142383e25b
Test that we get the error we expect when using various valid and invalid keysizes with mbedtls_aes_xts_setkey_enc() and mbedtls_aes_xts_setkey_dec().
478 lines
14 KiB
Text
478 lines
14 KiB
Text
/* BEGIN_HEADER */
|
|
#include "mbedtls/aes.h"
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_AES_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE */
|
|
void aes_encrypt_ecb( char *hex_key_string, char *hex_src_string,
|
|
char *hex_dst_string, int setkey_result )
|
|
{
|
|
unsigned char key_str[100];
|
|
unsigned char src_str[100];
|
|
unsigned char dst_str[100];
|
|
unsigned char output[100];
|
|
mbedtls_aes_context ctx;
|
|
int key_len;
|
|
|
|
memset(key_str, 0x00, 100);
|
|
memset(src_str, 0x00, 100);
|
|
memset(dst_str, 0x00, 100);
|
|
memset(output, 0x00, 100);
|
|
mbedtls_aes_init( &ctx );
|
|
|
|
key_len = unhexify( key_str, hex_key_string );
|
|
unhexify( src_str, hex_src_string );
|
|
|
|
TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 ) == setkey_result );
|
|
if( setkey_result == 0 )
|
|
{
|
|
TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_ENCRYPT, src_str, output ) == 0 );
|
|
hexify( dst_str, output, 16 );
|
|
|
|
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_aes_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void aes_decrypt_ecb( char *hex_key_string, char *hex_src_string,
|
|
char *hex_dst_string, int setkey_result )
|
|
{
|
|
unsigned char key_str[100];
|
|
unsigned char src_str[100];
|
|
unsigned char dst_str[100];
|
|
unsigned char output[100];
|
|
mbedtls_aes_context ctx;
|
|
int key_len;
|
|
|
|
memset(key_str, 0x00, 100);
|
|
memset(src_str, 0x00, 100);
|
|
memset(dst_str, 0x00, 100);
|
|
memset(output, 0x00, 100);
|
|
mbedtls_aes_init( &ctx );
|
|
|
|
key_len = unhexify( key_str, hex_key_string );
|
|
unhexify( src_str, hex_src_string );
|
|
|
|
TEST_ASSERT( mbedtls_aes_setkey_dec( &ctx, key_str, key_len * 8 ) == setkey_result );
|
|
if( setkey_result == 0 )
|
|
{
|
|
TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_DECRYPT, src_str, output ) == 0 );
|
|
hexify( dst_str, output, 16 );
|
|
|
|
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_aes_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
|
|
void aes_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
|
|
char *hex_src_string, char *hex_dst_string,
|
|
int cbc_result )
|
|
{
|
|
unsigned char key_str[100];
|
|
unsigned char iv_str[100];
|
|
unsigned char src_str[100];
|
|
unsigned char dst_str[100];
|
|
unsigned char output[100];
|
|
mbedtls_aes_context ctx;
|
|
int key_len, data_len;
|
|
|
|
memset(key_str, 0x00, 100);
|
|
memset(iv_str, 0x00, 100);
|
|
memset(src_str, 0x00, 100);
|
|
memset(dst_str, 0x00, 100);
|
|
memset(output, 0x00, 100);
|
|
mbedtls_aes_init( &ctx );
|
|
|
|
key_len = unhexify( key_str, hex_key_string );
|
|
unhexify( iv_str, hex_iv_string );
|
|
data_len = unhexify( src_str, hex_src_string );
|
|
|
|
mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 );
|
|
TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_ENCRYPT, data_len, iv_str, src_str, output ) == cbc_result );
|
|
if( cbc_result == 0 )
|
|
{
|
|
hexify( dst_str, output, data_len );
|
|
|
|
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_aes_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
|
|
void aes_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
|
|
char *hex_src_string, char *hex_dst_string,
|
|
int cbc_result )
|
|
{
|
|
unsigned char key_str[100];
|
|
unsigned char iv_str[100];
|
|
unsigned char src_str[100];
|
|
