commit 9d566212b3cee7ea362515ccce573c64aaa54fbe
author Olivier Masse <olivier.masse@nxp.com> Tue Jan 30 09:18:34 2024 +0100
committer Jérôme Forissier <jerome@forissier.org> Fri Feb 02 10:09:57 2024 +0100
tree 5aa3f2dd38f5bf91ee7181983009fde7825a549b
parent 2e1e7a9c9d659585566a75fc8802f4758c42bcb2

regression 4005: Add GCM counter overflow test vectors

Add all counter wrap test vectors from google/wycheproof repo [1]
to the xtest regression 4005 test suite.

To create a link between xtest and wycheproof test cases,
tcId is printed as an extra information in the result log.

Link: [1] https://github.com/google/wycheproof/blob/master/testvectors_v1/aes_gcm_test.json

Signed-off-by: Olivier Masse <olivier.masse@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

scripts/aes_gcm_test.py

diff --git a/scripts/aes_gcm_test.py b/scripts/aes_gcm_test.py
new file mode 100644
index 0000000..1c13e0d
--- /dev/null
+++ b/scripts/aes_gcm_test.py
@@ -0,0 +1,80 @@
+# importing the module
+import json
+
+modes = {'encrypt': 0, 'decrypt': 1}
+
+
+def to_compound_str(name, val):
+    assert len(val) % 2 == 0, "Only even sized values supported"
+    if len(val) > 0:
+        import re
+        a = re.findall('..', val)
+        b = name + " = (const uint8_t []){ "
+        for s in a:
+            b += "0x" + s + ", "
+        b += "},\n\t" + name + "_len = " + repr((int)(len(val) / 2)) + ","
+    else:
+        b = name + " = NULL,\n\t" + name + "_len = 0,"
+    return b
+
+
+def generate_case(outf, tv, mode):
+    outf.write('{\n\t.algo = TEE_ALG_AES_GCM, .mode = ' + mode +
+               ', .key_type = TEE_TYPE_AES,\n')
+    outf.write('\t' + to_compound_str('.key', tv['key']) + '\n')
+    outf.write('\t' + to_compound_str('.nonce', tv['iv']) + '\n')
+    outf.write('\t.aad_incr = 0,\n')
+    outf.write('\t' + to_compound_str('.aad', tv['aad']) + '\n')
+    outf.write('\t.in_incr = 0,\n')
+    outf.write('\t' + to_compound_str('.ptx', tv['msg']) + '\n')
+    outf.write('\t' + to_compound_str('.ctx', tv['ct']) + '\n')
+    outf.write('\t' + to_compound_str('.tag', tv['tag']) + '\n')
+    outf.write('\t.line = __LINE__,\n')
+    outf.write('\t.id = ' + repr(tv['tcId']) + '\n},\n')
+
+
+def get_args():
+    import argparse
+
+    parser = argparse.ArgumentParser()
+
+    parser.add_argument('--inf', required=True,
+                        type=argparse.FileType('r'),
+                        help='Name of input json file')
+
+    parser.add_argument('--outf', required=True,
+                        type=argparse.FileType('w'),
+                        help='Name of output C file')
+
+    parser.add_argument('--mode', required=True, choices=modes.keys(),
+                        help='mode: encrypt or decrypt')
+
+    return parser.parse_args()
+
+
+# Convert google/wycheproof AES GCM test vectors to xtest AE test cases
+def main():
+    args = get_args()
+    inf = args.inf
+    outf = args.outf
+
+    outf.write("/* SPDX-License-Identifier: Apache-2.0 */\n")
+    outf.write("/*\n")
+    outf.write(" * Copyright 2024 NXP\n")
+    outf.write(" */\n\n")
+
+    if args.mode == "encrypt":
+        mode = "TEE_MODE_ENCRYPT"
+    else:
+        mode = "TEE_MODE_DECRYPT"
+
+    data = json.load(inf)
+
+    for tg in data['testGroups']:
+        for tv in tg['tests']:
+            if tv['result'] == 'valid' and 'CounterWrap' in tv['flags']:
+                generate_case(outf, tv, mode)
+
+
+if __name__ == "__main__":
+    main()