TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 133740b74e0cbdb078c1194bf7271e413d645bf7 / . / tests / suites / test_suite_ccm.function
blob: e48b1f990a315c6b9689b147de0391c5ce9f0633 [file] [log] [blame]
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/ccm.h"
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]3
4/* Use the multipart interface to process the encrypted data in two parts
5 * and check that the output matches the expected output.
6 * The context must have been set up with the key. */
7static int check_multipart( mbedtls_ccm_context *ctx,
8 int mode,
9 const data_t *iv,
10 const data_t *add,
11 const data_t *input,
12 const data_t *expected_output,
13 const data_t *tag,
14 size_t n1,
15 size_t n1_add)
16{
17 int ok = 0;
18 uint8_t *output = NULL;
19 size_t n2 = input->len - n1;
20 size_t n2_add = add->len - n1_add;
21 size_t olen;
22
23 /* Sanity checks on the test data */
24 TEST_ASSERT( n1 <= input->len );
25 TEST_ASSERT( n1_add <= add->len );
26 TEST_EQUAL( input->len, expected_output->len );
27 TEST_EQUAL( 0, mbedtls_ccm_starts( ctx, mode, iv->x, iv->len ) );
28 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( ctx, add->len, input->len, tag->len ) );
29 TEST_EQUAL( 0, mbedtls_ccm_update_ad( ctx, add->x, n1_add) );
30 TEST_EQUAL( 0, mbedtls_ccm_update_ad( ctx, add->x + n1_add, n2_add ) );
31
32 /* Allocate a tight buffer for each update call. This way, if the function
33 * tries to write beyond the advertised required buffer size, this will
34 * count as an overflow for memory sanitizers and static checkers. */
35 ASSERT_ALLOC( output, n1 );
36 olen = 0xdeadbeef;
37 TEST_EQUAL( 0, mbedtls_ccm_update( ctx, input->x, n1, output, n1, &olen ) );
38 TEST_EQUAL( n1, olen );
39 ASSERT_COMPARE( output, olen, expected_output->x, n1 );
40 mbedtls_free( output );
41 output = NULL;
42
43 ASSERT_ALLOC( output, n2 );
44 olen = 0xdeadbeef;
45 TEST_EQUAL( 0, mbedtls_ccm_update( ctx, input->x + n1, n2, output, n2, &olen ) );
46 TEST_EQUAL( n2, olen );
47 ASSERT_COMPARE( output, olen, expected_output->x + n1, n2 );
48 mbedtls_free( output );
49 output = NULL;
50
Mateusz Starzykc8bdf362021-07-28 15:39:51 +0200[diff] [blame]51 ASSERT_ALLOC( output, tag->len );
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]52 TEST_EQUAL( 0, mbedtls_ccm_finish( ctx, output, tag->len ) );
53 ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
54 mbedtls_free( output );
55 output = NULL;
56
57 ok = 1;
58exit:
59 mbedtls_free( output );
60 return( ok );
61}
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]62/* END_HEADER */
63
64/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]65 * depends_on:MBEDTLS_CCM_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]66 * END_DEPENDENCIES
67 */
68
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]69/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]70void mbedtls_ccm_self_test( )
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]71{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]72 TEST_ASSERT( mbedtls_ccm_self_test( 1 ) == 0 );
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]73}
74/* END_CASE */
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]75
76/* BEGIN_CASE */
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]77void mbedtls_ccm_setkey( int cipher_id, int key_size, int result )
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]78{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]79 mbedtls_ccm_context ctx;
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]80 unsigned char key[32];
81 int ret;
82
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]83 mbedtls_ccm_init( &ctx );
84
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]85 memset( key, 0x2A, sizeof( key ) );
86 TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) );
87
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]88 ret = mbedtls_ccm_setkey( &ctx, cipher_id, key, key_size );
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]89 TEST_ASSERT( ret == result );
90
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]91exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]92 mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]93}
94/* END_CASE */
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]95
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]96/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]97void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res )
98{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]99 mbedtls_ccm_context ctx;
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]100 unsigned char key[16];
101 unsigned char msg[10];
102 unsigned char iv[14];
Dave Rodgman2e680342020-10-15 14:00:40 +0100[diff] [blame]103 unsigned char *add = NULL;
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]104 unsigned char out[10];
105 unsigned char tag[18];
106 int decrypt_ret;
107
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]108 mbedtls_ccm_init( &ctx );
109
Dave Rodgman2e680342020-10-15 14:00:40 +0100[diff] [blame]110 ASSERT_ALLOC_WEAK( add, add_len );
