TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 663055f78464a27f9470ed04142eb975554cf4ec / . / tests / suites / test_suite_ccm.function
blob: 77ecf689b54d2b8d9c05bf4de4e33e5771d12172 [file] [log] [blame]
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/ccm.h"
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]3
4/* Use the multipart interface to process the encrypted data in two parts
5 * and check that the output matches the expected output.
6 * The context must have been set up with the key. */
7static int check_multipart( mbedtls_ccm_context *ctx,
8 int mode,
9 const data_t *iv,
10 const data_t *add,
11 const data_t *input,
12 const data_t *expected_output,
13 const data_t *tag,
14 size_t n1,
15 size_t n1_add)
16{
17 int ok = 0;
18 uint8_t *output = NULL;
19 size_t n2 = input->len - n1;
20 size_t n2_add = add->len - n1_add;
21 size_t olen;
22
23 /* Sanity checks on the test data */
24 TEST_ASSERT( n1 <= input->len );
25 TEST_ASSERT( n1_add <= add->len );
26 TEST_EQUAL( input->len, expected_output->len );
27 TEST_EQUAL( 0, mbedtls_ccm_starts( ctx, mode, iv->x, iv->len ) );
28 TEST_EQUAL( 0, mbedtls_ccm_set_lengths( ctx, add->len, input->len, tag->len ) );
29 TEST_EQUAL( 0, mbedtls_ccm_update_ad( ctx, add->x, n1_add) );
30 TEST_EQUAL( 0, mbedtls_ccm_update_ad( ctx, add->x + n1_add, n2_add ) );
31
32 /* Allocate a tight buffer for each update call. This way, if the function
33 * tries to write beyond the advertised required buffer size, this will
34 * count as an overflow for memory sanitizers and static checkers. */
35 ASSERT_ALLOC( output, n1 );
36 olen = 0xdeadbeef;
37 TEST_EQUAL( 0, mbedtls_ccm_update( ctx, input->x, n1, output, n1, &olen ) );
38 TEST_EQUAL( n1, olen );
39 ASSERT_COMPARE( output, olen, expected_output->x, n1 );
40 mbedtls_free( output );
41 output = NULL;
42
43 ASSERT_ALLOC( output, n2 );
44 olen = 0xdeadbeef;
45 TEST_EQUAL( 0, mbedtls_ccm_update( ctx, input->x + n1, n2, output, n2, &olen ) );
46 TEST_EQUAL( n2, olen );
47 ASSERT_COMPARE( output, olen, expected_output->x + n1, n2 );
48 mbedtls_free( output );
49 output = NULL;
50
51 ASSERT_ALLOC( output, tag->len );
52 TEST_EQUAL( 0, mbedtls_ccm_finish( ctx, output, tag->len ) );
53 ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
54 mbedtls_free( output );
55 output = NULL;
56
57 ok = 1;
58exit:
59 mbedtls_free( output );
60 return( ok );
61}
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]62/* END_HEADER */
63
64/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]65 * depends_on:MBEDTLS_CCM_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]66 * END_DEPENDENCIES
67 */
68
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]69/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]70void mbedtls_ccm_self_test( )
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]71{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]72 TEST_ASSERT( mbedtls_ccm_self_test( 1 ) == 0 );
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]73}
74/* END_CASE */
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]75
76/* BEGIN_CASE */
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]77void mbedtls_ccm_setkey( int cipher_id, int key_size, int result )
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]78{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]79 mbedtls_ccm_context ctx;
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]80 unsigned char key[32];
81 int ret;
82
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]83 mbedtls_ccm_init( &ctx );
84
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]85 memset( key, 0x2A, sizeof( key ) );
86 TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) );
87
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]88 ret = mbedtls_ccm_setkey( &ctx, cipher_id, key, key_size );
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]89 TEST_ASSERT( ret == result );
90
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]91exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]92 mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]93}
94/* END_CASE */
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]95
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]96/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]97void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res )
98{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]99 mbedtls_ccm_context ctx;
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]100 unsigned char key[16];
101 unsigned char msg[10];
102 unsigned char iv[14];
Dave Rodgman2e680342020-10-15 14:00:40 +0100[diff] [blame]103 unsigned char *add = NULL;
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]104 unsigned char out[10];
105 unsigned char tag[18];
