msg->len, tag_len ) == 0 ); TEST_ASSERT( memcmp( msg_n_tag, result->x, result->len ) == 0 ); /* Check we didn't write past the end */ TEST_ASSERT( msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0 ); exit: mbedtls_ccm_free( &ctx ); free( msg_n_tag ); } /* END_CASE */ /* BEGIN_CASE */ void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key, data_t * msg, data_t * iv, data_t * add, int tag_len, int result, data_t * hex_msg ) { unsigned char tag[16]; mbedtls_ccm_context ctx; mbedtls_ccm_init( &ctx ); memset( tag, 0x00, sizeof( tag ) ); msg->len -= tag_len; memcpy( tag, msg->x + msg->len, tag_len ); TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); /* Test with input == output */ TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg->len, iv->x, iv->len, add->x, add->len, msg->x, msg->x, msg->x + msg->len, tag_len ) == result ); if( result == 0 ) { TEST_ASSERT( memcmp( msg->x, hex_msg->x, hex_msg->len ) == 0 ); } else { size_t i; for( i = 0; i < msg->len; i++ ) TEST_ASSERT( msg->x[i] == 0 ); } /* Check we didn't write past the end (where the original tag is) */ TEST_ASSERT( memcmp( msg->x + msg->len, tag, tag_len ) == 0 ); exit: mbedtls_ccm_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE */ void mbedtls_ccm_star_encrypt_and_tag( int cipher_id, char *key_hex, char *msg_hex, char *source_address_hex, char *frame_counter_hex, int sec_level, char *add_hex, char *expected_result_hex, int output_ret ) { unsigned char key[32]; unsigned char msg[50]; unsigned char iv[13]; unsigned char add[32]; unsigned char result[50]; unsigned char expected_result[50]; unsigned char source_address[8]; unsigned char frame_counter[4]; mbedtls_ccm_context ctx; size_t i, key_len, msg_len, iv_len, add_len, expected_result_len, source_address_len, frame_counter_len, tag_len; int ret; mbedtls_ccm_init( &ctx ); memset( key, 0x00, sizeof( key ) ); memset( msg, 0x00, sizeof( msg ) ); memset( iv, 0x00, sizeof( iv ) ); memset( add, 0x00, sizeof( add ) ); memset( result, 0x00, sizeof( result ) ); memset( expected_result, 0x00, sizeof( expected_result ) ); memset( source_address, 0x00, sizeof( source_address ) ); memset( frame_counter, 0x00, sizeof( frame_counter ) ); key_len = mbedtls_test_unhexify( key, key_hex ); msg_len = mbedtls_test_unhexify( msg, msg_hex ); add_len = mbedtls_test_unhexify( add, add_hex ); expected_result_len = mbedtls_test_unhexify( expected_result, expected_result_hex ); source_address_len = mbedtls_test_unhexify( source_address, source_address_hex ); frame_counter_len = mbedtls_test_unhexify( frame_counter, frame_counter_hex ); if( sec_level % 4 == 0) tag_len = 0; else tag_len = 1 << ( sec_level % 4 + 1); for( i = 0; i < source_address_len; i++ ) iv[i] = source_address[i]; for( i = 0; i < frame_counter_len; i++ ) iv[source_address_len + i] = frame_counter[i]; iv[source_address_len + frame_counter_len] = sec_level; iv_len = sizeof( iv ); TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 ); ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len, msg, result, result + msg_len, tag_len ); TEST_ASSERT( ret == output_ret ); TEST_ASSERT( memcmp( result, expected_result, expected_result_len ) == 0 ); /* Check we didn't write past the end */ TEST_ASSERT( result[expected_result_len] == 0 && result[expected_result_len + 1] == 0 ); exit: mbedtls_ccm_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE */ void mbedtls_ccm_star_auth_decrypt( int cipher_id, char *key_hex, char *msg_hex, char *source_address_hex, char *frame_counter_hex, int sec_level, char *add_hex, char *expected_result_hex, int output_ret ) { unsigned char key[32]; unsigned char msg[50]; unsigned char iv[13]; unsigned char add[32]; unsigned char result[50]; unsigned char expected_result[50]; unsigned char source_address[8]; unsigned char frame_counter[4]; mbedtls_ccm_context ctx; size_t i, key_len, msg_len, iv_len, add_len, tag_len, expected_result_len, source_address_len, frame_counter_len; int ret; mbedtls_ccm_init( &ctx ); memset( key, 0x00, sizeof( key ) ); memset( msg, 0x00, sizeof( msg ) ); memset( iv, 0x00, sizeof( iv ) ); memset( add, 0x00, sizeof( add ) ); memset( result, '+', sizeof( result ) ); memset( expected_result, 0x00, sizeof( expected_result ) ); memset( source_address, 