Crypto: extend psa aead tests to excercise unaligned chunks The current test chunk size is 16 bytes which is not enough to validate the capability of handling unaligned AES AEAD operations. Fix this by extending the AEAD testing. Change-Id: I7a8b89fc0112bcc31932a23a295334fb57dc4ec2 Signed-off-by: Amjad Ouled-Ameur <amjad.ouled-ameur@arm.com>

commit: a805382c1242a794af053dc38feb023489bf93c2 [log] [tgz]
author: Amjad Ouled-Ameur <amjad.ouled-ameur@arm.com> Thu Jun 05 11:51:07 2025 +0100
committer: Amjad Ouled-Ameur <amjad.ouled-ameur@arm.com> Fri Jun 06 14:54:34 2025 +0100
tree: 6ed40ba84fed2437adbbbed6eb04b45cf21c3376
parent: 96c110a7a70bdb28bdf0e56dcf791c37fedb20ad [diff]
diff --git a/tests_reg/test/secure_fw/suites/crypto/crypto_tests_common.c b/tests_reg/test/secure_fw/suites/crypto/crypto_tests_common.c
index 1ec66e2..6ffc284 100644
--- a/tests_reg/test/secure_fw/suites/crypto/crypto_tests_common.c
+++ b/tests_reg/test/secure_fw/suites/crypto/crypto_tests_common.c

@@ -15,6 +15,10 @@
 #define PSA_HASH_LENGTH_MAX     64
 #define ECDSA_KEYS_PRIV_SZ_MAX  48
 
+#ifndef ROUND_UP
+#define ROUND_UP(x, bound) ((((x) + bound - 1) / bound) * bound)
+#endif
+
 /* Helper function to convert from string representation to binary */
 static uint8_t char_to_uint8_t(char c)
 {
@@ -1747,6 +1751,7 @@
                    const psa_algorithm_t alg,
                    const uint8_t *key,
                    size_t key_bits,
+                   size_t chunk_size,
                    struct test_result_t *ret)
 {
     psa_aead_operation_t encop = psa_aead_operation_init();
@@ -1963,14 +1968,15 @@
     }
 
     /* Encrypt one chunk of information at a time */
-    for (size_t i = 0; i <= sizeof(plain_text)/BYTE_SIZE_CHUNK; i++) {
-
+    for (size_t i = 0;
+         i < ROUND_UP(sizeof(plain_text), chunk_size) / chunk_size;
+         i++) {
         size_t size_to_encrypt =
-            (sizeof(plain_text) - i*BYTE_SIZE_CHUNK) > BYTE_SIZE_CHUNK ?
-            BYTE_SIZE_CHUNK : (sizeof(plain_text) - i*BYTE_SIZE_CHUNK);
+            (sizeof(plain_text) - i*chunk_size) > chunk_size ?
+            chunk_size : (sizeof(plain_text) - i*chunk_size);
 
         status = psa_aead_update(&encop,
-                                 plain_text + i*BYTE_SIZE_CHUNK,
+                                 plain_text + i*chunk_size,
                                  size_to_encrypt,
                                  encrypted_data + total_encrypted_length,
                                  sizeof(encrypted_data) -
@@ -2007,7 +2013,6 @@
     total_encrypted_length += encrypted_data_length;
 
 #ifdef TFM_CRYPTO_TEST_SINGLE_PART_FUNCS
-    /* Compare tag between single part and multipart case */
     comp_result = memcmp(
                       &encrypted_data_single_shot[total_encrypted_length],
                       tag, tag_length);
@@ -2071,14 +2076,15 @@
     }
 
     /* Decrypt */
-    for (size_t i = 0; i <= total_encrypted_length/BYTE_SIZE_CHUNK; i++) {
-
+    for (size_t i = 0;
+        i < ROUND_UP(total_encrypted_length, chunk_size) / chunk_size;
+        i++) {
         size_t size_to_decrypt =
-            (total_encrypted_length - i*BYTE_SIZE_CHUNK) > BYTE_SIZE_CHUNK ?
-            BYTE_SIZE_CHUNK : (total_encrypted_length - i*BYTE_SIZE_CHUNK);
+            (total_encrypted_length - i*chunk_size) > chunk_size ?
+            chunk_size : (total_encrypted_length - i*chunk_size);
 
         status = psa_aead_update(&decop,
-                                 encrypted_data + i*BYTE_SIZE_CHUNK,
+                                 encrypted_data + i*chunk_size,
                                  size_to_decrypt,
                                  decrypted_data + total_output_length,
                                  sizeof(decrypted_data)

diff --git a/tests_reg/test/secure_fw/suites/crypto/crypto_tests_common.h b/tests_reg/test/secure_fw/suites/crypto/crypto_tests_common.h
index 214cb09..1eecc85 100644
--- a/tests_reg/test/secure_fw/suites/crypto/crypto_tests_common.h
+++ b/tests_reg/test/secure_fw/suites/crypto/crypto_tests_common.h