unsigned char dst_str[100];
|
|
unsigned char output[100];
|
|
mbedtls_aes_context ctx;
|
|
int key_len, data_len;
|
|
|
|
memset(key_str, 0x00, 100);
|
|
memset(iv_str, 0x00, 100);
|
|
memset(src_str, 0x00, 100);
|
|
memset(dst_str, 0x00, 100);
|
|
memset(output, 0x00, 100);
|
|
mbedtls_aes_init( &ctx );
|
|
|
|
key_len = unhexify( key_str, hex_key_string );
|
|
unhexify( iv_str, hex_iv_string );
|
|
data_len = unhexify( src_str, hex_src_string );
|
|
|
|
mbedtls_aes_setkey_dec( &ctx, key_str, key_len * 8 );
|
|
TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_DECRYPT, data_len, iv_str, src_str, output ) == cbc_result );
|
|
if( cbc_result == 0)
|
|
{
|
|
hexify( dst_str, output, data_len );
|
|
|
|
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_aes_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
|
|
void aes_encrypt_xts( char *hex_key_string, char *hex_data_unit_string,
|
|
char *hex_src_string, char *hex_dst_string )
|
|
{
|
|
enum { AES_BLOCK_SIZE = 16 };
|
|
unsigned char *data_unit = NULL;
|
|
unsigned char *key = NULL;
|
|
unsigned char *src = NULL;
|
|
unsigned char *dst = NULL;
|
|
unsigned char *output = NULL;
|
|
mbedtls_aes_xts_context ctx;
|
|
size_t key_len, src_len, dst_len, data_unit_len;
|
|
|
|
mbedtls_aes_xts_init( &ctx );
|
|
|
|
data_unit = unhexify_alloc( hex_data_unit_string, &data_unit_len );
|
|
TEST_ASSERT( data_unit_len == AES_BLOCK_SIZE );
|
|
|
|
key = unhexify_alloc( hex_key_string, &key_len );
|
|
TEST_ASSERT( key_len % 2 == 0 );
|
|
|
|
src = unhexify_alloc( hex_src_string, &src_len );
|
|
dst = unhexify_alloc( hex_dst_string, &dst_len );
|
|
TEST_ASSERT( src_len == dst_len );
|
|
|
|
output = zero_alloc( dst_len );
|
|
|
|
TEST_ASSERT( mbedtls_aes_xts_setkey_enc( &ctx, key, key_len * 8 ) == 0 );
|
|
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, src_len,
|
|
data_unit, src, output ) == 0 );
|
|
|
|
TEST_ASSERT( memcmp( output, dst, dst_len ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_aes_xts_free( &ctx );
|
|
mbedtls_free( data_unit );
|
|
mbedtls_free( key );
|
|
mbedtls_free( src );
|
|
mbedtls_free( dst );
|
|
mbedtls_free( output );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
|
|
void aes_decrypt_xts( char *hex_key_string, char *hex_data_unit_string,
|
|
char *hex_dst_string, char *hex_src_string )
|
|
{
|
|
enum { AES_BLOCK_SIZE = 16 };
|
|
unsigned char *data_unit = NULL;
|
|
unsigned char *key = NULL;
|
|
unsigned char *src = NULL;
|
|
unsigned char *dst = NULL;
|
|
unsigned char *output = NULL;
|
|
mbedtls_aes_xts_context ctx;
|
|
size_t key_len, src_len, dst_len, data_unit_len;
|
|
|
|
mbedtls_aes_xts_init( &ctx );
|
|
|
|
data_unit = unhexify_alloc( hex_data_unit_string, &data_unit_len );
|
|
TEST_ASSERT( data_unit_len == AES_BLOCK_SIZE );
|
|
|
|
key = unhexify_alloc( hex_key_string, &key_len );
|
|
TEST_ASSERT( key_len % 2 == 0 );
|
|
|
|
src = unhexify_alloc( hex_src_string, &src_len );
|
|
dst = unhexify_alloc( hex_dst_string, &dst_len );
|
|
TEST_ASSERT( src_len == dst_len );
|
|
|
|
output = zero_alloc( dst_len );
|
|
|
|
TEST_ASSERT( mbedtls_aes_xts_setkey_dec( &ctx, key, key_len * 8 ) == 0 );
|
|
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, src_len,
|
|
data_unit, src, output ) == 0 );
|
|
|
|
TEST_ASSERT( memcmp( output, dst, dst_len ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_aes_xts_free( &ctx );
|
|
mbedtls_free( data_unit );
|
|
mbedtls_free( key );
|
|
mbedtls_free( src );
|
|
mbedtls_free( dst );
|
|
mbedtls_free( output );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
