Add what little was missing to fully support DES
Also add what was missing in the test suite to support block ciphers
with a block size that isn't 16.
Fix some buggy test data that passed only due to problems with DES
support in the product.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index adcadf3..a610af3 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1102,10 +1102,17 @@
cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
break;
case PSA_KEY_TYPE_DES:
+ /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES,
+ * and 192 for three-key Triple-DES. */
if( key_bits == 64 )
cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
else
cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
+ /* mbedtls doesn't recognize two-key Triple-DES as an algorithm,
+ * but two-key Triple-DES is functionally three-key Triple-DES
+ * with K1=K3, so that's how we present it to mbedtls. */
+ if( key_bits == 128 )
+ key_bits = 192;
break;
case PSA_KEY_TYPE_CAMELLIA:
cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
@@ -1975,8 +1982,24 @@
return( mbedtls_to_psa_error( ret ) );
}
- ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data,
- key_bits, cipher_operation );
+#if defined(MBEDTLS_DES_C)
+ if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 )
+ {
+ /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
+ unsigned char keys[24];
+ memcpy( keys, slot->data.raw.data, 16 );
+ memcpy( keys + 16, slot->data.raw.data, 8 );
+ ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
+ keys,
+ 192, cipher_operation );
+ }
+ else
+#endif
+ {
+ ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
+ slot->data.raw.data,
+ key_bits, cipher_operation );
+ }
if( ret != 0 )
{
psa_cipher_abort( operation );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 94fb181..9ed9cf5 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -178,10 +178,10 @@
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
-PSA MAC setup: incompatible key DES for CMAC
-depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C
+PSA MAC setup: incompatible key HMAC for CMAC
+depends_on:MBEDTLS_CMAC_C
# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
-mac_setup:PSA_KEY_TYPE_DES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
PSA MAC verify: HMAC-SHA-256
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
@@ -333,6 +333,18 @@
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS
+
+PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS
+
+PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS
+
PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
@@ -357,6 +369,18 @@
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
+PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS
+
PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
@@ -600,11 +624,11 @@
PSA generate key: DES, 128 bits, CBC-nopad
depends_on:MBEDTLS_DES_C
-generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
PSA generate key: DES, 192 bits, CBC-nopad
depends_on:MBEDTLS_DES_C
-generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
PSA generate key: invalid key size: AES, 64 bits
depends_on:MBEDTLS_AES_C
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 84cb69a..c641382 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -800,6 +800,7 @@
psa_algorithm_t alg = alg_arg;
psa_status_t expected_status = expected_status_arg;
unsigned char iv[16] = {0};
+ size_t iv_size;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
size_t function_output_length = 0;
@@ -813,7 +814,8 @@
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
- memset( iv, 0x2a, sizeof( iv ) );
+ iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+ memset( iv, 0x2a, iv_size );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -824,7 +826,7 @@
key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_set_iv( &operation,
- iv, sizeof( iv ) ) == PSA_SUCCESS );
+ iv, iv_size ) == PSA_SUCCESS );
output_buffer_size = input->len + operation.block_size;
output = mbedtls_calloc( 1, output_buffer_size );
TEST_ASSERT( output != NULL );
@@ -867,6 +869,7 @@
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
unsigned char iv[16] = {0};
+ size_t iv_size;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
size_t function_output_length = 0;
@@ -880,7 +883,8 @@
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
- memset( iv, 0x2a, sizeof( iv ) );
+ iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+ memset( iv, 0x2a, iv_size );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -937,6 +941,7 @@
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
unsigned char iv[16] = {0};
+ size_t iv_size;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
size_t function_output_length = 0;
@@ -950,7 +955,8 @@
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
- memset( iv, 0x2a, sizeof( iv ) );
+ iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+ memset( iv, 0x2a, iv_size );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -1009,6 +1015,7 @@
psa_algorithm_t alg = alg_arg;
psa_status_t expected_status = expected_status_arg;
unsigned char iv[16] = {0};
+ size_t iv_size;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
size_t function_output_length = 0;
@@ -1022,7 +1029,8 @@
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
- memset( iv, 0x2a, sizeof( iv ) );
+ iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+ memset( iv, 0x2a, iv_size );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -1033,7 +1041,7 @@
key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_set_iv( &operation,
- iv, sizeof( iv ) ) == PSA_SUCCESS );
+ iv, iv_size ) == PSA_SUCCESS );
output_buffer_size = input->len + operation.block_size;
output = mbedtls_calloc( 1, output_buffer_size );