TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 6df90523e179173baeb841aea40eda17d6a1dab7 / . / tests / suites / test_suite_cipher.function
blob: b77d3696f06f7c9d76eb31772c83cb37d4330aad [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/cipher.h"
Manuel Pégourié-Gonnardf7ce67f2013-09-03 20:17:35 +0200[diff] [blame]3
k-stachowiakd8727232019-07-29 17:46:29 +0200[diff] [blame]4#if defined(MBEDTLS_AES_C)
5#include "mbedtls/aes.h"
6#endif
7
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]8#if defined(MBEDTLS_GCM_C)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]9#include "mbedtls/gcm.h"
Manuel Pégourié-Gonnardf7ce67f2013-09-03 20:17:35 +0200[diff] [blame]10#endif
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]11
12#if defined(MBEDTLS_USE_PSA_CRYPTO)
Ronald Cron02c78b72020-05-27 09:22:32 +0200[diff] [blame]13#include "test/psa_crypto_helpers.h"
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]14#endif
15
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]16#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
17#define MBEDTLS_CIPHER_AUTH_CRYPT
18#endif
19
Manuel Pégourié-Gonnard89a8fe52020-11-27 09:32:55 +0100[diff] [blame]20#if defined(MBEDTLS_CIPHER_AUTH_CRYPT)
21/* Helper for resetting key/direction
22 *
23 * The documentation doesn't explicitly say whether calling
24 * mbedtls_cipher_setkey() twice is allowed or not. This currently works with
25 * the default software implementation, but only by accident. It isn't
26 * guaranteed to work with new ciphers or with alternative implementations of
27 * individual ciphers, and it doesn't work with the PSA wrappers. So don't do
28 * it, and instead start with a fresh context.
29 */
30static void cipher_reset_key( mbedtls_cipher_context_t *ctx, int cipher_id,
31 int use_psa, size_t tag_len, const data_t *key, int direction )
32{
33 mbedtls_cipher_free( ctx );
34 mbedtls_cipher_init( ctx );
35
36#if !defined(MBEDTLS_USE_PSA_CRYPTO)
37 (void) use_psa;
38 (void) tag_len;
39#else
40 if( use_psa == 1 )
41 {
42 TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( ctx,
43 mbedtls_cipher_info_from_type( cipher_id ),
44 tag_len ) );
45 }
46 else
47#endif /* MBEDTLS_USE_PSA_CRYPTO */
48 {
49 TEST_ASSERT( 0 == mbedtls_cipher_setup( ctx,
50 mbedtls_cipher_info_from_type( cipher_id ) ) );
51 }
52
53 TEST_ASSERT( 0 == mbedtls_cipher_setkey( ctx, key->x, 8 * key->len,
54 direction ) );
55exit:
56 ;
57}
Manuel Pégourié-Gonnardf215ef82020-12-03 12:33:31 +0100[diff] [blame]58
59/*
60 * Check if a buffer is all-0 bytes:
61 * return 1 if it is,
62 * 0 if it isn't.
63 */
64int buffer_is_all_zero( const uint8_t *buf, size_t size )
65{
66 for( size_t i = 0; i < size; i++ )
67 if( buf[i] != 0 )
68 return 0;
69 return 1;
70}
Manuel Pégourié-Gonnard89a8fe52020-11-27 09:32:55 +0100[diff] [blame]71#endif /* MBEDTLS_CIPHER_AUTH_CRYPT */
72
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]73/* END_HEADER */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]74
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]75/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]76 * depends_on:MBEDTLS_CIPHER_C
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]77 * END_DEPENDENCIES
78 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]79
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]80/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]81void mbedtls_cipher_list( )
Manuel Pégourié-Gonnard66dfc5a2014-03-29 16:10:55 +0100[diff] [blame]82{
83 const int *cipher_type;
84
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]85 for( cipher_type = mbedtls_cipher_list(); *cipher_type != 0; cipher_type++ )
86 TEST_ASSERT( mbedtls_cipher_info_from_type( *cipher_type ) != NULL );
Manuel Pégourié-Gonnard66dfc5a2014-03-29 16:10:55 +0100[diff] [blame]87}
88/* END_CASE */
89
90/* BEGIN_CASE */
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]91void cipher_invalid_param_unconditional( )
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]92{
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]93 mbedtls_cipher_context_t valid_ctx;
94 mbedtls_cipher_context_t invalid_ctx;
95 mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT;
96 mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
97 unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
98 int valid_size = sizeof(valid_buffer);
99 int valid_bitlen = valid_size * 8;
100 const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type(
101 *( mbedtls_cipher_list() ) );
102 size_t size_t_var;
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]103
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]104 (void)valid_mode; /* In some configurations this is unused */
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]105
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]106 mbedtls_cipher_init( &valid_ctx );
107 mbedtls_cipher_setup( &valid_ctx, valid_info );
108 mbedtls_cipher_init( &invalid_ctx );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]109
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]110 /* mbedtls_cipher_setup() */
111 TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, NULL ) ==
112 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]113
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]114 /* mbedtls_cipher_get_block_size() */
115 TEST_ASSERT( mbedtls_cipher_get_block_size( &invalid_ctx ) == 0 );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]116
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]117 /* mbedtls_cipher_get_cipher_mode() */
118 TEST_ASSERT( mbedtls_cipher_get_cipher_mode( &invalid_ctx ) ==
119 MBEDTLS_MODE_NONE );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]120
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]121 /* mbedtls_cipher_get_iv_size() */
122 TEST_ASSERT( mbedtls_cipher_get_iv_size( &invalid_ctx ) == 0 );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]123
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]124 /* mbedtls_cipher_get_type() */
125 TEST_ASSERT(
126 mbedtls_cipher_get_type( &invalid_ctx ) ==
127 MBEDTLS_CIPHER_NONE);
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]128
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]129 /* mbedtls_cipher_get_name() */
130 TEST_ASSERT( mbedtls_cipher_get_name( &invalid_ctx ) == 0 );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]131
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]132 /* mbedtls_cipher_get_key_bitlen() */
133 TEST_ASSERT( mbedtls_cipher_get_key_bitlen( &invalid_ctx ) ==
134 MBEDTLS_KEY_LENGTH_NONE );
135
136 /* mbedtls_cipher_get_operation() */
137 TEST_ASSERT( mbedtls_cipher_get_operation( &invalid_ctx ) ==
138 MBEDTLS_OPERATION_NONE );
139
140 /* mbedtls_cipher_setkey() */
141 TEST_ASSERT(
142 mbedtls_cipher_setkey( &invalid_ctx,
143 valid_buffer,
144 valid_bitlen,
145 valid_operation ) ==
146 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
147
148 /* mbedtls_cipher_set_iv() */
149 TEST_ASSERT(
150 mbedtls_cipher_set_iv( &invalid_ctx,
151 valid_buffer,
152 valid_size ) ==
153 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
154
155 /* mbedtls_cipher_reset() */
156 TEST_ASSERT( mbedtls_cipher_reset( &invalid_ctx ) ==
157 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]158
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]159#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]160 /* mbedtls_cipher_update_ad() */
161 TEST_ASSERT(
162 mbedtls_cipher_update_ad( &invalid_ctx,
163 valid_buffer,
164 valid_size ) ==
165 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
166#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
167
168#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
169 /* mbedtls_cipher_set_padding_mode() */
170 TEST_ASSERT( mbedtls_cipher_set_padding_mode( &invalid_ctx, valid_mode ) ==
171 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]172#endif
173
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]174 /* mbedtls_cipher_update() */
175 TEST_ASSERT(
176 mbedtls_cipher_update( &invalid_ctx,
177 valid_buffer,
178 valid_size,
179 valid_buffer,
180 &size_t_var ) ==
181 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]182
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]183 /* mbedtls_cipher_finish() */
184 TEST_ASSERT(
185 mbedtls_cipher_finish( &invalid_ctx,
186 valid_buffer,
187 &size_t_var ) ==
188 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]189
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]190#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]191 /* mbedtls_cipher_write_tag() */
192 TEST_ASSERT(
193 mbedtls_cipher_write_tag( &invalid_ctx,
194 valid_buffer,
195 valid_size ) ==
196 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]197
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]198 /* mbedtls_cipher_check_tag() */
199 TEST_ASSERT(
200 mbedtls_cipher_check_tag( &invalid_ctx,
201 valid_buffer,
202 valid_size ) ==
203 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
204#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
205
206exit:
207 mbedtls_cipher_free( &invalid_ctx );
208 mbedtls_cipher_free( &valid_ctx );
209}
210/* END_CASE */
211
212/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
213void cipher_invalid_param_conditional( )
214{
215 mbedtls_cipher_context_t valid_ctx;
216
217 mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT;
218 mbedtls_operation_t invalid_operation = 100;
219 mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
220 unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
221 int valid_size = sizeof(valid_buffer);
222 int valid_bitlen = valid_size * 8;
223 const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type(
224 *( mbedtls_cipher_list() ) );
225
226 size_t size_t_var;
227