106 int decrypt_ret;
107
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]108 mbedtls_ccm_init( &ctx );
109
Dave Rodgman2e680342020-10-15 14:00:40 +0100[diff] [blame]110 ASSERT_ALLOC_WEAK( add, add_len );
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]111 memset( key, 0, sizeof( key ) );
112 memset( msg, 0, sizeof( msg ) );
113 memset( iv, 0, sizeof( iv ) );
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]114 memset( out, 0, sizeof( out ) );
115 memset( tag, 0, sizeof( tag ) );
116
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]117 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]118 key, 8 * sizeof( key ) ) == 0 );
119
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]120 TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]121 msg, out, tag, tag_len ) == res );
122
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]123 decrypt_ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len,
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]124 msg, out, tag, tag_len );
125
126 if( res == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]127 TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]128 else
129 TEST_ASSERT( decrypt_ret == res );
130
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]131exit:
Dave Rodgman2e680342020-10-15 14:00:40 +0100[diff] [blame]132 mbedtls_free( add );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]133 mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +0200[diff] [blame]134}
135/* END_CASE */
136
Janos Follath95ab93d2018-05-14 14:32:41 +0100[diff] [blame]137/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
138void ccm_star_lengths( int msg_len, int iv_len, int add_len, int tag_len,
139 int res )
140{
141 mbedtls_ccm_context ctx;
142 unsigned char key[16];
143 unsigned char msg[10];
144 unsigned char iv[14];
145 unsigned char add[10];
146 unsigned char out[10];
147 unsigned char tag[18];
148 int decrypt_ret;
149
150 mbedtls_ccm_init( &ctx );
151
152 memset( key, 0, sizeof( key ) );
153 memset( msg, 0, sizeof( msg ) );
154 memset( iv, 0, sizeof( iv ) );
155 memset( add, 0, sizeof( add ) );
156 memset( out, 0, sizeof( out ) );
157 memset( tag, 0, sizeof( tag ) );
158
159 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
160 key, 8 * sizeof( key ) ) == 0 );
161
162 TEST_ASSERT( mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len,
163 add, add_len, msg, out, tag, tag_len ) == res );
164
165 decrypt_ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len, add,
166 add_len, msg, out, tag, tag_len );
167
168 if( res == 0 && tag_len != 0 )
169 TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
170 else
171 TEST_ASSERT( decrypt_ret == res );
172
173exit:
174 mbedtls_ccm_free( &ctx );
175}
176/* END_CASE */
177
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]178/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]179void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key,
180 data_t * msg, data_t * iv,
181 data_t * add, data_t * result )
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]182{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]183 mbedtls_ccm_context ctx;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]184 size_t tag_len;
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]185 size_t n1, n1_add;
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]186 uint8_t * msg_n_tag = (uint8_t *)malloc( result->len + 2 );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]187
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]188 mbedtls_ccm_init( &ctx );
189
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]190 memset( msg_n_tag, 0, result->len + 2 );
191 memcpy( msg_n_tag, msg->x, msg->len );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]192
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]193 tag_len = result->len - msg->len;
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]194
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]195 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]196
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200[diff] [blame]197 /* Test with input == output */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]198 TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg->len, iv->x, iv->len, add->x, add->len,
199 msg_n_tag, msg_n_tag, msg_n_tag + msg->len, tag_len ) == 0 );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]200
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]201 TEST_ASSERT( memcmp( msg_n_tag, result->x, result->len ) == 0 );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]202
203 /* Check we didn't write past the end */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]204 TEST_ASSERT( msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0 );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]205
