TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 9ed4073ea53fa934842a57e4ec795e2fc765f094 / . / tests / suites / test_suite_chachapoly.function
blob: 96128e4ec35d7304ebf297a4f7d3cb024e540583 [file] [log] [blame]
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]2#include "mbedtls/chachapoly.h"
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]3/* END_HEADER */
4
5/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]6 * depends_on:MBEDTLS_CHACHAPOLY_C
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]7 * END_DEPENDENCIES
8 */
9
10/* BEGIN_CASE */
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame^]11void mbedtls_chachapoly_enc( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str )
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]12{
Manuel Pégourié-Gonnard528524b2018-05-09 11:21:21 +0200[diff] [blame]13 unsigned char output[265];
Manuel Pégourié-Gonnard528524b2018-05-09 11:21:21 +0200[diff] [blame]14 unsigned char mac[16]; /* size set by the standard */
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]15 mbedtls_chachapoly_context ctx;
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]16
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame^]17 TEST_ASSERT( key_str->len == 32 );
18 TEST_ASSERT( nonce_str->len == 12 );
19 TEST_ASSERT( mac_str->len == 16 );
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]20
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]21 mbedtls_chachapoly_init( &ctx );
22
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame^]23 TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 );
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]24
Manuel Pégourié-Gonnard3dc62a02018-06-04 12:18:19 +0200[diff] [blame]25 TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame^]26 input_str->len, nonce_str->x,
27 aad_str->x, aad_str->len,
28 input_str->x, output, mac ) == 0 );
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]29
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame^]30 TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 );
31 TEST_ASSERT( memcmp( mac_str->x, mac, 16U ) == 0 );
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]32
33exit:
34 mbedtls_chachapoly_free( &ctx );
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]35}
36/* END_CASE */
37
38/* BEGIN_CASE */
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame^]39void mbedtls_chachapoly_dec( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str, int ret_exp )
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]40{
Manuel Pégourié-Gonnard528524b2018-05-09 11:21:21 +0200[diff] [blame]41 unsigned char output[265];
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]42 int ret;
43 mbedtls_chachapoly_context ctx;
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]44
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame^]45 TEST_ASSERT( key_str->len == 32 );
46 TEST_ASSERT( nonce_str->len == 12 );
47 TEST_ASSERT( mac_str->len == 16 );
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]48
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]49 mbedtls_chachapoly_init( &ctx );
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]50
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame^]51 TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 );
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]52
53 ret = mbedtls_chachapoly_auth_decrypt( &ctx,
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame^]54 input_str->len, nonce_str->x,
55 aad_str->x, aad_str->len,
56 mac_str->x, input_str->x, output );
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]57
Manuel Pégourié-Gonnard72967712018-05-09 12:22:13 +0200[diff] [blame]58 TEST_ASSERT( ret == ret_exp );
59 if( ret_exp == 0 )
60 {
Ronald Cron9ed40732020-06-25 09:03:34 +0200[diff] [blame^]61 TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 );
Manuel Pégourié-Gonnard72967712018-05-09 12:22:13 +0200[diff] [blame]62 }
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]63
64exit:
65 mbedtls_chachapoly_free( &ctx );
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]66}
67/* END_CASE */
68
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]69/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]70void chachapoly_bad_params()
71{
72 unsigned char key[32];
73 unsigned char nonce[12];
74 unsigned char aad[1];
75 unsigned char input[1];
76 unsigned char output[1];
77 unsigned char mac[16];
78 size_t input_len = sizeof( input );
79 size_t aad_len = sizeof( aad );
80 mbedtls_chachapoly_context ctx;
81
82 memset( key, 0x00, sizeof( key ) );
83 memset( nonce, 0x00, sizeof( nonce ) );
84 memset( aad, 0x00, sizeof( aad ) );
85 memset( input, 0x00, sizeof( input ) );
86 memset( output, 0x00, sizeof( output ) );
87 memset( mac, 0x00, sizeof( mac ) );
88
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]89 TEST_INVALID_PARAM( mbedtls_chachapoly_init( NULL ) );
90 TEST_VALID_PARAM( mbedtls_chachapoly_free( NULL ) );
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]91
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]92 /* setkey */
93 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
94 mbedtls_chachapoly_setkey( NULL, key ) );
95 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
96 mbedtls_chachapoly_setkey( &ctx, NULL ) );
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]97
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]98 /* encrypt_and_tag */
99 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
100 mbedtls_chachapoly_encrypt_and_tag( NULL,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]101 0, nonce,
102 aad, 0,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]103 input, output, mac ) );
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
105 mbedtls_chachapoly_encrypt_and_tag( &ctx,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]106 0, NULL,
107 aad, 0,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]108 input, output, mac ) );
109 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
110 mbedtls_chachapoly_encrypt_and_tag( &ctx,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]111 0, nonce,
112 NULL, aad_len,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]113 input, output, mac ) );
114 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
115 mbedtls_chachapoly_encrypt_and_tag( &ctx,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]116 input_len, nonce,
117 aad, 0,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]118 NULL, output, mac ) );
119 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
120 mbedtls_chachapoly_encrypt_and_tag( &ctx,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]121 input_len, nonce,
122 aad, 0,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]123 input, NULL, mac ) );
124 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
125 mbedtls_chachapoly_encrypt_and_tag( &ctx,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]126 0, nonce,