0x00, sizeof( source_address ) ); memset( frame_counter, 0x00, sizeof( frame_counter ) ); key_len = mbedtls_test_unhexify( key, key_hex ); msg_len = mbedtls_test_unhexify( msg, msg_hex ); add_len = mbedtls_test_unhexify( add, add_hex ); expected_result_len = mbedtls_test_unhexify( expected_result, expected_result_hex ); source_address_len = mbedtls_test_unhexify( source_address, source_address_hex ); frame_counter_len = mbedtls_test_unhexify( frame_counter, frame_counter_hex ); if( sec_level % 4 == 0) tag_len = 0; else tag_len = 1 << ( sec_level % 4 + 1); for( i = 0; i < source_address_len; i++ ) iv[i] = source_address[i]; for( i = 0; i < frame_counter_len; i++ ) iv[source_address_len + i] = frame_counter[i]; iv[source_address_len + frame_counter_len] = sec_level; iv_len = sizeof( iv ); TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 ); ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len - tag_len, iv, iv_len, add, add_len, msg, result, msg + msg_len - tag_len, tag_len ); TEST_ASSERT( ret == output_ret ); TEST_ASSERT( memcmp( result, expected_result, expected_result_len ) == 0 ); /* Check we didn't write past the end (where the original tag is) */ TEST_ASSERT( ( msg_len + 2 ) <= sizeof( result ) ); TEST_EQUAL( result[msg_len], '+' ); TEST_EQUAL( result[msg_len + 1], '+' ); exit: mbedtls_ccm_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ void ccm_invalid_param( ) { struct mbedtls_ccm_context ctx; unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES; int valid_len = sizeof(valid_buffer); int valid_bitlen = valid_len * 8; mbedtls_ccm_init( &ctx ); /* mbedtls_ccm_init() */ TEST_INVALID_PARAM( mbedtls_ccm_init( NULL ) ); /* mbedtls_ccm_setkey() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_setkey( NULL, valid_cipher, valid_buffer, valid_bitlen ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_setkey( &ctx, valid_cipher, NULL, valid_bitlen ) ); /* mbedtls_ccm_encrypt_and_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_encrypt_and_tag( NULL, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, NULL, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, valid_buffer, valid_len, NULL, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, NULL, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, NULL, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, NULL, valid_len ) ); /* mbedtls_ccm_star_encrypt_and_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_encrypt_and_tag( NULL, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, NULL, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, valid_buffer, valid_len, NULL, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, NULL, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, NULL, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, NULL, valid_len ) ); /* mbedtls_ccm_auth_decrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_auth_decrypt( NULL, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_auth_decrypt( &ctx, valid_len, NULL, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_auth_decrypt( &ctx, valid_len, valid_buffer, valid_len, NULL, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_auth_decrypt( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, NULL, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_auth_decrypt( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, NULL, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_auth_decrypt( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, NULL, valid_len ) ); /* mbedtls_ccm_star_auth_decrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_auth_decrypt( NULL, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, NULL, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, valid_buffer, valid_len, NULL, valid_len, valid_buffer, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, NULL, valid_buffer, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, NULL, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, valid_buffer, valid_len, valid_buffer, valid_len, valid_buffer, valid_buffer, NULL, valid_len ) ); exit: mbedtls_ccm_free( &ctx ); return; } /* END_CASE */ /* BEGIN_CASE */ void ccm_valid_param( ) { TEST_VALID_PARAM( mbedtls_ccm_free( NULL ) ); exit: return; } /* END_CASE */