tests/suites/test_suite_aes.function

/* BEGIN_HEADER */
#include "mbedtls/aes.h"
/* END_HEADER */

/* BEGIN_DEPENDENCIES
 * depends_on:MBEDTLS_AES_C
 * END_DEPENDENCIES
 */

/* BEGIN_CASE */
void aes_encrypt_ecb(data_t *key_str, data_t *src_str,
                     data_t *dst, int setkey_result)
{
    unsigned char output[100];
    mbedtls_aes_context ctx;

    memset(output, 0x00, 100);

    mbedtls_aes_init(&ctx);

    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == setkey_result);
    if (setkey_result == 0) {
        TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_ENCRYPT, src_str->x, output) == 0);

        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);
    }

exit:
    mbedtls_aes_free(&ctx);
}
/* END_CASE */

/* BEGIN_CASE */
void aes_decrypt_ecb(data_t *key_str, data_t *src_str,
                     data_t *dst, int setkey_result)
{
    unsigned char output[100];
    mbedtls_aes_context ctx;

    memset(output, 0x00, 100);

    mbedtls_aes_init(&ctx);

    TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx, key_str->x, key_str->len * 8) == setkey_result);
    if (setkey_result == 0) {
        TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_DECRYPT, src_str->x, output) == 0);

        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);
    }

exit:
    mbedtls_aes_free(&ctx);
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
void aes_encrypt_cbc(data_t *key_str, data_t *iv_str,
                     data_t *src_str, data_t *dst,
                     int cbc_result)
{
    unsigned char output[100];
    mbedtls_aes_context ctx;

    memset(output, 0x00, 100);

    mbedtls_aes_init(&ctx);

    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0);
    TEST_ASSERT(mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x,
                                      src_str->x, output) == cbc_result);
    if (cbc_result == 0) {

        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
                                        src_str->len, dst->len) == 0);
    }

exit:
    mbedtls_aes_free(&ctx);
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
void aes_decrypt_cbc(data_t *key_str, data_t *iv_str,
                     data_t *src_str, data_t *dst,
                     int cbc_result)
{
    unsigned char output[100];
    mbedtls_aes_context ctx;

    memset(output, 0x00, 100);
    mbedtls_aes_init(&ctx);

    TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx, key_str->x, key_str->len * 8) == 0);
    TEST_ASSERT(mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x,
                                      src_str->x, output) == cbc_result);
    if (cbc_result == 0) {

        TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
                                        src_str->len, dst->len) == 0);
    }

exit:
    mbedtls_aes_free(&ctx);
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
void aes_encrypt_xts(char *hex_key_string, char *hex_data_unit_string,
                     char *hex_src_string, char *hex_dst_string)
{
    enum { AES_BLOCK_SIZE = 16 };
    unsigned char *data_unit = NULL;
    unsigned char *key = NULL;
    unsigned char *src = NULL;
    unsigned char *dst = NULL;
    unsigned char *output = NULL;
    mbedtls_aes_xts_context ctx;
    size_t key_len, src_len, dst_len, data_unit_len;

    mbedtls_aes_xts_init(&ctx);

    data_unit = mbedtls_test_unhexify_alloc(hex_data_unit_string,
                                            &data_unit_len);
    TEST_ASSERT(data_unit_len == AES_BLOCK_SIZE);

    key = mbedtls_test_unhexify_alloc(hex_key_string, &key_len);
    TEST_ASSERT(key_len % 2 == 0);

    src = mbedtls_test_unhexify_alloc(hex_src_string, &src_len);
    dst = mbedtls_test_unhexify_alloc(hex_dst_string, &dst_len);
    TEST_ASSERT(src_len == dst_len);

    output = mbedtls_test_zero_alloc(dst_len);

    TEST_ASSERT(mbedtls_aes_xts_setkey_enc(&ctx, key, key_len * 8) == 0);
    TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_ENCRYPT, src_len,
                                      data_unit, src, output) == 0);