|
|
void aes_crypt_xts_size( int size, int retval )
|
|
{
|
|
mbedtls_aes_xts_context ctx;
|
|
const unsigned char *src = NULL;
|
|
unsigned char *output = NULL;
|
|
unsigned char data_unit[16];
|
|
size_t length = size;
|
|
|
|
mbedtls_aes_xts_init( &ctx );
|
|
memset( data_unit, 0x00, sizeof( data_unit ) );
|
|
|
|
|
|
/* Note that this function will most likely crash on failure, as NULL
|
|
* parameters will be used. In the passing case, the length check in
|
|
* mbedtls_aes_crypt_xts() will prevent any accesses to parameters by
|
|
* exiting the function early. */
|
|
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
|
|
void aes_crypt_xts_keysize( int size, int retval )
|
|
{
|
|
mbedtls_aes_xts_context ctx;
|
|
const unsigned char *key = NULL;
|
|
size_t key_len = size;
|
|
|
|
mbedtls_aes_xts_init( &ctx );
|
|
|
|
TEST_ASSERT( mbedtls_aes_xts_setkey_enc( &ctx, key, key_len * 8 ) == retval );
|
|
TEST_ASSERT( mbedtls_aes_xts_setkey_dec( &ctx, key, key_len * 8 ) == retval );
|
|
exit:
|
|
mbedtls_aes_xts_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
|
|
void aes_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
|
|
char *hex_src_string, char *hex_dst_string )
|
|
{
|
|
unsigned char key_str[100];
|
|
unsigned char iv_str[100];
|
|
unsigned char src_str[100];
|
|
unsigned char dst_str[100];
|
|
unsigned char output[100];
|
|
mbedtls_aes_context ctx;
|
|
size_t iv_offset = 0;
|
|
int key_len;
|
|
|
|
memset(key_str, 0x00, 100);
|
|
memset(iv_str, 0x00, 100);
|
|
memset(src_str, 0x00, 100);
|
|
memset(dst_str, 0x00, 100);
|
|
memset(output, 0x00, 100);
|
|
mbedtls_aes_init( &ctx );
|
|
|
|
key_len = unhexify( key_str, hex_key_string );
|
|
unhexify( iv_str, hex_iv_string );
|
|
unhexify( src_str, hex_src_string );
|
|
|
|
mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 );
|
|
TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_ENCRYPT, 16, &iv_offset, iv_str, src_str, output ) == 0 );
|
|
hexify( dst_str, output, 16 );
|
|
|
|
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_aes_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
|
|
void aes_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
|
|
char *hex_src_string, char *hex_dst_string )
|
|
{
|
|
unsigned char key_str[100];
|
|
unsigned char iv_str[100];
|
|
unsigned char src_str[100];
|
|
unsigned char dst_str[100];
|
|
unsigned char output[100];
|
|
mbedtls_aes_context ctx;
|
|
size_t iv_offset = 0;
|
|
int key_len;
|
|
|
|
memset(key_str, 0x00, 100);
|
|
memset(iv_str, 0x00, 100);
|
|
memset(src_str, 0x00, 100);
|
|
memset(dst_str, 0x00, 100);
|
|
memset(output, 0x00, 100);
|
|
mbedtls_aes_init( &ctx );
|
|
|
|
key_len = unhexify( key_str, hex_key_string );
|
|
unhexify( iv_str, hex_iv_string );
|
|
unhexify( src_str, hex_src_string );
|
|
|
|
mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 );
|
|
TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_DECRYPT, 16, &iv_offset, iv_str, src_str, output ) == 0 );
|
|
hexify( dst_str, output, 16 );
|
|
|
|
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_aes_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
|
|
void aes_encrypt_cfb8( char *hex_key_string, char *hex_iv_string,
|
|
char *hex_src_string, char *hex_dst_string )
|
|
{
|
|
unsigned char key_str[100];
|
|
unsigned char iv_str[100];
|
|
unsigned char src_str[100];
|
|
unsigned char dst_str[100];
|
|
unsigned char output[100];
|
|
mbedtls_aes_context ctx;
|
|
int key_len, src_len;
|
|
|
|
memset(key_str, 0x00, 100);
|
|
memset(iv_str, 0x00, 100);