228 (void)valid_mode; /* In some configurations this is unused */
229
230 /* mbedtls_cipher_init() */
231 TEST_VALID_PARAM( mbedtls_cipher_init( &valid_ctx ) );
232 TEST_INVALID_PARAM( mbedtls_cipher_init( NULL ) );
233
234 /* mbedtls_cipher_setup() */
235 TEST_VALID_PARAM( mbedtls_cipher_setup( &valid_ctx, valid_info ) );
236 TEST_INVALID_PARAM_RET(
237 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
238 mbedtls_cipher_setup( NULL, valid_info ) );
239
240 /* mbedtls_cipher_get_block_size() */
241 TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_block_size( NULL ) );
242
243 /* mbedtls_cipher_get_cipher_mode() */
244 TEST_INVALID_PARAM_RET(
245 MBEDTLS_MODE_NONE,
246 mbedtls_cipher_get_cipher_mode( NULL ) );
247
248 /* mbedtls_cipher_get_iv_size() */
249 TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_iv_size( NULL ) );
250
251 /* mbedtls_cipher_get_type() */
252 TEST_INVALID_PARAM_RET(
253 MBEDTLS_CIPHER_NONE,
254 mbedtls_cipher_get_type( NULL ) );
255
256 /* mbedtls_cipher_get_name() */
257 TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_name( NULL ) );
258
259 /* mbedtls_cipher_get_key_bitlen() */
260 TEST_INVALID_PARAM_RET(
261 MBEDTLS_KEY_LENGTH_NONE,
262 mbedtls_cipher_get_key_bitlen( NULL ) );
263
264 /* mbedtls_cipher_get_operation() */
265 TEST_INVALID_PARAM_RET(
266 MBEDTLS_OPERATION_NONE,
267 mbedtls_cipher_get_operation( NULL ) );
268
269 /* mbedtls_cipher_setkey() */
270 TEST_INVALID_PARAM_RET(
271 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
272 mbedtls_cipher_setkey( NULL,
273 valid_buffer,
274 valid_bitlen,
275 valid_operation ) );
276 TEST_INVALID_PARAM_RET(
277 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
278 mbedtls_cipher_setkey( &valid_ctx,
279 NULL,
280 valid_bitlen,
281 valid_operation ) );
282 TEST_INVALID_PARAM_RET(
283 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
284 mbedtls_cipher_setkey( &valid_ctx,
285 valid_buffer,
286 valid_bitlen,
287 invalid_operation ) );
288
289 /* mbedtls_cipher_set_iv() */
290 TEST_INVALID_PARAM_RET(
291 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
292 mbedtls_cipher_set_iv( NULL,
293 valid_buffer,
294 valid_size ) );
295 TEST_INVALID_PARAM_RET(
296 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
297 mbedtls_cipher_set_iv( &valid_ctx,
298 NULL,
299 valid_size ) );
300
301 /* mbedtls_cipher_reset() */
302 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
303 mbedtls_cipher_reset( NULL ) );
304
305#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
306 /* mbedtls_cipher_update_ad() */
307 TEST_INVALID_PARAM_RET(
308 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
309 mbedtls_cipher_update_ad( NULL,
310 valid_buffer,
311 valid_size ) );
312 TEST_INVALID_PARAM_RET(
313 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
314 mbedtls_cipher_update_ad( &valid_ctx,
315 NULL,
316 valid_size ) );
317#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
318
319#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
320 /* mbedtls_cipher_set_padding_mode() */
321 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
322 mbedtls_cipher_set_padding_mode( NULL, valid_mode ) );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]323#endif
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]324
325 /* mbedtls_cipher_update() */
326 TEST_INVALID_PARAM_RET(
327 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
328 mbedtls_cipher_update( NULL,
329 valid_buffer,
330 valid_size,
331 valid_buffer,
332 &size_t_var ) );
333 TEST_INVALID_PARAM_RET(
334 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
335 mbedtls_cipher_update( &valid_ctx,
336 NULL, valid_size,
337 valid_buffer,
338 &size_t_var ) );
339 TEST_INVALID_PARAM_RET(
340 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
341 mbedtls_cipher_update( &valid_ctx,
342 valid_buffer, valid_size,
343 NULL,
344 &size_t_var ) );
345 TEST_INVALID_PARAM_RET(
346 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
347 mbedtls_cipher_update( &valid_ctx,
348 valid_buffer, valid_size,
349 valid_buffer,
350 NULL ) );
351
352 /* mbedtls_cipher_finish() */
353 TEST_INVALID_PARAM_RET(
354 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
355 mbedtls_cipher_finish( NULL,
356 valid_buffer,
357 &size_t_var ) );
358 TEST_INVALID_PARAM_RET(
359 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
360 mbedtls_cipher_finish( &valid_ctx,
361 NULL,
362 &size_t_var ) );
363 TEST_INVALID_PARAM_RET(
364 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
365 mbedtls_cipher_finish( &valid_ctx,
366 valid_buffer,
367 NULL ) );
368
369#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
370 /* mbedtls_cipher_write_tag() */
371 TEST_INVALID_PARAM_RET(
372 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
373 mbedtls_cipher_write_tag( NULL,
374 valid_buffer,
375 valid_size ) );
376 TEST_INVALID_PARAM_RET(
377 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
378 mbedtls_cipher_write_tag( &valid_ctx,
379 NULL,
380 valid_size ) );
381
382 /* mbedtls_cipher_check_tag() */
383 TEST_INVALID_PARAM_RET(
384 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
385 mbedtls_cipher_check_tag( NULL,
386 valid_buffer,
387 valid_size ) );
388 TEST_INVALID_PARAM_RET(
389 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
390 mbedtls_cipher_check_tag( &valid_ctx,
391 NULL,
392 valid_size ) );
393#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
394
395 /* mbedtls_cipher_crypt() */
396 TEST_INVALID_PARAM_RET(
397 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
398 mbedtls_cipher_crypt( NULL,
399 valid_buffer, valid_size,
400 valid_buffer, valid_size,
401 valid_buffer, &size_t_var ) );
402 TEST_INVALID_PARAM_RET(
403 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
404 mbedtls_cipher_crypt( &valid_ctx,
405 NULL, valid_size,
406 valid_buffer, valid_size,
407 valid_buffer, &size_t_var ) );
408 TEST_INVALID_PARAM_RET(
409 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
410 mbedtls_cipher_crypt( &valid_ctx,
411 valid_buffer, valid_size,
412 NULL, valid_size,
413 valid_buffer, &size_t_var ) );
414 TEST_INVALID_PARAM_RET(
415 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
416 mbedtls_cipher_crypt( &valid_ctx,
417 valid_buffer, valid_size,
418 valid_buffer, valid_size,
419 NULL, &size_t_var ) );
420 TEST_INVALID_PARAM_RET(
421 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
422 mbedtls_cipher_crypt( &valid_ctx,
423 valid_buffer, valid_size,
424 valid_buffer, valid_size,
425 valid_buffer, NULL ) );
426
427#if defined(MBEDTLS_CIPHER_MODE_AEAD)
428 /* mbedtls_cipher_auth_encrypt() */
429 TEST_INVALID_PARAM_RET(
430 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
431 mbedtls_cipher_auth_encrypt( NULL,
432 valid_buffer, valid_size,
433 valid_buffer, valid_size,
434 valid_buffer, valid_size,
435 valid_buffer, &size_t_var,
436 valid_buffer, valid_size ) );
437 TEST_INVALID_PARAM_RET(
438 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
439 mbedtls_cipher_auth_encrypt( &valid_ctx,
440 NULL, valid_size,
441 valid_buffer, valid_size,
442 valid_buffer, valid_size,
443 valid_buffer, &size_t_var,
444 valid_buffer, valid_size ) );
445 TEST_INVALID_PARAM_RET(
446 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
447 mbedtls_cipher_auth_encrypt( &valid_ctx,
448 valid_buffer, valid_size,
449 NULL, valid_size,
450 valid_buffer, valid_size,
451 valid_buffer, &size_t_var,
452 valid_buffer, valid_size ) );
453 TEST_INVALID_PARAM_RET(
454 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
455 mbedtls_cipher_auth_encrypt( &valid_ctx,
456 valid_buffer, valid_size,
457 valid_buffer, valid_size,
458 NULL, valid_size,
459 valid_buffer, &size_t_var,
460 valid_buffer, valid_size ) );
461 TEST_INVALID_PARAM_RET(
462 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
463 mbedtls_cipher_auth_encrypt( &valid_ctx,
464 valid_buffer, valid_size,
465 valid_buffer, valid_size,
466 valid_buffer, valid_size,
467 NULL, &size_t_var,
468 valid_buffer, valid_size ) );
469 TEST_INVALID_PARAM_RET(
470 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
471 mbedtls_cipher_auth_encrypt( &valid_ctx,
472 valid_buffer, valid_size,
473 valid_buffer, valid_size,
474 valid_buffer, valid_size,
475 valid_buffer, NULL,
476 valid_buffer, valid_size ) );
477 TEST_INVALID_PARAM_RET(
478 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
479 mbedtls_cipher_auth_encrypt( &valid_ctx,
480 valid_buffer, valid_size,
481 valid_buffer, valid_size,
482 valid_buffer, valid_size,
483 valid_buffer, &size_t_var,
484 NULL, valid_size ) );
485
486 /* mbedtls_cipher_auth_decrypt() */
487 TEST_INVALID_PARAM_RET(
488 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
489 mbedtls_cipher_auth_decrypt( NULL,
490 valid_buffer, valid_size,
491 valid_buffer, valid_size,
492 valid_buffer, valid_size,
493 valid_buffer, &size_t_var,
494 valid_buffer, valid_size ) );
495 TEST_INVALID_PARAM_RET(
496 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
497 mbedtls_cipher_auth_decrypt( &valid_ctx,
498 NULL, valid_size,
499 valid_buffer, valid_size,
500 valid_buffer, valid_size,
501 valid_buffer, &size_t_var,
502 valid_buffer, valid_size ) );
503 TEST_INVALID_PARAM_RET(
504 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
505 mbedtls_cipher_auth_decrypt( &valid_ctx,
506 valid_buffer, valid_size,
507 NULL, valid_size,
508 valid_buffer, valid_size,
509 valid_buffer, &size_t_var,
510 valid_buffer, valid_size ) );
511 TEST_INVALID_PARAM_RET(
512 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
513 mbedtls_cipher_auth_decrypt( &valid_ctx,
514 valid_buffer, valid_size,
515 valid_buffer, valid_size,
516 NULL, valid_size,
517 valid_buffer, &size_t_var,
518 valid_buffer, valid_size ) );
519 TEST_INVALID_PARAM_RET(