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]111 memset( key, 0, sizeof( key ) );
112 memset( msg, 0, sizeof( msg ) );
113 memset( iv, 0, sizeof( iv ) );
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]114 memset( out, 0, sizeof( out ) );
115 memset( tag, 0, sizeof( tag ) );
116
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]117 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]118 key, 8 * sizeof( key ) ) == 0 );
119
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]120 TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]121 msg, out, tag, tag_len ) == res );
122
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]123 decrypt_ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len,
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]124 msg, out, tag, tag_len );
125
126 if( res == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]127 TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]128 else
129 TEST_ASSERT( decrypt_ret == res );
130
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]131exit:
Dave Rodgman2e680342020-10-15 14:00:40 +0100[diff] [blame]132 mbedtls_free( add );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]133 mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]134}
135/* END_CASE */
136
Janos Follath95ab93d2018-05-14 14:32:41 +0100[diff] [blame]137/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
138void ccm_star_lengths( int msg_len, int iv_len, int add_len, int tag_len,
139 int res )
140{
141 mbedtls_ccm_context ctx;
142 unsigned char key[16];
143 unsigned char msg[10];
144 unsigned char iv[14];
145 unsigned char add[10];
146 unsigned char out[10];
147 unsigned char tag[18];
148 int decrypt_ret;
149
150 mbedtls_ccm_init( &ctx );
151
152 memset( key, 0, sizeof( key ) );
153 memset( msg, 0, sizeof( msg ) );
154 memset( iv, 0, sizeof( iv ) );
155 memset( add, 0, sizeof( add ) );
156 memset( out, 0, sizeof( out ) );
157 memset( tag, 0, sizeof( tag ) );
158
159 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
160 key, 8 * sizeof( key ) ) == 0 );
161
162 TEST_ASSERT( mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len,
163 add, add_len, msg, out, tag, tag_len ) == res );
164
165 decrypt_ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len, add,
166 add_len, msg, out, tag, tag_len );
167
168 if( res == 0 && tag_len != 0 )
169 TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
170 else
171 TEST_ASSERT( decrypt_ret == res );
172
173exit:
174 mbedtls_ccm_free( &ctx );
175}
176/* END_CASE */
177
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]178/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]179void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key,
180 data_t * msg, data_t * iv,
181 data_t * add, data_t * result )
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]182{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]183 mbedtls_ccm_context ctx;
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]184 size_t n1, n1_add;
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]185 uint8_t* io_msg_buf = NULL;
186 uint8_t* tag_buf = NULL;
187 const size_t expected_tag_len = result->len - msg->len;
188 const uint8_t* expected_tag = result->x + msg->len;
189
190 /* Prepare input/output message buffer */
191 ASSERT_ALLOC( io_msg_buf, msg->len );
192 if( msg->len != 0 )
193 memcpy( io_msg_buf, msg->x, msg->len );
194
195 /* Prepare tag buffer */
196 ASSERT_ALLOC( tag_buf, expected_tag_len );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]197
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]198 mbedtls_ccm_init( &ctx );
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]199 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200[diff] [blame]200 /* Test with input == output */
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]201 TEST_EQUAL( mbedtls_ccm_encrypt_and_tag( &ctx, msg->len, iv->x, iv->len, add->x, add->len,
202 io_msg_buf, io_msg_buf, tag_buf, expected_tag_len ), 0);
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]203
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]204 ASSERT_COMPARE( io_msg_buf, msg->len, result->x, msg->len );
205 ASSERT_COMPARE( tag_buf, expected_tag_len, expected_tag, expected_tag_len );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]206
Mateusz Starzykceb5bc62021-07-30 14:36:22 +0200[diff] [blame]207 /* Prepare data_t structures for multipart testing */
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]208 const data_t encrypted_expected = { .x = result->x,
209 .len = msg->len };
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]210 const data_t tag_expected = { .x = (uint8_t*) expected_tag, /* cast to conform with data_t x type */
211 .len = expected_tag_len };
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]212
213 for( n1 = 0; n1 <= msg->len; n1 += 1 )
214 {
215 for( n1_add = 0; n1_add <= add->len; n1_add += 1 )
216 {
217 mbedtls_test_set_step( n1 * 10000 + n1_add );
218 if( !check_multipart( &ctx, MBEDTLS_CCM_ENCRYPT,
219 iv, add, msg,
220 &encrypted_expected,