|
|
memset(src_str, 0x00, 100);
|
|
memset(dst_str, 0x00, 100);
|
|
memset(output, 0x00, 100);
|
|
mbedtls_aes_init( &ctx );
|
|
|
|
key_len = unhexify( key_str, hex_key_string );
|
|
unhexify( iv_str, hex_iv_string );
|
|
src_len = unhexify( src_str, hex_src_string );
|
|
|
|
mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 );
|
|
TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_ENCRYPT, src_len, iv_str, src_str, output ) == 0 );
|
|
hexify( dst_str, output, src_len );
|
|
|
|
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_aes_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
|
|
void aes_decrypt_cfb8( char *hex_key_string, char *hex_iv_string,
|
|
char *hex_src_string, char *hex_dst_string )
|
|
{
|
|
unsigned char key_str[100];
|
|
unsigned char iv_str[100];
|
|
unsigned char src_str[100];
|
|
unsigned char dst_str[100];
|
|
unsigned char output[100];
|
|
mbedtls_aes_context ctx;
|
|
int key_len, src_len;
|
|
|
|
memset(key_str, 0x00, 100);
|
|
memset(iv_str, 0x00, 100);
|
|
memset(src_str, 0x00, 100);
|
|
memset(dst_str, 0x00, 100);
|
|
memset(output, 0x00, 100);
|
|
mbedtls_aes_init( &ctx );
|
|
|
|
key_len = unhexify( key_str, hex_key_string );
|
|
unhexify( iv_str, hex_iv_string );
|
|
src_len = unhexify( src_str, hex_src_string );
|
|
|
|
mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 );
|
|
TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_DECRYPT, src_len, iv_str, src_str, output ) == 0 );
|
|
hexify( dst_str, output, src_len );
|
|
|
|
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_aes_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_OFB */
|
|
void aes_encrypt_ofb( int fragment_size, char *hex_key_string,
|
|
char *hex_iv_string, char *hex_src_string,
|
|
char *hex_dst_string )
|
|
{
|
|
unsigned char key_str[32];
|
|
unsigned char iv_str[16];
|
|
unsigned char src_str[64];
|
|
unsigned char dst_str[64];
|
|
unsigned char output[32];
|
|
mbedtls_aes_context ctx;
|
|
size_t iv_offset = 0;
|
|
int in_buffer_len;
|
|
unsigned char* src_str_next;
|
|
int key_len;
|
|
|
|
memset( key_str, 0x00, sizeof( key_str ) );
|
|
memset( iv_str, 0x00, sizeof( iv_str ) );
|
|
memset( src_str, 0x00, sizeof( src_str ) );
|
|
memset( dst_str, 0x00, sizeof( dst_str ) );
|
|
memset( output, 0x00, sizeof( output ) );
|
|
mbedtls_aes_init( &ctx );
|
|
|
|
TEST_ASSERT( strlen( hex_key_string ) <= ( 32 * 2 ) );
|
|
TEST_ASSERT( strlen( hex_iv_string ) <= ( 16 * 2 ) );
|
|
TEST_ASSERT( strlen( hex_src_string ) <= ( 64 * 2 ) );
|
|
TEST_ASSERT( strlen( hex_dst_string ) <= ( 64 * 2 ) );
|
|
|
|
key_len = unhexify( key_str, hex_key_string );
|
|
unhexify( iv_str, hex_iv_string );
|
|
in_buffer_len = unhexify( src_str, hex_src_string );
|
|
|
|
TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 ) == 0 );
|
|
src_str_next = src_str;
|
|
|
|
while( in_buffer_len > 0 )
|
|
{
|
|
TEST_ASSERT( mbedtls_aes_crypt_ofb( &ctx, fragment_size, &iv_offset,
|
|
iv_str, src_str_next, output ) == 0 );
|
|
|
|
hexify( dst_str, output, fragment_size );
|
|
TEST_ASSERT( strncmp( (char *) dst_str, hex_dst_string,
|
|
( 2 * fragment_size ) ) == 0 );
|
|
|
|
in_buffer_len -= fragment_size;
|
|
hex_dst_string += ( fragment_size * 2 );
|
|
src_str_next += fragment_size;
|
|
|
|
if( in_buffer_len < fragment_size )
|
|
fragment_size = in_buffer_len;
|
|
}
|
|
|
|
exit:
|
|
mbedtls_aes_free( &ctx );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
|
|
void aes_selftest()
|
|
{
|
|
TEST_ASSERT( mbedtls_aes_self_test( 1 ) == 0 );
|
|
}
|
|
/* END_CASE */
|