TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / aa01a038b521931382951036a5cd49bddcc40b51 / . / tests / suites / test_suite_chachapoly.function
blob: 4f1a34e047a388b06d25e55dc870db19409830d8 [file] [log] [blame]
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]2#include "mbedtls/chachapoly.h"
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]3/* END_HEADER */
4
5/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]6 * depends_on:MBEDTLS_CHACHAPOLY_C
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]7 * END_DEPENDENCIES
8 */
9
10/* BEGIN_CASE */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]11void mbedtls_chachapoly_enc(data_t *key_str,
12 data_t *nonce_str,
13 data_t *aad_str,
14 data_t *input_str,
15 data_t *output_str,
16 data_t *mac_str)
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]17{
Manuel Pégourié-Gonnard528524b2018-05-09 11:21:21 +0200[diff] [blame]18 unsigned char output[265];
Manuel Pégourié-Gonnard528524b2018-05-09 11:21:21 +0200[diff] [blame]19 unsigned char mac[16]; /* size set by the standard */
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]20 mbedtls_chachapoly_context ctx;
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]21
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]22 TEST_ASSERT(key_str->len == 32);
23 TEST_ASSERT(nonce_str->len == 12);
24 TEST_ASSERT(mac_str->len == 16);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]25
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]26 mbedtls_chachapoly_init(&ctx);
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]27
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]28 TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key_str->x) == 0);
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]29
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]30 TEST_ASSERT(mbedtls_chachapoly_encrypt_and_tag(&ctx,
31 input_str->len, nonce_str->x,
32 aad_str->x, aad_str->len,
33 input_str->x, output, mac) == 0);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]34
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]35 TEST_ASSERT(memcmp(output_str->x, output, output_str->len) == 0);
36 TEST_ASSERT(memcmp(mac_str->x, mac, 16U) == 0);
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]37
38exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]39 mbedtls_chachapoly_free(&ctx);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]40}
41/* END_CASE */
42
43/* BEGIN_CASE */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]44void mbedtls_chachapoly_dec(data_t *key_str,
45 data_t *nonce_str,
46 data_t *aad_str,
47 data_t *input_str,
48 data_t *output_str,
49 data_t *mac_str,
50 int ret_exp)
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]51{
Manuel Pégourié-Gonnard528524b2018-05-09 11:21:21 +0200[diff] [blame]52 unsigned char output[265];
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]53 int ret;
54 mbedtls_chachapoly_context ctx;
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]55
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]56 TEST_ASSERT(key_str->len == 32);
57 TEST_ASSERT(nonce_str->len == 12);
58 TEST_ASSERT(mac_str->len == 16);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]59
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]60 mbedtls_chachapoly_init(&ctx);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]61
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]62 TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key_str->x) == 0);
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]63
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]64 ret = mbedtls_chachapoly_auth_decrypt(&ctx,
65 input_str->len, nonce_str->x,
66 aad_str->x, aad_str->len,
67 mac_str->x, input_str->x, output);
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]68
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]69 TEST_ASSERT(ret == ret_exp);
70 if (ret_exp == 0) {
71 TEST_ASSERT(memcmp(output_str->x, output, output_str->len) == 0);
Manuel Pégourié-Gonnard72967712018-05-09 12:22:13 +0200[diff] [blame]72 }
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]73
74exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]75 mbedtls_chachapoly_free(&ctx);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]76}
77/* END_CASE */
78
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]79/* BEGIN_CASE */
80void chachapoly_state()
81{
82 unsigned char key[32];
83 unsigned char nonce[12];
84 unsigned char aad[1];
85 unsigned char input[1];
86 unsigned char output[1];
87 unsigned char mac[16];
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]88 size_t input_len = sizeof(input);
89 size_t aad_len = sizeof(aad);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]90 mbedtls_chachapoly_context ctx;
91
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]92 memset(key, 0x00, sizeof(key));
93 memset(nonce, 0x00, sizeof(nonce));
94 memset(aad, 0x00, sizeof(aad));
95 memset(input, 0x00, sizeof(input));
96 memset(output, 0x00, sizeof(output));
97 memset(mac, 0x00, sizeof(mac));
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]98
99 /* Initial state: finish, update, update_aad forbidden */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]100 mbedtls_chachapoly_init(&ctx);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]101
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]102 TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
103 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
104 TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
105 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
106 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
107 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]108
109 /* Still initial state: finish, update, update_aad forbidden */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]110 TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key)
111 == 0);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]112
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]113 TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
114 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
115 TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
116 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
117 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
118 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]119
120 /* Starts -> finish OK */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]121 TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT)
122 == 0);
123 TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
124 == 0);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]125
126 /* After finish: update, update_aad forbidden */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]127 TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
128 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
129 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
130 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]131
132 /* Starts -> update* OK */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]133 TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT)
134 == 0);
135 TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
136 == 0);
137 TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
138 == 0);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]139
140 /* After update: update_aad forbidden */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]141 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
142 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]143
144 /* Starts -> update_aad* -> finish OK */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]145 TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT)
146 == 0);
147 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
148 == 0);
149 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
150 == 0);
151 TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
152 == 0);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]153
154exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]155 mbedtls_chachapoly_free(&ctx);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]156}
157/* END_CASE */
158
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]159/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]160void chachapoly_selftest()
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]161{
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]162 TEST_ASSERT(mbedtls_chachapoly_self_test(1) == 0);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]163}
164/* END_CASE */