221 &tag_expected,
222 n1, n1_add ) )
223 goto exit;
224 }
225 }
226
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]227exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]228 mbedtls_ccm_free( &ctx );
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]229 mbedtls_free( io_msg_buf );
230 mbedtls_free( tag_buf );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]231}
232/* END_CASE */
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]233
234/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]235void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key,
236 data_t * msg, data_t * iv,
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]237 data_t * add, int expected_tag_len, int result,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]238 data_t * expected_msg )
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]239{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]240 mbedtls_ccm_context ctx;
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]241 size_t n1, n1_add;
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]242
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]243 const size_t expected_msg_len = msg->len - expected_tag_len;
244 const uint8_t* expected_tag = msg->x + expected_msg_len;
245
246 /* Prepare input/output message buffer */
247 uint8_t* io_msg_buf = NULL;
248 ASSERT_ALLOC( io_msg_buf, expected_msg_len );
249 if( expected_msg_len )
250 memcpy( io_msg_buf, msg->x, expected_msg_len );
251
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]252 mbedtls_ccm_init( &ctx );
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]253 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200[diff] [blame]254 /* Test with input == output */
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]255 TEST_EQUAL( mbedtls_ccm_auth_decrypt( &ctx, expected_msg_len, iv->x, iv->len, add->x, add->len,
256 io_msg_buf, io_msg_buf, expected_tag, expected_tag_len ), result );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]257
Mohammad Azim Khancfd83422018-06-26 18:15:18 +0100[diff] [blame]258 if( result == 0 )
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]259 {
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]260 ASSERT_COMPARE( io_msg_buf, expected_msg_len, expected_msg->x, expected_msg_len );
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]261
Mateusz Starzykceb5bc62021-07-30 14:36:22 +0200[diff] [blame]262 /* Prepare data_t structures for multipart testing */
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]263 const data_t encrypted = { .x = msg->x,
264 .len = expected_msg_len };
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]265
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]266 const data_t tag_expected = { .x = (uint8_t*) expected_tag,
267 .len = expected_tag_len };
268
269 for( n1 = 0; n1 <= expected_msg_len; n1 += 1 )
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]270 {
271 for( n1_add = 0; n1_add <= add->len; n1_add += 1 )
272 {
273 mbedtls_test_set_step( n1 * 10000 + n1_add );
274 if( !check_multipart( &ctx, MBEDTLS_CCM_DECRYPT,
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]275 iv, add, &encrypted,
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]276 expected_msg,
277 &tag_expected,
278 n1, n1_add ) )
279 goto exit;
280 }
281 }
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]282 }
283 else
284 {
285 size_t i;
286
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]287 for( i = 0; i < expected_msg_len; i++ )
288 TEST_EQUAL( io_msg_buf[i], 0 );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]289 }
290
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]291exit:
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]292 mbedtls_free(io_msg_buf);
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]293 mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]294}
295/* END_CASE */
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]296
297/* BEGIN_CASE */
298void mbedtls_ccm_star_encrypt_and_tag( int cipher_id,
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]299 data_t *key, data_t *msg,
300 data_t *source_address, data_t *frame_counter,
301 int sec_level, data_t *add,
302 data_t *expected_result, int output_ret )
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]303{
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]304 unsigned char iv[13];
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]305 mbedtls_ccm_context ctx;
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]306 size_t iv_len, expected_tag_len;
Mateusz Starzyk29ec75b2021-07-13 12:26:17 +0200[diff] [blame]307 size_t n1, n1_add;
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]308 uint8_t* io_msg_buf = NULL;
309 uint8_t* tag_buf = NULL;
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]310
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]311 const uint8_t* expected_tag = expected_result->x + msg->len;
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]312
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]313 /* Calculate tag length */