520 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
521 mbedtls_cipher_auth_decrypt( &valid_ctx,
522 valid_buffer, valid_size,
523 valid_buffer, valid_size,
524 valid_buffer, valid_size,
525 NULL, &size_t_var,
526 valid_buffer, valid_size ) );
527 TEST_INVALID_PARAM_RET(
528 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
529 mbedtls_cipher_auth_decrypt( &valid_ctx,
530 valid_buffer, valid_size,
531 valid_buffer, valid_size,
532 valid_buffer, valid_size,
533 valid_buffer, NULL,
534 valid_buffer, valid_size ) );
535 TEST_INVALID_PARAM_RET(
536 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
537 mbedtls_cipher_auth_decrypt( &valid_ctx,
538 valid_buffer, valid_size,
539 valid_buffer, valid_size,
540 valid_buffer, valid_size,
541 valid_buffer, &size_t_var,
542 NULL, valid_size ) );
543#endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */
544
Manuel Pégourié-Gonnard86796bc2020-12-03 11:29:22 +0100[diff] [blame]545#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
546 /* mbedtls_cipher_auth_encrypt_ext */
547 TEST_INVALID_PARAM_RET(
548 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
549 mbedtls_cipher_auth_encrypt_ext( NULL,
550 valid_buffer, valid_size,
551 valid_buffer, valid_size,
552 valid_buffer, valid_size,
553 valid_buffer, valid_size, &size_t_var,
554 valid_size ) );
555 TEST_INVALID_PARAM_RET(
556 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
557 mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
558 NULL, valid_size,
559 valid_buffer, valid_size,
560 valid_buffer, valid_size,
561 valid_buffer, valid_size, &size_t_var,
562 valid_size ) );
563 TEST_INVALID_PARAM_RET(
564 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
565 mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
566 valid_buffer, valid_size,
567 NULL, valid_size,
568 valid_buffer, valid_size,
569 valid_buffer, valid_size, &size_t_var,
570 valid_size ) );
571 TEST_INVALID_PARAM_RET(
572 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
573 mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
574 valid_buffer, valid_size,
575 valid_buffer, valid_size,
576 NULL, valid_size,
577 valid_buffer, valid_size, &size_t_var,
578 valid_size ) );
579 TEST_INVALID_PARAM_RET(
580 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
581 mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
582 valid_buffer, valid_size,
583 valid_buffer, valid_size,
584 valid_buffer, valid_size,
585 NULL, valid_size, &size_t_var,
586 valid_size ) );
587 TEST_INVALID_PARAM_RET(
588 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
589 mbedtls_cipher_auth_encrypt_ext( &valid_ctx,
590 valid_buffer, valid_size,
591 valid_buffer, valid_size,
592 valid_buffer, valid_size,
593 valid_buffer, valid_size, NULL,
594 valid_size ) );
595
596 /* mbedtls_cipher_auth_decrypt_ext */
597 TEST_INVALID_PARAM_RET(
598 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
599 mbedtls_cipher_auth_decrypt_ext( NULL,
600 valid_buffer, valid_size,
601 valid_buffer, valid_size,
602 valid_buffer, valid_size,
603 valid_buffer, valid_size, &size_t_var,
604 valid_size ) );
605 TEST_INVALID_PARAM_RET(
606 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
607 mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
608 NULL, valid_size,
609 valid_buffer, valid_size,
610 valid_buffer, valid_size,
611 valid_buffer, valid_size, &size_t_var,
612 valid_size ) );
613 TEST_INVALID_PARAM_RET(
614 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
615 mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
616 valid_buffer, valid_size,
617 NULL, valid_size,
618 valid_buffer, valid_size,
619 valid_buffer, valid_size, &size_t_var,
620 valid_size ) );
621 TEST_INVALID_PARAM_RET(
622 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
623 mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
624 valid_buffer, valid_size,
625 valid_buffer, valid_size,
626 NULL, valid_size,
627 valid_buffer, valid_size, &size_t_var,
628 valid_size ) );
629 TEST_INVALID_PARAM_RET(
630 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
631 mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
632 valid_buffer, valid_size,
633 valid_buffer, valid_size,
634 valid_buffer, valid_size,
635 NULL, valid_size, &size_t_var,
636 valid_size ) );
637 TEST_INVALID_PARAM_RET(
638 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
639 mbedtls_cipher_auth_decrypt_ext( &valid_ctx,
640 valid_buffer, valid_size,
641 valid_buffer, valid_size,
642 valid_buffer, valid_size,
643 valid_buffer, valid_size, NULL,
644 valid_size ) );
645#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
646
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]647 /* mbedtls_cipher_free() */
648 TEST_VALID_PARAM( mbedtls_cipher_free( NULL ) );
649exit:
650 TEST_VALID_PARAM( mbedtls_cipher_free( &valid_ctx ) );
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]651}
652/* END_CASE */
653
Paul Bakker6a9c7252016-07-14 13:46:10 +0100[diff] [blame]654/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]655void cipher_special_behaviours( )
Paul Bakker6a9c7252016-07-14 13:46:10 +0100[diff] [blame]656{
657 const mbedtls_cipher_info_t *cipher_info;
658 mbedtls_cipher_context_t ctx;
659 unsigned char input[32];
660 unsigned char output[32];
Ron Eldor6f90ed82017-09-26 12:08:54 +0300[diff] [blame]661#if defined (MBEDTLS_CIPHER_MODE_CBC)
Paul Bakker6a9c7252016-07-14 13:46:10 +0100[diff] [blame]662 unsigned char iv[32];
Ron Eldor6f90ed82017-09-26 12:08:54 +0300[diff] [blame]663#endif
Paul Bakker6a9c7252016-07-14 13:46:10 +0100[diff] [blame]664 size_t olen = 0;
665
666 mbedtls_cipher_init( &ctx );
667 memset( input, 0, sizeof( input ) );
668 memset( output, 0, sizeof( output ) );
Ron Eldorbb4bbbb2017-10-01 17:04:54 +0300[diff] [blame]669#if defined(MBEDTLS_CIPHER_MODE_CBC)
Paul Bakker6a9c7252016-07-14 13:46:10 +0100[diff] [blame]670 memset( iv, 0, sizeof( iv ) );
671
672 /* Check and get info structures */
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]673 cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_CBC );
Paul Bakker6a9c7252016-07-14 13:46:10 +0100[diff] [blame]674 TEST_ASSERT( NULL != cipher_info );
675
676 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
677
678 /* IV too big */
679 TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1 )
680 == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
681
682 /* IV too small */
683 TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, 0 )
684 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
685
Ron Eldor4e64e0b2017-09-25 18:22:32 +0300[diff] [blame]686 mbedtls_cipher_free( &ctx );
Ron Eldorbb4bbbb2017-10-01 17:04:54 +0300[diff] [blame]687 mbedtls_cipher_init( &ctx );
Ron Eldor6f90ed82017-09-26 12:08:54 +0300[diff] [blame]688#endif /* MBEDTLS_CIPHER_MODE_CBC */
Ron Eldor4e64e0b2017-09-25 18:22:32 +0300[diff] [blame]689 cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]690 TEST_ASSERT( NULL != cipher_info );
691
692 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
693
Paul Bakker6a9c7252016-07-14 13:46:10 +0100[diff] [blame]694 /* Update ECB with partial block */
695 TEST_ASSERT( mbedtls_cipher_update( &ctx, input, 1, output, &olen )
696 == MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
697
698exit:
699 mbedtls_cipher_free( &ctx );
700}
701/* END_CASE */
702
Manuel Pégourié-Gonnard5e7693f2014-06-13 16:08:07 +0200[diff] [blame]703/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]704void enc_dec_buf( int cipher_id, char * cipher_string, int key_len,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]705 int length_val, int pad_mode )
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]706{
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]707 size_t length = length_val, outlen, total_len, i, block_size;
Jaeden Amerod906b812018-06-08 11:03:16 +0100[diff] [blame]708 unsigned char key[64];
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]709 unsigned char iv[16];
Manuel Pégourié-Gonnard9241be72013-08-31 17:31:03 +0200[diff] [blame]710 unsigned char ad[13];
711 unsigned char tag[16];
Manuel Pégourié-Gonnard1af50a22013-09-05 10:30:32 +0200[diff] [blame]712 unsigned char inbuf[64];
713 unsigned char encbuf[64];
714 unsigned char decbuf[64];
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]715
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]716 const mbedtls_cipher_info_t *cipher_info;
717 mbedtls_cipher_context_t ctx_dec;
718 mbedtls_cipher_context_t ctx_enc;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]719
Manuel Pégourié-Gonnard1af50a22013-09-05 10:30:32 +0200[diff] [blame]720 /*
721 * Prepare contexts
722 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]723 mbedtls_cipher_init( &ctx_dec );
724 mbedtls_cipher_init( &ctx_enc );
Manuel Pégourié-Gonnard1af50a22013-09-05 10:30:32 +0200[diff] [blame]725
726 memset( key, 0x2a, sizeof( key ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]727
728 /* Check and get info structures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]729 cipher_info = mbedtls_cipher_info_from_type( cipher_id );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]730 TEST_ASSERT( NULL != cipher_info );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]731 TEST_ASSERT( mbedtls_cipher_info_from_string( cipher_string ) == cipher_info );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]732
733 /* Initialise enc and dec contexts */
Manuel Pégourié-Gonnard8473f872015-05-14 13:51:45 +0200[diff] [blame]734 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
735 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) );
Manuel Pégourié-Gonnard1af50a22013-09-05 10:30:32 +0200[diff] [blame]736
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]737 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) );