@@ -201,17 +201,19 @@
 /**
  * \brief Run AEAD tests with different algorithms and key types
  *
- * \param[in]  key_type PSA key type
- * \param[in]  alg      PSA algorithm
- * \param[in]  key      Encryption key
- * \param[in]  key_bits Encryption key size in bits
- * \param[out] ret      Test result
+ * \param[in]  key_type   PSA key type
+ * \param[in]  alg        PSA algorithm
+ * \param[in]  key        Encryption key
+ * \param[in]  key_bits   Encryption key size in bits
+ * \param[in]  chunk_size Chunk size in bytes
+ * \param[out] ret        Test result
  *
  */
 void psa_aead_test(const psa_key_type_t key_type,
                    const psa_algorithm_t alg,
                    const uint8_t *key,
                    size_t key_bits,
+                   size_t chunk_size,
                    struct test_result_t *ret);
 /**
  * \brief Tests invalid key length

diff --git a/tests_reg/test/secure_fw/suites/crypto/non_secure/crypto_ns_interface_testsuite.c b/tests_reg/test/secure_fw/suites/crypto/non_secure/crypto_ns_interface_testsuite.c
index 6c9bed4..ef14da3 100644
--- a/tests_reg/test/secure_fw/suites/crypto/non_secure/crypto_ns_interface_testsuite.c
+++ b/tests_reg/test/secure_fw/suites/crypto/non_secure/crypto_ns_interface_testsuite.c

@@ -423,7 +423,16 @@
 static void tfm_crypto_test_1030(struct test_result_t *ret)
 {
     psa_aead_test(PSA_KEY_TYPE_AES, PSA_ALG_CCM,
-                  test_key_128, BIT_SIZE_TEST_KEY, ret);
+                  test_key_128, BIT_SIZE_TEST_KEY,
+                  BYTE_SIZE_CHUNK, ret);
+
+    psa_aead_test(PSA_KEY_TYPE_AES, PSA_ALG_CCM,
+                test_key_128, BIT_SIZE_TEST_KEY,
+                BYTE_SIZE_CHUNK / 3, ret);
+
+    psa_aead_test(PSA_KEY_TYPE_AES, PSA_ALG_CCM,
+                test_key_128, BIT_SIZE_TEST_KEY,
+                BYTE_SIZE_CHUNK / 4, ret);
 }
 #endif /* TFM_CRYPTO_TEST_ALG_CCM */
 
@@ -431,7 +440,8 @@
 static void tfm_crypto_test_1031(struct test_result_t *ret)
 {
     psa_aead_test(PSA_KEY_TYPE_AES, PSA_ALG_GCM,
-                  test_key_128, BIT_SIZE_TEST_KEY, ret);
+                  test_key_128, BIT_SIZE_TEST_KEY,
+                  BYTE_SIZE_CHUNK, ret);
 }
 #endif /* TFM_CRYPTO_TEST_ALG_GCM */
 
@@ -459,7 +469,16 @@
             PSA_ALG_CCM, TRUNCATED_AUTH_TAG_LEN);
 
     psa_aead_test(PSA_KEY_TYPE_AES, alg,
-                  test_key_128, BIT_SIZE_TEST_KEY, ret);
+                  test_key_128, BIT_SIZE_TEST_KEY,
+                  BYTE_SIZE_CHUNK, ret);
+
+    psa_aead_test(PSA_KEY_TYPE_AES, alg,
+                  test_key_128, BIT_SIZE_TEST_KEY,
+                  BYTE_SIZE_CHUNK / 3, ret);
+
+    psa_aead_test(PSA_KEY_TYPE_AES, alg,
+                  test_key_128, BIT_SIZE_TEST_KEY,
+                  BYTE_SIZE_CHUNK / 4, ret);
 }
 #endif /* TFM_CRYPTO_TEST_ALG_CCM */
 