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]314 if( sec_level % 4 == 0)
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]315 expected_tag_len = 0;
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]316 else
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]317 expected_tag_len = 1 << ( sec_level % 4 + 1);
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]318
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]319 /* Prepare input/output message buffer */
320 ASSERT_ALLOC( io_msg_buf, msg->len );
321 if( msg->len )
322 memcpy( io_msg_buf, msg->x, msg->len );
323
324 /* Prepare tag buffer */
325 if( expected_tag_len == 0 )
326 ASSERT_ALLOC( tag_buf, 16 );
327 else
328 ASSERT_ALLOC( tag_buf, expected_tag_len );
329
330 /* Calculate iv */
Gilles Peskineb168c0d2021-02-09 12:00:13 +0100[diff] [blame]331 TEST_ASSERT( source_address->len == 8 );
332 TEST_ASSERT( frame_counter->len == 4 );
333 memcpy( iv, source_address->x, source_address->len );
334 memcpy( iv + source_address->len, frame_counter->x, frame_counter->len );
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]335 iv[source_address->len + frame_counter->len] = sec_level;
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]336 iv_len = sizeof( iv );
337
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]338 mbedtls_ccm_init( &ctx );
339 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id,
340 key->x, key->len * 8 ), 0 );
341 /* Test with input == output */
342 TEST_EQUAL( mbedtls_ccm_star_encrypt_and_tag( &ctx, msg->len, iv, iv_len,
343 add->x, add->len, io_msg_buf,
344 io_msg_buf, tag_buf, expected_tag_len), output_ret );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]345
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]346 ASSERT_COMPARE( io_msg_buf, msg->len, expected_result->x, msg->len );
347 ASSERT_COMPARE( tag_buf, expected_tag_len, expected_tag, expected_tag_len );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]348
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]349 if( output_ret == 0 )
Mateusz Starzyk29ec75b2021-07-13 12:26:17 +0200[diff] [blame]350 {
351 const data_t iv_data = { .x = iv,
352 .len = iv_len };
353
354 const data_t encrypted_expected = { .x = expected_result->x,
355 .len = msg->len };
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]356 const data_t tag_expected = { .x = (uint8_t*)expected_tag,
357 .len = expected_tag_len };
Mateusz Starzyk29ec75b2021-07-13 12:26:17 +0200[diff] [blame]358
359 for( n1 = 0; n1 <= msg->len; n1 += 1 )
360 {
361 for( n1_add = 0; n1_add <= add->len; n1_add += 1 )
362 {
363 mbedtls_test_set_step( n1 * 10000 + n1_add );
364 if( !check_multipart( &ctx, MBEDTLS_CCM_STAR_ENCRYPT,
365 &iv_data, add, msg,
366 &encrypted_expected,
367 &tag_expected,
368 n1, n1_add ) )
369 goto exit;
370 }
371 }
372 }
373
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]374exit:
375 mbedtls_ccm_free( &ctx );
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]376 mbedtls_free( io_msg_buf );
377 mbedtls_free( tag_buf );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]378}
379/* END_CASE */
380
381/* BEGIN_CASE */
382void mbedtls_ccm_star_auth_decrypt( int cipher_id,
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]383 data_t *key, data_t *msg,
384 data_t *source_address, data_t *frame_counter,
385 int sec_level, data_t *add,
386 data_t *expected_result, int output_ret )
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]387{
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]388 unsigned char iv[13];
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]389 mbedtls_ccm_context ctx;
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]390 size_t iv_len, expected_tag_len;
Mateusz Starzyk29ec75b2021-07-13 12:26:17 +0200[diff] [blame]391 size_t n1, n1_add;
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]392
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]393 /* Calculate tag length */
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]394 if( sec_level % 4 == 0)
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]395 expected_tag_len = 0;
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]396 else
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]397 expected_tag_len = 1 << ( sec_level % 4 + 1);
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]398
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]399 const size_t expected_msg_len = msg->len - expected_tag_len;
400 const uint8_t* expected_tag = msg->x + expected_msg_len;
401
402 /* Prepare input/output message buffer */
403 uint8_t* io_msg_buf = NULL;
404 ASSERT_ALLOC( io_msg_buf, expected_msg_len );
405 if( expected_msg_len )
406 memcpy( io_msg_buf, msg->x, expected_msg_len );
407
408 /* Calculate iv */
409 memset( iv, 0x00, sizeof( iv ) );
Gilles Peskineb168c0d2021-02-09 12:00:13 +0100[diff] [blame]410 TEST_ASSERT( source_address->len == 8 );
411 TEST_ASSERT( frame_counter->len == 4 );
412 memcpy( iv, source_address->x, source_address->len );
413 memcpy( iv + source_address->len, frame_counter->x, frame_counter->len );