    TEST_ASSERT(memcmp(output, dst, dst_len) == 0);

exit:
    mbedtls_aes_xts_free(&ctx);
    mbedtls_free(data_unit);
    mbedtls_free(key);
    mbedtls_free(src);
    mbedtls_free(dst);
    mbedtls_free(output);
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
void aes_decrypt_xts(char *hex_key_string, char *hex_data_unit_string,
                     char *hex_dst_string, char *hex_src_string)
{
    enum { AES_BLOCK_SIZE = 16 };
    unsigned char *data_unit = NULL;
    unsigned char *key = NULL;
    unsigned char *src = NULL;
    unsigned char *dst = NULL;
    unsigned char *output = NULL;
    mbedtls_aes_xts_context ctx;
    size_t key_len, src_len, dst_len, data_unit_len;

    mbedtls_aes_xts_init(&ctx);

    data_unit = mbedtls_test_unhexify_alloc(hex_data_unit_string,
                                            &data_unit_len);
    TEST_ASSERT(data_unit_len == AES_BLOCK_SIZE);

    key = mbedtls_test_unhexify_alloc(hex_key_string, &key_len);
    TEST_ASSERT(key_len % 2 == 0);

    src = mbedtls_test_unhexify_alloc(hex_src_string, &src_len);
    dst = mbedtls_test_unhexify_alloc(hex_dst_string, &dst_len);
    TEST_ASSERT(src_len == dst_len);

    output = mbedtls_test_zero_alloc(dst_len);

    TEST_ASSERT(mbedtls_aes_xts_setkey_dec(&ctx, key, key_len * 8) == 0);
    TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_DECRYPT, src_len,
                                      data_unit, src, output) == 0);

    TEST_ASSERT(memcmp(output, dst, dst_len) == 0);

exit:
    mbedtls_aes_xts_free(&ctx);
    mbedtls_free(data_unit);
    mbedtls_free(key);
    mbedtls_free(src);
    mbedtls_free(dst);
    mbedtls_free(output);
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
void aes_crypt_xts_size(int size, int retval)
{
    mbedtls_aes_xts_context ctx;
    const unsigned char src[16] = { 0 };
    unsigned char output[16];
    unsigned char data_unit[16];
    size_t length = size;

    mbedtls_aes_xts_init(&ctx);
    memset(data_unit, 0x00, sizeof(data_unit));

    TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src,
                                      output) == retval);
exit:
    mbedtls_aes_xts_free(&ctx);
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
void aes_crypt_xts_keysize(int size, int retval)
{
    mbedtls_aes_xts_context ctx;
    const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
    size_t key_len = size;

    mbedtls_aes_xts_init(&ctx);

    TEST_ASSERT(mbedtls_aes_xts_setkey_enc(&ctx, key, key_len * 8) == retval);
    TEST_ASSERT(mbedtls_aes_xts_setkey_dec(&ctx, key, key_len * 8) == retval);
exit:
    mbedtls_aes_xts_free(&ctx);
}
/* END_CASE */


/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
void aes_encrypt_cfb128(data_t *key_str, data_t *iv_str,
                        data_t *src_str, data_t *dst)
{
    unsigned char output[100];
    mbedtls_aes_context ctx;
    size_t iv_offset = 0;

    memset(output, 0x00, 100);
    mbedtls_aes_init(&ctx);


    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0);
    TEST_ASSERT(mbedtls_aes_crypt_cfb128(&ctx, MBEDTLS_AES_ENCRYPT, 16, &iv_offset, iv_str->x,
                                         src_str->x, output) == 0);

    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);

exit:
    mbedtls_aes_free(&ctx);
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
void aes_decrypt_cfb128(data_t *key_str, data_t *iv_str,
                        data_t *src_str, data_t *dst)
{
    unsigned char output[100];
    mbedtls_aes_context ctx;
    size_t iv_offset = 0;

    memset(output, 0x00, 100);
    mbedtls_aes_init(&ctx);


    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0);
    TEST_ASSERT(mbedtls_aes_crypt_cfb128(&ctx, MBEDTLS_AES_DECRYPT, 16, &iv_offset, iv_str->x,
                                         src_str->x, output) == 0);