738 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]739
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]740#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]741 if( -1 != pad_mode )
Manuel Pégourié-Gonnard6c978992013-07-26 13:20:42 +0200[diff] [blame]742 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]743 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) );
744 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) );
Manuel Pégourié-Gonnard6c978992013-07-26 13:20:42 +0200[diff] [blame]745 }
Manuel Pégourié-Gonnard989ed382013-09-13 14:41:45 +0200[diff] [blame]746#else
747 (void) pad_mode;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]748#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
Manuel Pégourié-Gonnard6c978992013-07-26 13:20:42 +0200[diff] [blame]749
Manuel Pégourié-Gonnard1af50a22013-09-05 10:30:32 +0200[diff] [blame]750 /*
751 * Do a few encode/decode cycles
752 */
753 for( i = 0; i < 3; i++ )
754 {
755 memset( iv , 0x00 + i, sizeof( iv ) );
756 memset( ad, 0x10 + i, sizeof( ad ) );
757 memset( inbuf, 0x20 + i, sizeof( inbuf ) );
758
759 memset( encbuf, 0, sizeof( encbuf ) );
760 memset( decbuf, 0, sizeof( decbuf ) );
761 memset( tag, 0, sizeof( tag ) );
762
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]763 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, sizeof( iv ) ) );
764 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, sizeof( iv ) ) );
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]765
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]766 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
767 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) );
Manuel Pégourié-Gonnard2adc40c2013-09-03 13:54:12 +0200[diff] [blame]768
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]769#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]770 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) );
771 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) );
Manuel Pégourié-Gonnard8f625632014-06-24 15:26:28 +0200[diff] [blame]772#endif
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]773
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]774 block_size = mbedtls_cipher_get_block_size( &ctx_enc );
775 TEST_ASSERT( block_size != 0 );
776
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]777 /* encode length number of bytes from inbuf */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]778 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) );
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]779 total_len = outlen;
780
781 TEST_ASSERT( total_len == length ||
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]782 ( total_len % block_size == 0 &&
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]783 total_len < length &&
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]784 total_len + block_size > length ) );
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]785
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]786 TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) );
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]787 total_len += outlen;
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]788
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]789#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]790 TEST_ASSERT( 0 == mbedtls_cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) );
Manuel Pégourié-Gonnard8f625632014-06-24 15:26:28 +0200[diff] [blame]791#endif
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]792
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]793 TEST_ASSERT( total_len == length ||
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]794 ( total_len % block_size == 0 &&
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]795 total_len > length &&
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]796 total_len <= length + block_size ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]797
798 /* decode the previously encoded string */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]799 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, total_len, decbuf, &outlen ) );
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]800 total_len = outlen;
801
802 TEST_ASSERT( total_len == length ||
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]803 ( total_len % block_size == 0 &&
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]804 total_len < length &&
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]805 total_len + block_size >= length ) );
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]806
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]807 TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) );
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]808 total_len += outlen;
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]809
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]810#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]811 TEST_ASSERT( 0 == mbedtls_cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) );
Manuel Pégourié-Gonnard8f625632014-06-24 15:26:28 +0200[diff] [blame]812#endif
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]813
Manuel Pégourié-Gonnard1af50a22013-09-05 10:30:32 +0200[diff] [blame]814 /* check result */
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]815 TEST_ASSERT( total_len == length );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]816 TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) );
Manuel Pégourié-Gonnard1af50a22013-09-05 10:30:32 +0200[diff] [blame]817 }
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]818
Manuel Pégourié-Gonnard1af50a22013-09-05 10:30:32 +0200[diff] [blame]819 /*
820 * Done
821 */
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]822exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]823 mbedtls_cipher_free( &ctx_dec );
824 mbedtls_cipher_free( &ctx_enc );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]825}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]826/* END_CASE */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]827
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]828/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]829void enc_fail( int cipher_id, int pad_mode, int key_len, int length_val,
830 int ret )
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]831{
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]832 size_t length = length_val;
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]833 unsigned char key[32];
834 unsigned char iv[16];
835
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]836 const mbedtls_cipher_info_t *cipher_info;
837 mbedtls_cipher_context_t ctx;
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]838
839 unsigned char inbuf[64];
840 unsigned char encbuf[64];
841
842 size_t outlen = 0;
843
844 memset( key, 0, 32 );
845 memset( iv , 0, 16 );
846
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]847 mbedtls_cipher_init( &ctx );
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]848
849 memset( inbuf, 5, 64 );
850 memset( encbuf, 0, 64 );
851
852 /* Check and get info structures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]853 cipher_info = mbedtls_cipher_info_from_type( cipher_id );
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]854 TEST_ASSERT( NULL != cipher_info );
855
856 /* Initialise context */
Manuel Pégourié-Gonnard8473f872015-05-14 13:51:45 +0200[diff] [blame]857 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]858 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, key_len, MBEDTLS_ENCRYPT ) );
859#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
860 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
Manuel Pégourié-Gonnard989ed382013-09-13 14:41:45 +0200[diff] [blame]861#else
862 (void) pad_mode;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]863#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
864 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, 16 ) );
865 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) );
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]866#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]867 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, NULL, 0 ) );
Manuel Pégourié-Gonnard8f625632014-06-24 15:26:28 +0200[diff] [blame]868#endif
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]869
870 /* encode length number of bytes from inbuf */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]871 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, inbuf, length, encbuf, &outlen ) );
872 TEST_ASSERT( ret == mbedtls_cipher_finish( &ctx, encbuf + outlen, &outlen ) );
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]873
874 /* done */
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]875exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]876 mbedtls_cipher_free( &ctx );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]877}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]878/* END_CASE */
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]879
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]880/* BEGIN_CASE */
k-stachowiakd8727232019-07-29 17:46:29 +0200[diff] [blame]881void dec_empty_buf( int cipher,
882 int expected_update_ret,
883 int expected_finish_ret )
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]884{
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]885 unsigned char key[32];
886 unsigned char iv[16];
887
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]888 mbedtls_cipher_context_t ctx_dec;
889 const mbedtls_cipher_info_t *cipher_info;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]890
891 unsigned char encbuf[64];
892 unsigned char decbuf[64];
893