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]414 iv[source_address->len + frame_counter->len] = sec_level;
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]415 iv_len = sizeof( iv );
416
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]417 mbedtls_ccm_init( &ctx );
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]418 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]419 /* Test with input == output */
420 TEST_EQUAL( mbedtls_ccm_star_auth_decrypt( &ctx, expected_msg_len, iv, iv_len,
421 add->x, add->len, io_msg_buf, io_msg_buf,
422 expected_tag, expected_tag_len ), output_ret );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]423
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]424 ASSERT_COMPARE( io_msg_buf, expected_msg_len, expected_result->x, expected_msg_len );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]425
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]426 if( output_ret == 0 )
Mateusz Starzyk29ec75b2021-07-13 12:26:17 +0200[diff] [blame]427 {
Mateusz Starzyk29ec75b2021-07-13 12:26:17 +0200[diff] [blame]428 const data_t iv_data = { .x = iv,
429 .len = iv_len };
430
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]431 const data_t encrypted = { .x = msg->x,
432 .len = expected_msg_len} ;
Mateusz Starzyk29ec75b2021-07-13 12:26:17 +0200[diff] [blame]433
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]434 const data_t tag_expected = { .x = (uint8_t*) expected_tag,
435 .len = expected_tag_len };
436
437 for( n1 = 0; n1 <= expected_msg_len; n1 += 1 )
Mateusz Starzyk29ec75b2021-07-13 12:26:17 +0200[diff] [blame]438 {
439 for( n1_add = 0; n1_add <= add->len; n1_add += 1 )
440 {
441 mbedtls_test_set_step( n1 * 10000 + n1_add );
442 if( !check_multipart( &ctx, MBEDTLS_CCM_STAR_DECRYPT,
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]443 &iv_data, add, &encrypted,
Mateusz Starzyk29ec75b2021-07-13 12:26:17 +0200[diff] [blame]444 expected_result,
445 &tag_expected,
446 n1, n1_add ) )
447 goto exit;
448 }
449 }
450 }
451
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]452exit:
453 mbedtls_ccm_free( &ctx );
Mateusz Starzyk27a1bef2021-07-13 15:33:19 +0200[diff] [blame]454 mbedtls_free( io_msg_buf );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]455}
456/* END_CASE */
Mateusz Starzyk87889062021-07-29 14:08:18 +0200[diff] [blame]457
Mateusz Starzyk8fb17542021-08-10 13:45:19 +0200[diff] [blame]458/* Skip auth data, provide full text */
Mateusz Starzyk87889062021-07-29 14:08:18 +0200[diff] [blame]459/* BEGIN_CASE */
Mateusz Starzykbccbf882021-08-09 16:12:46 +0200[diff] [blame]460void mbedtls_ccm_skip_ad( int cipher_id, int mode,
Mateusz Starzyk87889062021-07-29 14:08:18 +0200[diff] [blame]461 data_t * key, data_t * msg, data_t * iv,
462 data_t * result, data_t * tag )
463{
464 mbedtls_ccm_context ctx;
465 uint8_t *output = NULL;
466 size_t olen;
467
468 /* Sanity checks on the test data */
469 TEST_EQUAL( msg->len, result->len );
470
471 mbedtls_ccm_init( &ctx );
472 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
473 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
474 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, 0, msg->len, tag->len ) );
475
476 ASSERT_ALLOC( output, result->len );
477 olen = 0xdeadbeef;
478 TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg->x, msg->len, output, result->len, &olen ) );
479 TEST_EQUAL( result->len, olen );
480 ASSERT_COMPARE( output, olen, result->x, result->len );
481 mbedtls_free( output );
482 output = NULL;
483
484 ASSERT_ALLOC( output, tag->len );
485 TEST_EQUAL( 0, mbedtls_ccm_finish( &ctx, output, tag->len ) );
486 ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
487 mbedtls_free( output );
488 output = NULL;
489
490exit:
491 mbedtls_free( output );
492 mbedtls_ccm_free( &ctx );
493}
494/* END_CASE */
495
Mateusz Starzyk8fb17542021-08-10 13:45:19 +0200[diff] [blame]496/* Provide auth data, skip full text */
Mateusz Starzyk87889062021-07-29 14:08:18 +0200[diff] [blame]497/* BEGIN_CASE */
Mateusz Starzykbccbf882021-08-09 16:12:46 +0200[diff] [blame]498void mbedtls_ccm_skip_update( int cipher_id, int mode,
Mateusz Starzyk87889062021-07-29 14:08:18 +0200[diff] [blame]499 data_t * key, data_t * iv, data_t* add,
500 data_t * tag )
501{
502 mbedtls_ccm_context ctx;
503 uint8_t *output = NULL;
504
505 mbedtls_ccm_init( &ctx );
506 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
507 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
508 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 0, tag->len ) );
509
510 TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
511
512 ASSERT_ALLOC( output, tag->len );
513 TEST_EQUAL( 0, mbedtls_ccm_finish( &ctx, output, tag->len ) );
514 ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
515 mbedtls_free( output );
516 output = NULL;
517
518exit:
519 mbedtls_free( output );
520 mbedtls_ccm_free( &ctx );
521}
522/* END_CASE */
523
Mateusz Starzyk8fb17542021-08-10 13:45:19 +0200[diff] [blame]524/* Provide too much auth data */