    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0);

exit:
    mbedtls_aes_free(&ctx);
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
void aes_encrypt_cfb8(data_t *key_str, data_t *iv_str,
                      data_t *src_str, data_t *dst)
{
    unsigned char output[100];
    mbedtls_aes_context ctx;

    memset(output, 0x00, 100);
    mbedtls_aes_init(&ctx);


    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0);
    TEST_ASSERT(mbedtls_aes_crypt_cfb8(&ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x,
                                       src_str->x, output) == 0);

    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
                                    src_str->len, dst->len) == 0);

exit:
    mbedtls_aes_free(&ctx);
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
void aes_decrypt_cfb8(data_t *key_str, data_t *iv_str,
                      data_t *src_str, data_t *dst)
{
    unsigned char output[100];
    mbedtls_aes_context ctx;

    memset(output, 0x00, 100);
    mbedtls_aes_init(&ctx);


    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0);
    TEST_ASSERT(mbedtls_aes_crypt_cfb8(&ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x,
                                       src_str->x, output) == 0);

    TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
                                    src_str->len, dst->len) == 0);

exit:
    mbedtls_aes_free(&ctx);
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_OFB */
void aes_encrypt_ofb(int fragment_size, data_t *key_str,
                     data_t *iv_str, data_t *src_str,
                     data_t *expected_output)
{
    unsigned char output[32];
    mbedtls_aes_context ctx;
    size_t iv_offset = 0;
    int in_buffer_len;
    unsigned char *src_str_next;

    memset(output, 0x00, sizeof(output));
    mbedtls_aes_init(&ctx);

    TEST_ASSERT((size_t) fragment_size < sizeof(output));

    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x,
                                       key_str->len * 8) == 0);
    in_buffer_len = src_str->len;
    src_str_next = src_str->x;

    while (in_buffer_len > 0) {
        TEST_ASSERT(mbedtls_aes_crypt_ofb(&ctx, fragment_size, &iv_offset,
                                          iv_str->x, src_str_next, output) == 0);

        TEST_ASSERT(memcmp(output, expected_output->x, fragment_size) == 0);

        in_buffer_len -= fragment_size;
        expected_output->x += fragment_size;
        src_str_next += fragment_size;

        if (in_buffer_len < fragment_size) {
            fragment_size = in_buffer_len;
        }
    }

exit:
    mbedtls_aes_free(&ctx);
}
/* END_CASE */

/* BEGIN_CASE */
void aes_invalid_mode()
{
    mbedtls_aes_context aes_ctx;
    const unsigned char in[16] = { 0 };
    unsigned char out[16];
    const int invalid_mode = 42;

    TEST_EQUAL(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
               mbedtls_aes_crypt_ecb(&aes_ctx, invalid_mode, in, out));

#if defined(MBEDTLS_CIPHER_MODE_CBC)
    TEST_EQUAL(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
               mbedtls_aes_crypt_cbc(&aes_ctx, invalid_mode, 16,
                                     out, in, out));
#endif /* MBEDTLS_CIPHER_MODE_CBC */

#if defined(MBEDTLS_CIPHER_MODE_XTS)
    mbedtls_aes_xts_context xts_ctx;

    TEST_EQUAL(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
               mbedtls_aes_crypt_xts(&xts_ctx, invalid_mode, 16,
                                     in, in, out));
#endif /* MBEDTLS_CIPHER_MODE_XTS */

#if defined(MBEDTLS_CIPHER_MODE_CFB)
    size_t size;

    TEST_EQUAL(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
               mbedtls_aes_crypt_cfb128(&aes_ctx, invalid_mode, 16,
                                        &size, out, in, out));
    TEST_EQUAL(MBEDTLS_ERR_AES_BAD_INPUT_DATA,
               mbedtls_aes_crypt_cfb8(&aes_ctx, invalid_mode, 16,
                                      out, in, out));
#endif /* MBEDTLS_CIPHER_MODE_CFB */
}
/* END_CASE */