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]894 size_t outlen = 0;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]895
896 memset( key, 0, 32 );
897 memset( iv , 0, 16 );
Paul Bakkerd2a2d612014-07-01 15:45:49 +0200[diff] [blame]898
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]899 mbedtls_cipher_init( &ctx_dec );
Paul Bakkerd2a2d612014-07-01 15:45:49 +0200[diff] [blame]900
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]901 memset( encbuf, 0, 64 );
902 memset( decbuf, 0, 64 );
903
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]904 /* Initialise context */
Jaeden Amero5ab80ef2019-06-05 15:35:08 +0100[diff] [blame]905 cipher_info = mbedtls_cipher_info_from_type( cipher );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]906 TEST_ASSERT( NULL != cipher_info);
Jaeden Amero5ab80ef2019-06-05 15:35:08 +0100[diff] [blame]907 TEST_ASSERT( sizeof(key) * 8 >= cipher_info->key_bitlen );
Paul Bakkerd2a2d612014-07-01 15:45:49 +0200[diff] [blame]908
Manuel Pégourié-Gonnard8473f872015-05-14 13:51:45 +0200[diff] [blame]909 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]910
Jaeden Amero5ab80ef2019-06-05 15:35:08 +0100[diff] [blame]911 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec,
912 key, cipher_info->key_bitlen,
913 MBEDTLS_DECRYPT ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]914
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]915 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) );
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]916
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]917 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
Manuel Pégourié-Gonnard2adc40c2013-09-03 13:54:12 +0200[diff] [blame]918
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]919#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]920 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) );
Manuel Pégourié-Gonnard8f625632014-06-24 15:26:28 +0200[diff] [blame]921#endif
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]922
923 /* decode 0-byte string */
k-stachowiakd8727232019-07-29 17:46:29 +0200[diff] [blame]924 TEST_ASSERT( expected_update_ret ==
925 mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]926 TEST_ASSERT( 0 == outlen );
Jaeden Amero5ab80ef2019-06-05 15:35:08 +0100[diff] [blame]927
k-stachowiakd8727232019-07-29 17:46:29 +0200[diff] [blame]928 if ( expected_finish_ret == 0 &&
929 ( cipher_info->mode == MBEDTLS_MODE_CBC ||
930 cipher_info->mode == MBEDTLS_MODE_ECB ) )
Jaeden Amero5ab80ef2019-06-05 15:35:08 +0100[diff] [blame]931 {
932 /* Non-CBC and non-ECB ciphers are OK with decrypting empty buffers and
933 * return success, not MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED, when
k-stachowiakd8727232019-07-29 17:46:29 +0200[diff] [blame]934 * decrypting an empty buffer.
935 * On the other hand, CBC and ECB ciphers need a full block of input.
936 */
937 expected_finish_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
Jaeden Amero5ab80ef2019-06-05 15:35:08 +0100[diff] [blame]938 }
939
k-stachowiakd8727232019-07-29 17:46:29 +0200[diff] [blame]940 TEST_ASSERT( expected_finish_ret == mbedtls_cipher_finish(
941 &ctx_dec, decbuf + outlen, &outlen ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]942 TEST_ASSERT( 0 == outlen );
943
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]944exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]945 mbedtls_cipher_free( &ctx_dec );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]946}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]947/* END_CASE */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]948
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]949/* BEGIN_CASE */
950void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val,
Jethro Beekman6c563fa2018-03-27 19:16:17 -0700[diff] [blame]951 int second_length_val, int pad_mode,
952 int first_encrypt_output_len, int second_encrypt_output_len,
953 int first_decrypt_output_len, int second_decrypt_output_len )
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]954{
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]955 size_t first_length = first_length_val;
956 size_t second_length = second_length_val;
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]957 size_t length = first_length + second_length;
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]958 size_t block_size;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]959 unsigned char key[32];
960 unsigned char iv[16];
961
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]962 mbedtls_cipher_context_t ctx_dec;
963 mbedtls_cipher_context_t ctx_enc;
964 const mbedtls_cipher_info_t *cipher_info;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]965
966 unsigned char inbuf[64];
967 unsigned char encbuf[64];
968 unsigned char decbuf[64];
969
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]970 size_t outlen = 0;
971 size_t totaloutlen = 0;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]972
973 memset( key, 0, 32 );
974 memset( iv , 0, 16 );
Paul Bakkerd2a2d612014-07-01 15:45:49 +0200[diff] [blame]975
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]976 mbedtls_cipher_init( &ctx_dec );
977 mbedtls_cipher_init( &ctx_enc );
Paul Bakkerd2a2d612014-07-01 15:45:49 +0200[diff] [blame]978
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]979 memset( inbuf, 5, 64 );
980 memset( encbuf, 0, 64 );
981 memset( decbuf, 0, 64 );
982
983 /* Initialise enc and dec contexts */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]984 cipher_info = mbedtls_cipher_info_from_type( cipher_id );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]985 TEST_ASSERT( NULL != cipher_info);
Paul Bakkerd2a2d612014-07-01 15:45:49 +0200[diff] [blame]986
Manuel Pégourié-Gonnard8473f872015-05-14 13:51:45 +0200[diff] [blame]987 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
988 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) );
Paul Bakkerd2a2d612014-07-01 15:45:49 +0200[diff] [blame]989
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]990 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) );
991 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]992
Jethro Beekman6c563fa2018-03-27 19:16:17 -0700[diff] [blame]993#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
994 if( -1 != pad_mode )
995 {
996 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) );
997 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) );
998 }
999#else
1000 (void) pad_mode;
1001#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
1002
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1003 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) );
1004 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, 16 ) );
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]1005
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1006 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
1007 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) );
Manuel Pégourié-Gonnard2adc40c2013-09-03 13:54:12 +0200[diff] [blame]1008
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]1009#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1010 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) );
1011 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, NULL, 0 ) );
Manuel Pégourié-Gonnard8f625632014-06-24 15:26:28 +0200[diff] [blame]1012#endif
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1013
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]1014 block_size = mbedtls_cipher_get_block_size( &ctx_enc );
1015 TEST_ASSERT( block_size != 0 );
1016
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1017 /* encode length number of bytes from inbuf */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1018 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) );
Jethro Beekman6c563fa2018-03-27 19:16:17 -0700[diff] [blame]1019 TEST_ASSERT( (size_t)first_encrypt_output_len == outlen );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1020 totaloutlen = outlen;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1021 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf + first_length, second_length, encbuf + totaloutlen, &outlen ) );
Jethro Beekman6c563fa2018-03-27 19:16:17 -0700[diff] [blame]1022 TEST_ASSERT( (size_t)second_encrypt_output_len == outlen );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1023 totaloutlen += outlen;
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]1024 TEST_ASSERT( totaloutlen == length ||
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]1025 ( totaloutlen % block_size == 0 &&
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]1026 totaloutlen < length &&
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]1027 totaloutlen + block_size > length ) );
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]1028
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1029 TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + totaloutlen, &outlen ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1030 totaloutlen += outlen;
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]1031 TEST_ASSERT( totaloutlen == length ||
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]1032 ( totaloutlen % block_size == 0 &&
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]1033 totaloutlen > length &&
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]1034 totaloutlen <= length + block_size ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1035
1036 /* decode the previously encoded string */
Jethro Beekman6c563fa2018-03-27 19:16:17 -0700[diff] [blame]1037 second_length = totaloutlen - first_length;
1038 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, first_length, decbuf, &outlen ) );
1039 TEST_ASSERT( (size_t)first_decrypt_output_len == outlen );