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]206 const data_t encrypted_expected = { .x = result->x,
207 .len = msg->len };
208 const data_t tag_expected = { .x = result->x + msg->len,
209 .len = tag_len };
210
211 for( n1 = 0; n1 <= msg->len; n1 += 1 )
212 {
213 for( n1_add = 0; n1_add <= add->len; n1_add += 1 )
214 {
215 mbedtls_test_set_step( n1 * 10000 + n1_add );
216 if( !check_multipart( &ctx, MBEDTLS_CCM_ENCRYPT,
217 iv, add, msg,
218 &encrypted_expected,
219 &tag_expected,
220 n1, n1_add ) )
221 goto exit;
222 }
223 }
224
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]225exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]226 mbedtls_ccm_free( &ctx );
Azim Khan46c9b1f2017-05-31 20:46:35 +0100[diff] [blame]227 free( msg_n_tag );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]228}
229/* END_CASE */
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]230
231/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]232void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key,
233 data_t * msg, data_t * iv,
234 data_t * add, int tag_len, int result,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]235 data_t * expected_msg )
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]236{
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200[diff] [blame]237 unsigned char tag[16];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]238 mbedtls_ccm_context ctx;
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]239 size_t n1, n1_add;
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]240
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]241 mbedtls_ccm_init( &ctx );
242
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200[diff] [blame]243 memset( tag, 0x00, sizeof( tag ) );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]244
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]245 msg->len -= tag_len;
246 memcpy( tag, msg->x + msg->len, tag_len );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]247
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]248 uint8_t * io_msg = (uint8_t *)malloc( msg->len + 2 );
249 memset( io_msg, 0, msg->len + 2 );
250 memcpy( io_msg, msg->x, msg->len );
251
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]252 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]253
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200[diff] [blame]254 /* Test with input == output */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]255 TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg->len, iv->x, iv->len, add->x, add->len,
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]256 io_msg, io_msg, tag, tag_len ) == result );
257
258 /* Check we didn't write past the end */
259 TEST_ASSERT( io_msg[msg->len] == 0 && io_msg[msg->len + 1] == 0 );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]260
Mohammad Azim Khancfd83422018-06-26 18:15:18 +0100[diff] [blame]261 if( result == 0 )
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]262 {
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]263 TEST_ASSERT( memcmp( io_msg, expected_msg->x, expected_msg->len ) == 0 );
264
265 const data_t tag_expected = { .x = tag,
266 .len = tag_len };
267
268 for( n1 = 0; n1 <= msg->len; n1 += 1 )
269 {
270 for( n1_add = 0; n1_add <= add->len; n1_add += 1 )
271 {
272 mbedtls_test_set_step( n1 * 10000 + n1_add );
273 if( !check_multipart( &ctx, MBEDTLS_CCM_DECRYPT,
274 iv, add, msg,
275 expected_msg,
276 &tag_expected,
277 n1, n1_add ) )
278 goto exit;
279 }
280 }
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]281 }
282 else
283 {
284 size_t i;
285
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]286 for( i = 0; i < msg->len; i++ )
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]287 TEST_ASSERT( io_msg[i] == 0 );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]288 }
289
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]290exit:
Mateusz Starzyk25a3dfe2021-07-12 14:53:45 +0200[diff] [blame]291 free(io_msg);
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]292 mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200[diff] [blame]293}
294/* END_CASE */
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]295
296/* BEGIN_CASE */
297void mbedtls_ccm_star_encrypt_and_tag( int cipher_id,
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]298 data_t *key, data_t *msg,
299 data_t *source_address, data_t *frame_counter,
300 int sec_level, data_t *add,
301 data_t *expected_result, int output_ret )
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]302{
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]303 unsigned char iv[13];
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]304 unsigned char result[50];
