Extend CCM corner cases tests.
Add tests for passing incomplete input data in
the first call and too much data in the second call.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data
index c8f6351..169a885 100644
--- a/tests/suites/test_suite_ccm.data
+++ b/tests/suites/test_suite_ccm.data
@@ -1562,6 +1562,10 @@
depends_on:MBEDTLS_AES_C
mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
+CCM encrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
+depends_on:MBEDTLS_AES_C
+mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
+
CCM encrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
@@ -1574,6 +1578,10 @@
depends_on:MBEDTLS_AES_C
mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
+CCM encrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
+depends_on:MBEDTLS_AES_C
+mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
+
CCM decrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
@@ -1586,6 +1594,10 @@
depends_on:MBEDTLS_AES_C
mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
+CCM decrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
+depends_on:MBEDTLS_AES_C
+mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
+
CCM decrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16))
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
@@ -1598,6 +1610,10 @@
depends_on:MBEDTLS_AES_C
mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
+CCM decrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
+depends_on:MBEDTLS_AES_C
+mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
+
CCM* encrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
@@ -1614,6 +1630,10 @@
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
+CCM* encrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
+depends_on:MBEDTLS_AES_C
+mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
+
CCM* encrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
@@ -1622,6 +1642,10 @@
depends_on:MBEDTLS_AES_C
mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
+CCM* encrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
+depends_on:MBEDTLS_AES_C
+mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
+
CCM* decrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
@@ -1634,6 +1658,10 @@
depends_on:MBEDTLS_AES_C
mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
+CCM* decrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
+depends_on:MBEDTLS_AES_C
+mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6"
+
CCM* decrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
@@ -1646,6 +1674,10 @@
depends_on:MBEDTLS_AES_C
mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
+CCM* decrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
+depends_on:MBEDTLS_AES_C
+mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa"
+
CCM encrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)
mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98"
diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function
index 57f13e3..311ccc4 100644
--- a/tests/suites/test_suite_ccm.function
+++ b/tests/suites/test_suite_ccm.function
@@ -591,6 +591,41 @@
}
/* END_CASE */
+/* Provide incomplete auth data on first update_ad.
+ * Provide too much auth data on second update_ad */
+/* BEGIN_CASE */
+void mbedtls_ccm_incomplete_ad_and_overflow( int cipher_id, int mode,
+ data_t * key, data_t * iv,
+ data_t * add )
+{
+ mbedtls_ccm_context ctx;
+
+ /* New auth buffer containing same data as original one,
+ * with added extra byte at the end */
+ uint8_t* add_extended = NULL;
+ ASSERT_ALLOC( add_extended, add->len + 1 );
+ if( add_extended )
+ {
+ memcpy( add_extended, add->x, add->len );
+ add_extended[add->len] = 0xAB; // some magic value
+ }
+
+ mbedtls_ccm_init( &ctx );
+ TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
+ TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
+ // use hardcoded values for msg length and tag length. They are not a part of this test
+ TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 16, 16 ) );
+
+ // pass incomplete auth data
+ TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add_extended, add->len - 1) );
+ // pass 2 extra bytes (1 missing byte from previous incomplete pass, and 1 unexpected byte)
+ TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add_extended + add->len - 1, 2) );
+exit:
+ mbedtls_free( add_extended );
+ mbedtls_ccm_free( &ctx );
+}
+/* END_CASE */
+
/* Provide too much plaintext/ciphertext */
/* BEGIN_CASE */
void mbedtls_ccm_overflow_update( int cipher_id, int mode,
@@ -683,6 +718,48 @@
}
/* END_CASE */
+/* Provide incomplete plaintext/ciphertext of first update
+ * Provide too much plaintext/ciphertext on second update */
+/* BEGIN_CASE */
+void mbedtls_ccm_incomplete_update_overflow( int cipher_id, int mode,
+ data_t * key, data_t * msg, data_t * iv,
+ data_t * add )
+{
+ mbedtls_ccm_context ctx;
+ uint8_t *output = NULL;
+ size_t olen;
+
+ /* New plaintext/ciphertext buffer containing same data as original one,
+ * with added extra byte at the end */
+ uint8_t* msg_extended = NULL;
+ ASSERT_ALLOC( msg_extended, msg->len + 1 );
+ if( msg_extended )
+ {
+ memcpy( msg_extended, msg->x, msg->len );
+ msg_extended[msg->len] = 0xAB; // some magic value
+ }
+
+ mbedtls_ccm_init( &ctx );
+ TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
+ TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
+ // use hardcoded value for tag length. It is a not a part of this test
+ TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len, 16 ) );
+
+ TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
+
+ ASSERT_ALLOC( output, msg->len + 1 );
+ // pass incomplete text
+ TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg_extended, msg->len - 1, output, msg->len + 1, &olen ) );
+ // pass 2 extra bytes (1 missing byte from previous incomplete pass, and 1 unexpected byte)
+ TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, \
+ mbedtls_ccm_update( &ctx, msg_extended + msg->len - 1, 2, output + msg->len - 1, 2, &olen ) );
+exit:
+ mbedtls_free( msg_extended );
+ mbedtls_free( output );
+ mbedtls_ccm_free( &ctx );
+}
+/* END_CASE */
+
/* Finish without passing any auth data or plaintext/ciphertext input */
/* BEGIN_CASE */
void mbedtls_ccm_instant_finish( int cipher_id, int mode,