/* BEGIN_CASE */
void aes_misc_params()
{
#if defined(MBEDTLS_CIPHER_MODE_CBC) || \
    defined(MBEDTLS_CIPHER_MODE_XTS) || \
    defined(MBEDTLS_CIPHER_MODE_CFB) || \
    defined(MBEDTLS_CIPHER_MODE_OFB)
    const unsigned char in[16] = { 0 };
    unsigned char out[16];
#endif
#if defined(MBEDTLS_CIPHER_MODE_CBC) || \
    defined(MBEDTLS_CIPHER_MODE_CFB) || \
    defined(MBEDTLS_CIPHER_MODE_OFB)
    mbedtls_aes_context aes_ctx;
#endif
#if defined(MBEDTLS_CIPHER_MODE_XTS)
    mbedtls_aes_xts_context xts_ctx;
#endif
#if defined(MBEDTLS_CIPHER_MODE_CFB) || \
    defined(MBEDTLS_CIPHER_MODE_OFB)
    size_t size;
#endif

#if defined(MBEDTLS_CIPHER_MODE_CBC)
    TEST_ASSERT(mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT,
                                      15,
                                      out, in, out)
                == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
    TEST_ASSERT(mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT,
                                      17,
                                      out, in, out)
                == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
#endif

#if defined(MBEDTLS_CIPHER_MODE_XTS)
    TEST_ASSERT(mbedtls_aes_crypt_xts(&xts_ctx, MBEDTLS_AES_ENCRYPT,
                                      15,
                                      in, in, out)
                == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
    TEST_ASSERT(mbedtls_aes_crypt_xts(&xts_ctx, MBEDTLS_AES_ENCRYPT,
                                      (1 << 24) + 1,
                                      in, in, out)
                == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
#endif

#if defined(MBEDTLS_CIPHER_MODE_CFB)
    size = 16;
    TEST_ASSERT(mbedtls_aes_crypt_cfb128(&aes_ctx, MBEDTLS_AES_ENCRYPT, 16,
                                         &size, out, in, out)
                == MBEDTLS_ERR_AES_BAD_INPUT_DATA);
#endif

#if defined(MBEDTLS_CIPHER_MODE_OFB)
    size = 16;
    TEST_ASSERT(mbedtls_aes_crypt_ofb(&aes_ctx, 16, &size, out, in, out)
                == MBEDTLS_ERR_AES_BAD_INPUT_DATA);
#endif

/*
 * The following line needs to be added to make the code compilable
 * when all the conditions above will be not define in a specific
 * choice of features.
 */
    TEST_ASSERT(1);
/* TODO: It will be removed when the whole test will be reworked */
}
/* END_CASE */

/* BEGIN_CASE */
void aes_ecb_copy_context(data_t *key, data_t *src)
{
    unsigned char output1[16], output2[16], plain[16];
    mbedtls_aes_context ctx1, ctx2, ctx3;

    TEST_EQUAL(src->len, 16);

    // Set key and encrypt with original context
    mbedtls_aes_init(&ctx1);
    TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx1, key->x,
                                       key->len * 8) == 0);
    TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx1, MBEDTLS_AES_ENCRYPT,
                                      src->x, output1) == 0);
    ctx2 = ctx1;

    // Set key for decryption with original context
    TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx1, key->x,
                                       key->len * 8) == 0);
    ctx3 = ctx1;

    // Wipe the original context to make sure nothing from it is used
    memset(&ctx1, 0, sizeof(ctx1));

    // Encrypt with copied context
    TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx2, MBEDTLS_AES_ENCRYPT,
                                      src->x, output2) == 0);
    ASSERT_COMPARE(output1, 16, output2, 16);

    // Decrypt with copied context
    TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx3, MBEDTLS_AES_DECRYPT,
                                      output1, plain) == 0);
    ASSERT_COMPARE(src->x, 16, plain, 16);
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void aes_selftest()
{
    TEST_ASSERT(mbedtls_aes_self_test(1) == 0);
}
/* END_CASE */