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]305 mbedtls_ccm_context ctx;
Gilles Peskineb168c0d2021-02-09 12:00:13 +0100[diff] [blame]306 size_t iv_len, tag_len;
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]307 int ret;
308
309 mbedtls_ccm_init( &ctx );
310
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]311 memset( result, 0x00, sizeof( result ) );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]312
313 if( sec_level % 4 == 0)
314 tag_len = 0;
315 else
316 tag_len = 1 << ( sec_level % 4 + 1);
317
Gilles Peskineb168c0d2021-02-09 12:00:13 +0100[diff] [blame]318 TEST_ASSERT( source_address->len == 8 );
319 TEST_ASSERT( frame_counter->len == 4 );
320 memcpy( iv, source_address->x, source_address->len );
321 memcpy( iv + source_address->len, frame_counter->x, frame_counter->len );
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]322 iv[source_address->len + frame_counter->len] = sec_level;
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]323 iv_len = sizeof( iv );
324
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]325 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id,
326 key->x, key->len * 8 ) == 0 );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]327
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]328 ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg->len, iv, iv_len,
329 add->x, add->len, msg->x,
330 result, result + msg->len, tag_len );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]331
332 TEST_ASSERT( ret == output_ret );
333
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]334 TEST_ASSERT( memcmp( result,
335 expected_result->x, expected_result->len ) == 0 );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]336
337 /* Check we didn't write past the end */
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]338 TEST_ASSERT( result[expected_result->len] == 0 &&
339 result[expected_result->len + 1] == 0 );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]340
341exit:
342 mbedtls_ccm_free( &ctx );
343}
344/* END_CASE */
345
346/* BEGIN_CASE */
347void mbedtls_ccm_star_auth_decrypt( int cipher_id,
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]348 data_t *key, data_t *msg,
349 data_t *source_address, data_t *frame_counter,
350 int sec_level, data_t *add,
351 data_t *expected_result, int output_ret )
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]352{
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]353 unsigned char iv[13];
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]354 unsigned char result[50];
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]355 mbedtls_ccm_context ctx;
Gilles Peskineb168c0d2021-02-09 12:00:13 +0100[diff] [blame]356 size_t iv_len, tag_len;
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]357 int ret;
358
359 mbedtls_ccm_init( &ctx );
360
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]361 memset( iv, 0x00, sizeof( iv ) );
Ronald Cronc7ba5602020-06-25 14:47:40 +0200[diff] [blame]362 memset( result, '+', sizeof( result ) );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]363
364 if( sec_level % 4 == 0)
365 tag_len = 0;
366 else
367 tag_len = 1 << ( sec_level % 4 + 1);
368
Gilles Peskineb168c0d2021-02-09 12:00:13 +0100[diff] [blame]369 TEST_ASSERT( source_address->len == 8 );
370 TEST_ASSERT( frame_counter->len == 4 );
371 memcpy( iv, source_address->x, source_address->len );
372 memcpy( iv + source_address->len, frame_counter->x, frame_counter->len );
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]373 iv[source_address->len + frame_counter->len] = sec_level;
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]374 iv_len = sizeof( iv );
375
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]376 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]377
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]378 ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg->len - tag_len, iv, iv_len,
379 add->x, add->len, msg->x, result,
380 msg->x + msg->len - tag_len, tag_len );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]381
382 TEST_ASSERT( ret == output_ret );
383
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]384 TEST_ASSERT( memcmp( result, expected_result->x,
385 expected_result->len ) == 0 );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]386
387 /* Check we didn't write past the end (where the original tag is) */
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]388 TEST_ASSERT( ( msg->len + 2 ) <= sizeof( result ) );
389 TEST_EQUAL( result[msg->len], '+' );
390 TEST_EQUAL( result[msg->len + 1], '+' );
Darryl Green0daf4ca2018-05-29 14:12:26 +0100[diff] [blame]391
392exit:
393 mbedtls_ccm_free( &ctx );
394}
395/* END_CASE */