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]1040 totaloutlen = outlen;
Jethro Beekman6c563fa2018-03-27 19:16:17 -0700[diff] [blame]1041 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf + first_length, second_length, decbuf + totaloutlen, &outlen ) );
1042 TEST_ASSERT( (size_t)second_decrypt_output_len == outlen );
1043 totaloutlen += outlen;
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]1044
1045 TEST_ASSERT( totaloutlen == length ||
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]1046 ( totaloutlen % block_size == 0 &&
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]1047 totaloutlen < length &&
Manuel Pégourié-Gonnardac5361f2015-06-24 01:08:09 +0200[diff] [blame]1048 totaloutlen + block_size >= length ) );
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]1049
Jethro Beekman6c563fa2018-03-27 19:16:17 -0700[diff] [blame]1050 TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + totaloutlen, &outlen ) );
Manuel Pégourié-Gonnard725680f2013-07-25 15:26:54 +0200[diff] [blame]1051 totaloutlen += outlen;
1052
1053 TEST_ASSERT( totaloutlen == length );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1054
1055 TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) );
1056
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1057exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1058 mbedtls_cipher_free( &ctx_dec );
1059 mbedtls_cipher_free( &ctx_enc );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1060}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1061/* END_CASE */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1062
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1063/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1064void decrypt_test_vec( int cipher_id, int pad_mode, data_t * key,
1065 data_t * iv, data_t * cipher,
1066 data_t * clear, data_t * ad, data_t * tag,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1067 int finish_result, int tag_result )
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1068{
Manuel Pégourié-Gonnard234e1ce2018-05-10 12:54:32 +0200[diff] [blame]1069 unsigned char output[265];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1070 mbedtls_cipher_context_t ctx;
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1071 size_t outlen, total_len;
1072
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1073 mbedtls_cipher_init( &ctx );
Paul Bakkerd2a2d612014-07-01 15:45:49 +0200[diff] [blame]1074
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1075 memset( output, 0x00, sizeof( output ) );
1076
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1077#if !defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CHACHAPOLY_C)
Mohammad Azim Khancf32c452017-06-13 14:55:58 +0100[diff] [blame]1078 ((void) ad);
1079 ((void) tag);
Manuel Pégourié-Gonnarda7496f02013-09-20 11:29:59 +0200[diff] [blame]1080#endif
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1081
1082 /* Prepare context */
Manuel Pégourié-Gonnard8473f872015-05-14 13:51:45 +0200[diff] [blame]1083 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1084 mbedtls_cipher_info_from_type( cipher_id ) ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1085 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1086#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1087 if( pad_mode != -1 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1088 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
Manuel Pégourié-Gonnard989ed382013-09-13 14:41:45 +0200[diff] [blame]1089#else
1090 (void) pad_mode;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1091#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1092 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv->x, iv->len ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1093 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) );
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]1094#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1095 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, ad->x, ad->len ) );
Manuel Pégourié-Gonnard8f625632014-06-24 15:26:28 +0200[diff] [blame]1096#endif
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1097
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1098 /* decode buffer and check tag->x */
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1099 total_len = 0;
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1100 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, cipher->x, cipher->len, output, &outlen ) );
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1101 total_len += outlen;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1102 TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen,
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1103 &outlen ) );
1104 total_len += outlen;
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]1105#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1106 TEST_ASSERT( tag_result == mbedtls_cipher_check_tag( &ctx, tag->x, tag->len ) );
Manuel Pégourié-Gonnard8f625632014-06-24 15:26:28 +0200[diff] [blame]1107#endif
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1108
1109 /* check plaintext only if everything went fine */
1110 if( 0 == finish_result && 0 == tag_result )
1111 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1112 TEST_ASSERT( total_len == clear->len );
1113 TEST_ASSERT( 0 == memcmp( output, clear->x, clear->len ) );
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1114 }
1115
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1116exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1117 mbedtls_cipher_free( &ctx );
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1118}
1119/* END_CASE */
1120
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1121/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_AUTH_CRYPT */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1122void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
1123 data_t * ad, data_t * cipher, data_t * tag,
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1124 char * result, data_t * clear, int use_psa )
Manuel Pégourié-Gonnard542eac52014-05-15 16:03:07 +0200[diff] [blame]1125{
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1126 /*
1127 * Take an AEAD ciphertext + tag and perform a pair
1128 * of AEAD decryption and AEAD encryption. Check that
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1129 * this results in the expected plaintext, and that
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1130 * decryption and encryption are inverse to one another.
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1131 *
1132 * Do that twice:
1133 * - once with legacy functions auth_decrypt/auth_encrypt
1134 * - once with new functions auth_decrypt_ext/auth_encrypt_ext
1135 * This allows testing both without duplicating test cases.
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1136 */
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1137
Manuel Pégourié-Gonnard542eac52014-05-15 16:03:07 +0200[diff] [blame]1138 int ret;
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1139 int using_nist_kw, using_nist_kw_padding;
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1140
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1141 mbedtls_cipher_context_t ctx;
Manuel Pégourié-Gonnard542eac52014-05-15 16:03:07 +0200[diff] [blame]1142 size_t outlen;
1143
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1144 unsigned char *cipher_plus_tag = NULL;
1145 size_t cipher_plus_tag_len;
1146 unsigned char *decrypt_buf = NULL;
1147 size_t decrypt_buf_len = 0;
1148 unsigned char *encrypt_buf = NULL;
1149 size_t encrypt_buf_len = 0;
1150
Manuel Pégourié-Gonnard513c2432020-12-01 10:34:57 +0100[diff] [blame]1151#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
1152 !defined(MBEDTLS_DEPRECATED_REMOVED)
Manuel Pégourié-Gonnard513c2432020-12-01 10:34:57 +0100[diff] [blame]1153 unsigned char *tmp_tag = NULL;
1154 unsigned char *tmp_cipher = NULL;
Manuel Pégourié-Gonnard9b2a7892020-12-03 11:09:46 +0100[diff] [blame]1155 unsigned char *tag_buf = NULL;
Manuel Pégourié-Gonnard513c2432020-12-01 10:34:57 +0100[diff] [blame]1156#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
1157
1158 mbedtls_cipher_init( &ctx );
Manuel Pégourié-Gonnard542eac52014-05-15 16:03:07 +0200[diff] [blame]1159
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1160 /* Initialize PSA Crypto */
1161#if defined(MBEDTLS_USE_PSA_CRYPTO)
1162 if( use_psa == 1 )
1163 PSA_ASSERT( psa_crypto_init( ) );
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1164#else
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1165 (void) use_psa;
1166#endif
1167
1168 /*
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1169 * Are we using NIST_KW? with padding?
1170 */
1171 using_nist_kw_padding = cipher_id == MBEDTLS_CIPHER_AES_128_KWP ||
1172 cipher_id == MBEDTLS_CIPHER_AES_192_KWP ||
1173 cipher_id == MBEDTLS_CIPHER_AES_256_KWP;
1174 using_nist_kw = cipher_id == MBEDTLS_CIPHER_AES_128_KW ||
1175 cipher_id == MBEDTLS_CIPHER_AES_192_KW ||
1176 cipher_id == MBEDTLS_CIPHER_AES_256_KW ||
1177 using_nist_kw_padding;
1178
Manuel Pégourié-Gonnard513c2432020-12-01 10:34:57 +0100[diff] [blame]1179 /****************************************************************
1180 * *
1181 * Part 1: non-deprecated API *
1182 * *
1183 ****************************************************************/
1184
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1185 /*
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1186 * Prepare context for decryption
1187 */
Manuel Pégourié-Gonnard89a8fe52020-11-27 09:32:55 +0100[diff] [blame]1188 cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
1189 MBEDTLS_DECRYPT );