Mateusz Starzyk87889062021-07-29 14:08:18 +0200[diff] [blame]525/* BEGIN_CASE */
Mateusz Starzykbccbf882021-08-09 16:12:46 +0200[diff] [blame]526void mbedtls_ccm_overflow_ad( int cipher_id, int mode,
Mateusz Starzyk87889062021-07-29 14:08:18 +0200[diff] [blame]527 data_t * key, data_t * iv,
528 data_t * add )
529{
530 mbedtls_ccm_context ctx;
531
532 mbedtls_ccm_init( &ctx );
533 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
534 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
535 // use hardcoded values for msg length and tag length. They are not a part of this test
Mateusz Starzyk3050f052021-09-02 12:38:51 +0200[diff] [blame]536 // subtract 1 from configured auth data length to provoke an overflow
537 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len - 1, 16, 16 ) );
Mateusz Starzyk87889062021-07-29 14:08:18 +0200[diff] [blame]538
539 TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
540exit:
541 mbedtls_ccm_free( &ctx );
542}
543/* END_CASE */
544
Mateusz Starzyk83e4c122021-09-03 14:07:21 +0200[diff] [blame]545/* Provide unexpected auth data */
546/* BEGIN_CASE */
547void mbedtls_ccm_unexpected_ad( int cipher_id, int mode,
548 data_t * key, data_t * iv,
549 data_t * add )
550{
551 mbedtls_ccm_context ctx;
552
553 mbedtls_ccm_init( &ctx );
554 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
555 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
556 // use hardcoded values for msg length and tag length. They are not a part of this test
557 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, 0, 16, 16 ) );
558
559 TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
560exit:
561 mbedtls_ccm_free( &ctx );
562}
563/* END_CASE */
564
565/* Provide unexpected plaintext/ciphertext data */
566/* BEGIN_CASE */
567void mbedtls_ccm_unexpected_text( int cipher_id, int mode,
568 data_t * key, data_t * msg, data_t * iv,
569 data_t * add )
570{
571 mbedtls_ccm_context ctx;
572 uint8_t *output = NULL;
573 size_t olen;
574
575 mbedtls_ccm_init( &ctx );
576 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
577 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
578 // use hardcoded value for tag length. It is not a part of this test
579 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 0, 16 ) );
580
581 TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
582
583 ASSERT_ALLOC( output, msg->len );
584 olen = 0xdeadbeef;
585 TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update( &ctx, msg->x, msg->len, output, msg->len, &olen ) );
586exit:
587 mbedtls_free( output );
588 mbedtls_ccm_free( &ctx );
589}
590/* END_CASE */
591
Mateusz Starzyk8fb17542021-08-10 13:45:19 +0200[diff] [blame]592/* Provide incomplete auth data and finish */
Mateusz Starzyk87889062021-07-29 14:08:18 +0200[diff] [blame]593/* BEGIN_CASE */
Mateusz Starzykf442de62021-08-10 13:36:43 +0200[diff] [blame]594void mbedtls_ccm_incomplete_ad( int cipher_id, int mode,
595 data_t * key, data_t * iv, data_t* add )
596{
597 mbedtls_ccm_context ctx;
598 uint8_t *output = NULL;
599
600 mbedtls_ccm_init( &ctx );
601 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
602 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
603 // use hardcoded values for msg length and tag length. They are not a part of this test
604 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 0, 16 ) );
605
Mateusz Starzyk3050f052021-09-02 12:38:51 +0200[diff] [blame]606 TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len - 1) );
Mateusz Starzykf442de62021-08-10 13:36:43 +0200[diff] [blame]607
608 ASSERT_ALLOC( output, 16 );
Mateusz Starzyk7251eda2021-09-01 13:26:44 +0200[diff] [blame]609 TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_finish( &ctx, output, 16 ) );
Mateusz Starzykf442de62021-08-10 13:36:43 +0200[diff] [blame]610
611exit:
612 mbedtls_free( output );
613 mbedtls_ccm_free( &ctx );
614}
615/* END_CASE */
616
Mateusz Starzyk8fb17542021-08-10 13:45:19 +0200[diff] [blame]617/* Provide complete auth data on first update_ad.
618 * Provide unexpected auth data on second update_ad */
Mateusz Starzykf442de62021-08-10 13:36:43 +0200[diff] [blame]619/* BEGIN_CASE */
620void mbedtls_ccm_full_ad_and_overflow( int cipher_id, int mode,
621 data_t * key, data_t * iv,
622 data_t * add )
623{
624 mbedtls_ccm_context ctx;
625
626 mbedtls_ccm_init( &ctx );
627 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
628 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
629 // use hardcoded values for msg length and tag length. They are not a part of this test
630 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 16, 16 ) );
631
632 // pass full auth data
633 TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
634 // pass 1 extra byte
Mateusz Starzyk7251eda2021-09-01 13:26:44 +0200[diff] [blame]635 TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add->x, 1) );
Mateusz Starzykf442de62021-08-10 13:36:43 +0200[diff] [blame]636exit:
637 mbedtls_ccm_free( &ctx );
638}
639/* END_CASE */
640
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]641/* Provide incomplete auth data on first update_ad.