127 aad, 0,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]128 input, output, NULL ) );
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]129
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]130 /* auth_decrypt */
131 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
132 mbedtls_chachapoly_auth_decrypt( NULL,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]133 0, nonce,
134 aad, 0,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]135 mac, input, output ) );
136 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
137 mbedtls_chachapoly_auth_decrypt( &ctx,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]138 0, NULL,
139 aad, 0,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]140 mac, input, output ) );
141 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
142 mbedtls_chachapoly_auth_decrypt( &ctx,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]143 0, nonce,
144 NULL, aad_len,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]145 mac, input, output ) );
146 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
147 mbedtls_chachapoly_auth_decrypt( &ctx,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]148 0, nonce,
149 aad, 0,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]150 NULL, input, output ) );
151 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
152 mbedtls_chachapoly_auth_decrypt( &ctx,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]153 input_len, nonce,
154 aad, 0,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]155 mac, NULL, output ) );
156 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
157 mbedtls_chachapoly_auth_decrypt( &ctx,
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]158 input_len, nonce,
159 aad, 0,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]160 mac, input, NULL ) );
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]161
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]162 /* starts */
163 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
164 mbedtls_chachapoly_starts( NULL, nonce,
165 MBEDTLS_CHACHAPOLY_ENCRYPT ) );
166 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
167 mbedtls_chachapoly_starts( &ctx, NULL,
168 MBEDTLS_CHACHAPOLY_ENCRYPT ) );
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]169
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]170 /* update_aad */
171 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
172 mbedtls_chachapoly_update_aad( NULL, aad,
173 aad_len ) );
174 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
175 mbedtls_chachapoly_update_aad( &ctx, NULL,
176 aad_len ) );
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]177
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]178 /* update */
179 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
180 mbedtls_chachapoly_update( NULL, input_len,
181 input, output ) );
182 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
183 mbedtls_chachapoly_update( &ctx, input_len,
184 NULL, output ) );
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
186 mbedtls_chachapoly_update( &ctx, input_len,
187 input, NULL ) );
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]188
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]189 /* finish */
190 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
191 mbedtls_chachapoly_finish( NULL, mac ) );
192 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
193 mbedtls_chachapoly_finish( &ctx, NULL ) );
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]194
195exit:
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]196 return;
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]197}
198/* END_CASE */
199
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]200/* BEGIN_CASE */
201void chachapoly_state()
202{
203 unsigned char key[32];
204 unsigned char nonce[12];
205 unsigned char aad[1];
206 unsigned char input[1];
207 unsigned char output[1];
208 unsigned char mac[16];
209 size_t input_len = sizeof( input );
210 size_t aad_len = sizeof( aad );
211 mbedtls_chachapoly_context ctx;
212
213 memset( key, 0x00, sizeof( key ) );
214 memset( nonce, 0x00, sizeof( nonce ) );
215 memset( aad, 0x00, sizeof( aad ) );
216 memset( input, 0x00, sizeof( input ) );
217 memset( output, 0x00, sizeof( output ) );
218 memset( mac, 0x00, sizeof( mac ) );
219
220 /* Initial state: finish, update, update_aad forbidden */
221 mbedtls_chachapoly_init( &ctx );
222
223 TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
224 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
225 TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
226 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
227 TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
228 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
229
230 /* Still initial state: finish, update, update_aad forbidden */
231 TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key )
232 == 0 );
233
234 TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
235 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
236 TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
237 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
238 TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
239 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
240
241 /* Starts -> finish OK */
242 TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
243 == 0 );
244 TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
245 == 0 );
246
247 /* After finish: update, update_aad forbidden */
248 TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
249 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
250 TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
251 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
252
253 /* Starts -> update* OK */
254 TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
255 == 0 );
256 TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
257 == 0 );
258 TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
259 == 0 );
260
261 /* After update: update_aad forbidden */
262 TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
263 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
264
265 /* Starts -> update_aad* -> finish OK */
266 TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
267 == 0 );
268 TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
269 == 0 );
270 TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
271 == 0 );
272 TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
273 == 0 );
274
275exit:
276 mbedtls_chachapoly_free( &ctx );
277}
278/* END_CASE */
279
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]280/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]281void chachapoly_selftest()
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]282{
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]283 TEST_ASSERT( mbedtls_chachapoly_self_test( 1 ) == 0 );
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]284}
285/* END_CASE */