Manuel Pégourié-Gonnard542eac52014-05-15 16:03:07 +0200[diff] [blame]1190
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1191 /*
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1192 * prepare buffer for decryption
1193 * (we need the tag appended to the ciphertext)
1194 */
1195 cipher_plus_tag_len = cipher->len + tag->len;
1196 ASSERT_ALLOC( cipher_plus_tag, cipher_plus_tag_len );
1197 memcpy( cipher_plus_tag, cipher->x, cipher->len );
1198 memcpy( cipher_plus_tag + cipher->len, tag->x, tag->len );
1199
1200 /*
1201 * Compute length of output buffer according to the documentation
1202 */
1203 if( using_nist_kw )
1204 decrypt_buf_len = cipher_plus_tag_len - 8;
1205 else
1206 decrypt_buf_len = cipher_plus_tag_len - tag->len;
1207
1208
1209 /*
1210 * Try decrypting to a buffer that's 1B too small
1211 */
1212 if( decrypt_buf_len != 0 )
1213 {
1214 ASSERT_ALLOC( decrypt_buf, decrypt_buf_len - 1 );
1215
1216 outlen = 0;
1217 ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len,
1218 ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len,
1219 decrypt_buf, decrypt_buf_len - 1, &outlen, tag->len );
1220 TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
1221
1222 mbedtls_free( decrypt_buf );
1223 decrypt_buf = NULL;
1224 }
1225
1226 /*
1227 * Authenticate and decrypt, and check result
1228 */
1229 ASSERT_ALLOC( decrypt_buf, decrypt_buf_len );
1230
1231 outlen = 0;
1232 ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len,
1233 ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len,
1234 decrypt_buf, decrypt_buf_len, &outlen, tag->len );
1235
1236 if( strcmp( result, "FAIL" ) == 0 )
1237 {
1238 TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
Manuel Pégourié-Gonnardf215ef82020-12-03 12:33:31 +0100[diff] [blame]1239 TEST_ASSERT( buffer_is_all_zero( decrypt_buf, decrypt_buf_len ) );
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1240 }
1241 else
1242 {
1243 TEST_ASSERT( ret == 0 );
1244
1245 TEST_ASSERT( outlen == clear->len );
1246 if( clear->len != 0 )
1247 TEST_ASSERT( memcmp( decrypt_buf, clear->x, clear->len ) == 0 );
1248 }
1249
Manuel Pégourié-Gonnard513c2432020-12-01 10:34:57 +0100[diff] [blame]1250 /* Free this, but keep cipher_plus_tag for deprecated function with PSA */
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1251 mbedtls_free( decrypt_buf );
1252 decrypt_buf = NULL;
1253
1254 /*
1255 * Encrypt back if test data was authentic
1256 */
1257 if( strcmp( result, "FAIL" ) != 0 )
1258 {
1259 /* prepare context for encryption */
1260 cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
1261 MBEDTLS_ENCRYPT );
1262
1263 /*
1264 * Compute size of output buffer according to documentation
1265 */
1266 if( using_nist_kw )
1267 {
1268 encrypt_buf_len = clear->len + 8;
1269 if( using_nist_kw_padding && encrypt_buf_len % 8 != 0 )
1270 encrypt_buf_len += 8 - encrypt_buf_len % 8;
1271 }
1272 else
1273 {
1274 encrypt_buf_len = clear->len + tag->len;
1275 }
1276
1277 /*
1278 * Try encrypting with an output buffer that's 1B too small
1279 */
1280 ASSERT_ALLOC( encrypt_buf, encrypt_buf_len - 1 );
1281
1282 outlen = 0;
1283 ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len,
1284 ad->x, ad->len, clear->x, clear->len,
1285 encrypt_buf, encrypt_buf_len - 1, &outlen, tag->len );
1286 TEST_ASSERT( ret != 0 );
1287
1288 mbedtls_free( encrypt_buf );
1289 encrypt_buf = NULL;
1290
1291 /*
1292 * Encrypt and check the result
1293 */
1294 ASSERT_ALLOC( encrypt_buf, encrypt_buf_len );
1295
1296 outlen = 0;
1297 ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len,
1298 ad->x, ad->len, clear->x, clear->len,
1299 encrypt_buf, encrypt_buf_len, &outlen, tag->len );
1300 TEST_ASSERT( ret == 0 );
1301
1302 TEST_ASSERT( outlen == cipher->len + tag->len );
1303 TEST_ASSERT( memcmp( encrypt_buf, cipher->x, cipher->len ) == 0 );
1304 TEST_ASSERT( memcmp( encrypt_buf + cipher->len,
1305 tag->x, tag->len ) == 0 );
1306
1307 mbedtls_free( encrypt_buf );
1308 encrypt_buf = NULL;
1309 }
1310
Manuel Pégourié-Gonnard513c2432020-12-01 10:34:57 +0100[diff] [blame]1311 /****************************************************************
1312 * *
1313 * Part 2: deprecated API *
1314 * *
1315 ****************************************************************/
1316
1317#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
1318 !defined(MBEDTLS_DEPRECATED_REMOVED)
1319
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1320 /*
1321 * Prepare context for decryption
1322 */
1323 cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
1324 MBEDTLS_DECRYPT );
1325
1326 /*
1327 * Prepare pointers for decryption
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1328 */
1329#if defined(MBEDTLS_USE_PSA_CRYPTO)
1330 if( use_psa == 1 )
1331 {
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1332 /* PSA requires that the tag immediately follows the ciphertext.
1333 * Fortunately, we already have that from testing the new API. */
1334 tmp_cipher = cipher_plus_tag;
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1335 tmp_tag = tmp_cipher + cipher->len;
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1336 }
1337 else
1338#endif /* MBEDTLS_USE_PSA_CRYPTO */
1339 {
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1340 tmp_cipher = cipher->x;
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1341 tmp_tag = tag->x;
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1342 }
1343
1344 /*
1345 * Authenticate and decrypt, and check result
1346 */
Manuel Pégourié-Gonnard542eac52014-05-15 16:03:07 +0200[diff] [blame]1347
Manuel Pégourié-Gonnard9b2a7892020-12-03 11:09:46 +0100[diff] [blame]1348 /* We can't pass a NULL output buffer to this funciton */
1349 ASSERT_ALLOC( decrypt_buf, cipher->len ? cipher->len : 1 );
1350 outlen = 0;
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1351 ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
Manuel Pégourié-Gonnard9b2a7892020-12-03 11:09:46 +0100[diff] [blame]1352 tmp_cipher, cipher->len, decrypt_buf, &outlen,
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1353 tmp_tag, tag->len );
Manuel Pégourié-Gonnard542eac52014-05-15 16:03:07 +0200[diff] [blame]1354
Manuel Pégourié-Gonnardf2ffbc42020-12-01 09:57:55 +0100[diff] [blame]1355 if( using_nist_kw )
Manuel Pégourié-Gonnard542eac52014-05-15 16:03:07 +0200[diff] [blame]1356 {
Manuel Pégourié-Gonnardf2ffbc42020-12-01 09:57:55 +0100[diff] [blame]1357 /* NIST_KW with legacy API */
1358 TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
1359 }
1360 else if( strcmp( result, "FAIL" ) == 0 )
1361 {
1362 /* unauthentic message */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1363 TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
Manuel Pégourié-Gonnardf215ef82020-12-03 12:33:31 +0100[diff] [blame]1364 TEST_ASSERT( buffer_is_all_zero( decrypt_buf, cipher->len ) );
Gilles Peskine139ec3b2019-04-16 15:25:20 +0200[diff] [blame]1365 }
1366 else
Gilles Peskine139ec3b2019-04-16 15:25:20 +0200[diff] [blame]1367 {
Manuel Pégourié-Gonnardf2ffbc42020-12-01 09:57:55 +0100[diff] [blame]1368 /* authentic message: is the plaintext correct? */
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1369 TEST_ASSERT( ret == 0 );
1370
1371 TEST_ASSERT( outlen == clear->len );
Manuel Pégourié-Gonnard9b2a7892020-12-03 11:09:46 +0100[diff] [blame]1372 TEST_ASSERT( memcmp( decrypt_buf, clear->x, clear->len ) == 0 );
Manuel Pégourié-Gonnardf2ffbc42020-12-01 09:57:55 +0100[diff] [blame]1373 }
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1374
Manuel Pégourié-Gonnard9b2a7892020-12-03 11:09:46 +0100[diff] [blame]1375 mbedtls_free( decrypt_buf );
1376 decrypt_buf = NULL;
1377 mbedtls_free( cipher_plus_tag );
1378 cipher_plus_tag = NULL;
1379
Manuel Pégourié-Gonnardf2ffbc42020-12-01 09:57:55 +0100[diff] [blame]1380 /*
1381 * Encrypt back if test data was authentic
1382 */
1383 if( strcmp( result, "FAIL" ) != 0 )
1384 {
1385 /* prepare context for encryption */
Manuel Pégourié-Gonnard89a8fe52020-11-27 09:32:55 +0100[diff] [blame]1386 cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
1387 MBEDTLS_ENCRYPT );
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1388
Manuel Pégourié-Gonnard9b2a7892020-12-03 11:09:46 +0100[diff] [blame]1389 /* prepare buffers for encryption */
1390#if defined(MBEDTLS_USE_PSA_CRYPTO)
1391 if( use_psa )
1392 {
1393 ASSERT_ALLOC( cipher_plus_tag, cipher->len + tag->len );
1394 tmp_cipher = cipher_plus_tag;
1395 tmp_tag = cipher_plus_tag + cipher->len;
1396 }
1397 else
1398#endif /* MBEDTLS_USE_PSA_CRYPTO */
1399 {
1400 /* can't pass a NULL output buffer to this function */
1401 ASSERT_ALLOC( encrypt_buf, cipher->len ? cipher->len : 1 );
1402 ASSERT_ALLOC( tag_buf, tag->len );
1403 tmp_cipher = encrypt_buf;
1404 tmp_tag = tag_buf;
1405 }
1406
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1407 /*
1408 * Encrypt and check the result
1409 */
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1410 outlen = 0;
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1411 ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
Manuel Pégourié-Gonnard9b2a7892020-12-03 11:09:46 +0100[diff] [blame]1412 clear->x, clear->len, tmp_cipher, &outlen,
1413 tmp_tag, tag->len );
Manuel Pégourié-Gonnard4c1a1002020-11-26 10:22:50 +0100[diff] [blame]1414
Manuel Pégourié-Gonnardf2ffbc42020-12-01 09:57:55 +0100[diff] [blame]1415 if( using_nist_kw )
1416 {
1417 TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
1418 }
1419 else
1420 {
1421 TEST_ASSERT( ret == 0 );
1422
1423 TEST_ASSERT( outlen == cipher->len );
Manuel Pégourié-Gonnard9b2a7892020-12-03 11:09:46 +0100[diff] [blame]1424 TEST_ASSERT( memcmp( tmp_cipher, cipher->x, cipher->len ) == 0 );
1425 TEST_ASSERT( memcmp( tmp_tag, tag->x, tag->len ) == 0 );