@@ -577,7 +596,8 @@
 static void tfm_crypto_test_1049(struct test_result_t *ret)
 {
     psa_aead_test(PSA_KEY_TYPE_CHACHA20, PSA_ALG_CHACHA20_POLY1305,
-                  test_key_256, BIT_SIZE_TEST_LONG_KEY, ret);
+                  test_key_256, BIT_SIZE_TEST_LONG_KEY,
+                  BYTE_SIZE_CHUNK, ret);
 }
 
 static void tfm_crypto_test_1052(struct test_result_t *ret)

diff --git a/tests_reg/test/secure_fw/suites/crypto/secure/crypto_sec_interface_testsuite.c b/tests_reg/test/secure_fw/suites/crypto/secure/crypto_sec_interface_testsuite.c
index f9d4c35..93bc5ed 100644
--- a/tests_reg/test/secure_fw/suites/crypto/secure/crypto_sec_interface_testsuite.c
+++ b/tests_reg/test/secure_fw/suites/crypto/secure/crypto_sec_interface_testsuite.c

@@ -420,7 +420,16 @@
 static void tfm_crypto_test_1030(struct test_result_t *ret)
 {
     psa_aead_test(PSA_KEY_TYPE_AES, PSA_ALG_CCM,
-                  test_key_128, BIT_SIZE_TEST_KEY, ret);
+                  test_key_128, BIT_SIZE_TEST_KEY,
+                  BYTE_SIZE_CHUNK, ret);
+
+    psa_aead_test(PSA_KEY_TYPE_AES, PSA_ALG_CCM,
+                test_key_128, BIT_SIZE_TEST_KEY,
+                BYTE_SIZE_CHUNK / 3, ret);
+
+    psa_aead_test(PSA_KEY_TYPE_AES, PSA_ALG_CCM,
+                test_key_128, BIT_SIZE_TEST_KEY,
+                BYTE_SIZE_CHUNK / 4, ret);
 }
 #endif /* TFM_CRYPTO_TEST_ALG_CCM */
 
@@ -428,7 +437,8 @@
 static void tfm_crypto_test_1031(struct test_result_t *ret)
 {
     psa_aead_test(PSA_KEY_TYPE_AES, PSA_ALG_GCM,
-                  test_key_128, BIT_SIZE_TEST_KEY, ret);
+                  test_key_128, BIT_SIZE_TEST_KEY,
+                  BYTE_SIZE_CHUNK, ret);
 }
 #endif /* TFM_CRYPTO_TEST_ALG_GCM */
 
@@ -496,7 +506,16 @@
             PSA_ALG_CCM, TRUNCATED_AUTH_TAG_LEN);
 
     psa_aead_test(PSA_KEY_TYPE_AES, alg,
-                  test_key_128, BIT_SIZE_TEST_KEY, ret);
+                  test_key_128, BIT_SIZE_TEST_KEY,
+                  BYTE_SIZE_CHUNK, ret);
+
+    psa_aead_test(PSA_KEY_TYPE_AES, alg,
+                  test_key_128, BIT_SIZE_TEST_KEY,
+                  BYTE_SIZE_CHUNK / 3, ret);
+
+    psa_aead_test(PSA_KEY_TYPE_AES, alg,
+                  test_key_128, BIT_SIZE_TEST_KEY,
+                  BYTE_SIZE_CHUNK / 4, ret);
 }
 #endif /* TFM_CRYPTO_TEST_ALG_CCM */
 
@@ -615,7 +634,8 @@
 static void tfm_crypto_test_1050(struct test_result_t *ret)
 {
     psa_aead_test(PSA_KEY_TYPE_CHACHA20, PSA_ALG_CHACHA20_POLY1305,
-                  test_key_256, BIT_SIZE_TEST_LONG_KEY, ret);
+                  test_key_256, BIT_SIZE_TEST_LONG_KEY,
+                  BYTE_SIZE_CHUNK, ret);
 }
 
 static void tfm_crypto_test_1052(struct test_result_t *ret)
commit	a805382c1242a794af053dc38feb023489bf93c2	[log] [tgz]
author	Amjad Ouled-Ameur <amjad.ouled-ameur@arm.com>	Thu Jun 05 11:51:07 2025 +0100
committer	Amjad Ouled-Ameur <amjad.ouled-ameur@arm.com>	Fri Jun 06 14:54:34 2025 +0100
tree	6ed40ba84fed2437adbbbed6eb04b45cf21c3376
parent	96c110a7a70bdb28bdf0e56dcf791c37fedb20ad [diff]