642 * Provide too much auth data on second update_ad */
643/* BEGIN_CASE */
644void mbedtls_ccm_incomplete_ad_and_overflow( int cipher_id, int mode,
645 data_t * key, data_t * iv,
646 data_t * add )
647{
648 mbedtls_ccm_context ctx;
Ronald Cron133740b2021-09-17 09:38:07 +0200[diff] [blame^]649 uint8_t add_second_buffer[2];
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]650
Ronald Cron133740b2021-09-17 09:38:07 +0200[diff] [blame^]651 add_second_buffer[0] = add->x[ add->len - 1 ];
652 add_second_buffer[1] = 0xAB; // some magic value
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]653
654 mbedtls_ccm_init( &ctx );
655 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
656 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
657 // use hardcoded values for msg length and tag length. They are not a part of this test
658 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 16, 16 ) );
659
660 // pass incomplete auth data
Ronald Cron133740b2021-09-17 09:38:07 +0200[diff] [blame^]661 TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len - 1) );
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]662 // pass 2 extra bytes (1 missing byte from previous incomplete pass, and 1 unexpected byte)
Ronald Cron133740b2021-09-17 09:38:07 +0200[diff] [blame^]663 TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add_second_buffer, 2) );
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]664exit:
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]665 mbedtls_ccm_free( &ctx );
666}
667/* END_CASE */
668
Mateusz Starzyk8fb17542021-08-10 13:45:19 +0200[diff] [blame]669/* Provide too much plaintext/ciphertext */
Mateusz Starzykf442de62021-08-10 13:36:43 +0200[diff] [blame]670/* BEGIN_CASE */
Mateusz Starzykbccbf882021-08-09 16:12:46 +0200[diff] [blame]671void mbedtls_ccm_overflow_update( int cipher_id, int mode,
Mateusz Starzyk87889062021-07-29 14:08:18 +0200[diff] [blame]672 data_t * key, data_t * msg, data_t * iv,
673 data_t * add )
674{
675 mbedtls_ccm_context ctx;
676 uint8_t *output = NULL;
677 size_t olen;
678
679 mbedtls_ccm_init( &ctx );
680 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
681 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
682 // use hardcoded value for tag length. It is a not a part of this test
Mateusz Starzyk3050f052021-09-02 12:38:51 +0200[diff] [blame]683 // subtract 1 from configured msg length to provoke an overflow
684 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len - 1, 16 ) );
Mateusz Starzyk87889062021-07-29 14:08:18 +0200[diff] [blame]685
686 TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
687
688 ASSERT_ALLOC( output, msg->len );
689 TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, \
690 mbedtls_ccm_update( &ctx, msg->x, msg->len, output, msg->len, &olen ) );
691exit:
692 mbedtls_free( output );
693 mbedtls_ccm_free( &ctx );
694}
695/* END_CASE */
Mateusz Starzykf442de62021-08-10 13:36:43 +0200[diff] [blame]696
Mateusz Starzyk8fb17542021-08-10 13:45:19 +0200[diff] [blame]697/* Provide incomplete plaintext/ciphertext and finish */
Mateusz Starzykf442de62021-08-10 13:36:43 +0200[diff] [blame]698/* BEGIN_CASE */
699void mbedtls_ccm_incomplete_update( int cipher_id, int mode,
700 data_t * key, data_t * msg, data_t * iv,
701 data_t * add )
702{
703 mbedtls_ccm_context ctx;
704 uint8_t *output = NULL;
705 size_t olen;
706
707 mbedtls_ccm_init( &ctx );
708 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
709 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
710 // use hardcoded value for tag length. It is not a part of this test
711 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len, 16 ) );
712
713 TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
714
715 ASSERT_ALLOC( output, msg->len );
716 olen = 0xdeadbeef;
Mateusz Starzyk3050f052021-09-02 12:38:51 +0200[diff] [blame]717 TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg->x, msg->len - 1, output, msg->len, &olen ) );
Mateusz Starzykf442de62021-08-10 13:36:43 +0200[diff] [blame]718 mbedtls_free( output );
719 output = NULL;
720
721 ASSERT_ALLOC( output, 16 );
Mateusz Starzyk7251eda2021-09-01 13:26:44 +0200[diff] [blame]722 TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_finish( &ctx, output, 16 ) );
Mateusz Starzykf442de62021-08-10 13:36:43 +0200[diff] [blame]723
724exit:
725 mbedtls_free( output );
726 mbedtls_ccm_free( &ctx );
727}
728/* END_CASE */
729
Mateusz Starzyk8fb17542021-08-10 13:45:19 +0200[diff] [blame]730/* Provide full plaintext/ciphertext of first update
731 * Provide unexpected plaintext/ciphertext on second update */
Mateusz Starzykf442de62021-08-10 13:36:43 +0200[diff] [blame]732/* BEGIN_CASE */
733void mbedtls_ccm_full_update_and_overflow( int cipher_id, int mode,
734 data_t * key, data_t * msg, data_t * iv,
735 data_t * add )
736{
737 mbedtls_ccm_context ctx;
738 uint8_t *output = NULL;
739 size_t olen;
740
741 mbedtls_ccm_init( &ctx );
742 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
743 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
744 // use hardcoded value for tag length. It is a not a part of this test
745 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len, 16 ) );
746
747 TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
748
749 ASSERT_ALLOC( output, msg->len );
750 // pass full text
751 TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg->x, msg->len, output, msg->len, &olen ) );
752 // pass 1 extra byte
753 TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, \
754 mbedtls_ccm_update( &ctx, msg->x, 1, output, 1, &olen ) );
755exit:
756 mbedtls_free( output );
757 mbedtls_ccm_free( &ctx );
758}
759/* END_CASE */
Mateusz Starzyke0f52272021-08-10 13:55:47 +0200[diff] [blame]760
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]761/* Provide incomplete plaintext/ciphertext of first update
762 * Provide too much plaintext/ciphertext on second update */
763/* BEGIN_CASE */
764void mbedtls_ccm_incomplete_update_overflow( int cipher_id, int mode,
765 data_t * key, data_t * msg, data_t * iv,
766 data_t * add )
767{
768 mbedtls_ccm_context ctx;
769 uint8_t *output = NULL;
770 size_t olen;
Ronald Cron133740b2021-09-17 09:38:07 +0200[diff] [blame^]771 uint8_t msg_second_buffer[2];
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]772
Ronald Cron133740b2021-09-17 09:38:07 +0200[diff] [blame^]773 msg_second_buffer[0] = msg->x[ msg->len - 1 ];
774 msg_second_buffer[1] = 0xAB; // some magic value
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]775
776 mbedtls_ccm_init( &ctx );
777 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
778 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
779 // use hardcoded value for tag length. It is a not a part of this test
780 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len, 16 ) );
781
782 TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
783
784 ASSERT_ALLOC( output, msg->len + 1 );
785 // pass incomplete text
Ronald Cron133740b2021-09-17 09:38:07 +0200[diff] [blame^]786 TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg->x, msg->len - 1, output, msg->len + 1, &olen ) );
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]787 // pass 2 extra bytes (1 missing byte from previous incomplete pass, and 1 unexpected byte)
788 TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, \
Ronald Cron133740b2021-09-17 09:38:07 +0200[diff] [blame^]789 mbedtls_ccm_update( &ctx, msg_second_buffer, 2, output + msg->len - 1, 2, &olen ) );
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]790exit:
Mateusz Starzykcd975e42021-09-02 13:25:19 +0200[diff] [blame]791 mbedtls_free( output );
792 mbedtls_ccm_free( &ctx );
793}
794/* END_CASE */
795
Mateusz Starzyke0f52272021-08-10 13:55:47 +0200[diff] [blame]796/* Finish without passing any auth data or plaintext/ciphertext input */
797/* BEGIN_CASE */
798void mbedtls_ccm_instant_finish( int cipher_id, int mode,
799 data_t * key, data_t * iv )
800{
801 mbedtls_ccm_context ctx;
802 uint8_t *output = NULL;
803
804 mbedtls_ccm_init( &ctx );
805 TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
806 TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
807 // use hardcoded values for add length, msg length and tag length.
808 // They are not a part of this test
809 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, 16, 16, 16 ) );
810
811 ASSERT_ALLOC( output, 16 );
Mateusz Starzyk7251eda2021-09-01 13:26:44 +0200[diff] [blame]812 TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_finish( &ctx, output, 16 ) );
Mateusz Starzyke0f52272021-08-10 13:55:47 +0200[diff] [blame]813
814exit:
815 mbedtls_free( output );
816 mbedtls_ccm_free( &ctx );
817}
818/* END_CASE */