Manuel Pégourié-Gonnardf2ffbc42020-12-01 09:57:55 +0100[diff] [blame]1426 }
Gilles Peskine139ec3b2019-04-16 15:25:20 +0200[diff] [blame]1427 }
Manuel Pégourié-Gonnard542eac52014-05-15 16:03:07 +0200[diff] [blame]1428
Manuel Pégourié-Gonnard513c2432020-12-01 10:34:57 +0100[diff] [blame]1429#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
1430
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1431exit:
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1432
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]1433 mbedtls_cipher_free( &ctx );
Manuel Pégourié-Gonnard53f10e72020-11-30 10:17:01 +0100[diff] [blame]1434 mbedtls_free( decrypt_buf );
1435 mbedtls_free( encrypt_buf );
1436 mbedtls_free( cipher_plus_tag );
Manuel Pégourié-Gonnard9b2a7892020-12-03 11:09:46 +0100[diff] [blame]1437#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
1438 !defined(MBEDTLS_DEPRECATED_REMOVED)
1439 mbedtls_free( tag_buf );
1440#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]1441
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1442#if defined(MBEDTLS_USE_PSA_CRYPTO)
1443 if( use_psa == 1 )
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]1444 PSA_DONE( );
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1445#endif /* MBEDTLS_USE_PSA_CRYPTO */
Manuel Pégourié-Gonnard542eac52014-05-15 16:03:07 +0200[diff] [blame]1446}
1447/* END_CASE */
1448
Manuel Pégourié-Gonnard8eccab52013-09-03 18:31:25 +0200[diff] [blame]1449/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1450void test_vec_ecb( int cipher_id, int operation, data_t * key,
1451 data_t * input, data_t * result, int finish_result
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1452 )
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]1453{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1454 mbedtls_cipher_context_t ctx;
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]1455 unsigned char output[32];
1456 size_t outlen;
1457
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1458 mbedtls_cipher_init( &ctx );
Paul Bakkerd2a2d612014-07-01 15:45:49 +0200[diff] [blame]1459
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]1460 memset( output, 0x00, sizeof( output ) );
1461
1462 /* Prepare context */
Manuel Pégourié-Gonnard8473f872015-05-14 13:51:45 +0200[diff] [blame]1463 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1464 mbedtls_cipher_info_from_type( cipher_id ) ) );
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]1465
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]1466
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1467 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) );
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]1468
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1469 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, input->x,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1470 mbedtls_cipher_get_block_size( &ctx ),
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]1471 output, &outlen ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1472 TEST_ASSERT( outlen == mbedtls_cipher_get_block_size( &ctx ) );
1473 TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen,
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]1474 &outlen ) );
1475 TEST_ASSERT( 0 == outlen );
1476
1477 /* check plaintext only if everything went fine */
1478 if( 0 == finish_result )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1479 TEST_ASSERT( 0 == memcmp( output, result->x,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1480 mbedtls_cipher_get_block_size( &ctx ) ) );
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]1481
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1482exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1483 mbedtls_cipher_free( &ctx );
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]1484}
1485/* END_CASE */
1486
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1487/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]1488void test_vec_crypt( int cipher_id, int operation, data_t *key,
1489 data_t *iv, data_t *input, data_t *result,
Hanno Beckere43164e2018-11-12 12:46:35 +0000[diff] [blame]1490 int finish_result, int use_psa )
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]1491{
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]1492 mbedtls_cipher_context_t ctx;
1493 unsigned char output[32];
1494 size_t outlen;
1495
1496 mbedtls_cipher_init( &ctx );
1497
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]1498 memset( output, 0x00, sizeof( output ) );
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]1499
1500 /* Prepare context */
Hanno Beckere43164e2018-11-12 12:46:35 +0000[diff] [blame]1501#if !defined(MBEDTLS_USE_PSA_CRYPTO)
1502 (void) use_psa;
1503#else
1504 if( use_psa == 1 )
1505 {
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]1506 PSA_ASSERT( psa_crypto_init( ) );
Hanno Beckere43164e2018-11-12 12:46:35 +0000[diff] [blame]1507 TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1508 mbedtls_cipher_info_from_type( cipher_id ), 0 ) );
Hanno Beckere43164e2018-11-12 12:46:35 +0000[diff] [blame]1509 }
1510 else
1511#endif /* MBEDTLS_USE_PSA_CRYPTO */
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]1512 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
Hanno Beckera13272d2018-11-12 16:27:30 +0000[diff] [blame]1513 mbedtls_cipher_info_from_type( cipher_id ) ) );
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]1514
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]1515 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) );
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]1516 if( MBEDTLS_MODE_CBC == ctx.cipher_info->mode )
1517 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, MBEDTLS_PADDING_NONE ) );
1518
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]1519 TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv->len ? iv->x : NULL,
1520 iv->len, input->x, input->len,
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]1521 output, &outlen ) );
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]1522 TEST_ASSERT( result->len == outlen );
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]1523 /* check plaintext only if everything went fine */
1524 if( 0 == finish_result )
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame]1525 TEST_ASSERT( 0 == memcmp( output, result->x, outlen ) );
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]1526
1527exit:
1528 mbedtls_cipher_free( &ctx );
Gilles Peskine5386f6b2019-08-01 12:47:40 +0200[diff] [blame]1529#if defined(MBEDTLS_USE_PSA_CRYPTO)
1530 PSA_DONE( );
1531#endif /* MBEDTLS_USE_PSA_CRYPTO */
Ron Eldor7b012442017-09-25 17:03:12 +0300[diff] [blame]1532}
1533/* END_CASE */
1534
1535/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1536void set_padding( int cipher_id, int pad_mode, int ret )
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1537{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1538 const mbedtls_cipher_info_t *cipher_info;
1539 mbedtls_cipher_context_t ctx;
Manuel Pégourié-Gonnardd5fdcaf2013-07-24 18:05:00 +0200[diff] [blame]1540
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1541 mbedtls_cipher_init( &ctx );
Paul Bakkerd2a2d612014-07-01 15:45:49 +0200[diff] [blame]1542
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1543 cipher_info = mbedtls_cipher_info_from_type( cipher_id );
Manuel Pégourié-Gonnardd5fdcaf2013-07-24 18:05:00 +0200[diff] [blame]1544 TEST_ASSERT( NULL != cipher_info );
Manuel Pégourié-Gonnard8473f872015-05-14 13:51:45 +0200[diff] [blame]1545 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
Manuel Pégourié-Gonnardd5fdcaf2013-07-24 18:05:00 +0200[diff] [blame]1546
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1547 TEST_ASSERT( ret == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
Manuel Pégourié-Gonnardd5fdcaf2013-07-24 18:05:00 +0200[diff] [blame]1548
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1549exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1550 mbedtls_cipher_free( &ctx );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1551}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1552/* END_CASE */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1553
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1554/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1555void check_padding( int pad_mode, data_t * input, int ret, int dlen_check
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1556 )
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1557{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1558 mbedtls_cipher_info_t cipher_info;
1559 mbedtls_cipher_context_t ctx;
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1560 size_t dlen;
Manuel Pégourié-Gonnarda6408492013-07-26 10:55:02 +0200[diff] [blame]1561
1562 /* build a fake context just for getting access to get_padding */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1563 mbedtls_cipher_init( &ctx );
1564 cipher_info.mode = MBEDTLS_MODE_CBC;
Manuel Pégourié-Gonnarda6408492013-07-26 10:55:02 +0200[diff] [blame]1565 ctx.cipher_info = &cipher_info;
1566
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1567 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
Manuel Pégourié-Gonnarda6408492013-07-26 10:55:02 +0200[diff] [blame]1568
Manuel Pégourié-Gonnarda6408492013-07-26 10:55:02 +0200[diff] [blame]1569
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1570 TEST_ASSERT( ret == ctx.get_padding( input->x, input->len, &dlen ) );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1571 if( 0 == ret )
1572 TEST_ASSERT( dlen == (size_t) dlen_check );
Paul Bakkerdbd443d2013-08-16 13:38:47 +0200[diff] [blame]1573}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1574/* END_CASE */