Blame - tests/suites/test_suite_ccm.function - mirror/mbed-tls

blob: b9df023a7c5634cdab64808ceb7c27d64f090c58 [file] [log] [blame]

Manuel Pégourié-Gonnard	a6916fa	2014-05-02 15:17:29 +0200	[diff] [blame]	1	/* BEGIN_HEADER */
Manuel Pégourié-Gonnard	7f80997	2015-03-09 17:05:11 +0000	[diff] [blame]	2	#include "mbedtls/ccm.h"
Manuel Pégourié-Gonnard	a6916fa	2014-05-02 15:17:29 +0200	[diff] [blame]	3	/* END_HEADER */
				4
				5	/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	6	* depends_on:MBEDTLS_CCM_C
Manuel Pégourié-Gonnard	a6916fa	2014-05-02 15:17:29 +0200	[diff] [blame]	7	* END_DEPENDENCIES
				8	*/
				9
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	10	/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
Azim Khan	f1aaec9	2017-05-30 14:23:15 +0100	[diff] [blame]	11	void mbedtls_ccm_self_test( )
Manuel Pégourié-Gonnard	a6916fa	2014-05-02 15:17:29 +0200	[diff] [blame]	12	{
Andres AG	93012e8	2016-09-09 09:10:28 +0100	[diff] [blame]	13	TEST_ASSERT( mbedtls_ccm_self_test( 1 ) == 0 );
Manuel Pégourié-Gonnard	a6916fa	2014-05-02 15:17:29 +0200	[diff] [blame]	14	}
				15	/* END_CASE */
Manuel Pégourié-Gonnard	9fe0d13	2014-05-06 12:12:45 +0200	[diff] [blame]	16
				17	/* BEGIN_CASE */
Manuel Pégourié-Gonnard	6963ff0	2015-04-28 18:02:54 +0200	[diff] [blame]	18	void mbedtls_ccm_setkey( int cipher_id, int key_size, int result )
Manuel Pégourié-Gonnard	9fe0d13	2014-05-06 12:12:45 +0200	[diff] [blame]	19	{
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	20	mbedtls_ccm_context ctx;
Manuel Pégourié-Gonnard	9fe0d13	2014-05-06 12:12:45 +0200	[diff] [blame]	21	unsigned char key[32];
				22	int ret;
				23
Manuel Pégourié-Gonnard	6963ff0	2015-04-28 18:02:54 +0200	[diff] [blame]	24	mbedtls_ccm_init( &ctx );
				25
Manuel Pégourié-Gonnard	9fe0d13	2014-05-06 12:12:45 +0200	[diff] [blame]	26	memset( key, 0x2A, sizeof( key ) );
				27	TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) );
				28
Manuel Pégourié-Gonnard	6963ff0	2015-04-28 18:02:54 +0200	[diff] [blame]	29	ret = mbedtls_ccm_setkey( &ctx, cipher_id, key, key_size );
Manuel Pégourié-Gonnard	9fe0d13	2014-05-06 12:12:45 +0200	[diff] [blame]	30	TEST_ASSERT( ret == result );
				31
Paul Bakker	bd51b26	2014-07-10 15:26:12 +0200	[diff] [blame]	32	exit:
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	33	mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnard	9fe0d13	2014-05-06 12:12:45 +0200	[diff] [blame]	34	}
				35	/* END_CASE */
Manuel Pégourié-Gonnard	637eb3d	2014-05-06 12:13:09 +0200	[diff] [blame]	36
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	37	/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
Manuel Pégourié-Gonnard	87df5ba	2014-05-06 18:07:24 +0200	[diff] [blame]	38	void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res )
				39	{
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	40	mbedtls_ccm_context ctx;
Manuel Pégourié-Gonnard	87df5ba	2014-05-06 18:07:24 +0200	[diff] [blame]	41	unsigned char key[16];
				42	unsigned char msg[10];
				43	unsigned char iv[14];
				44	unsigned char add[10];
				45	unsigned char out[10];
				46	unsigned char tag[18];
				47	int decrypt_ret;
				48
Manuel Pégourié-Gonnard	6963ff0	2015-04-28 18:02:54 +0200	[diff] [blame]	49	mbedtls_ccm_init( &ctx );
				50
Manuel Pégourié-Gonnard	87df5ba	2014-05-06 18:07:24 +0200	[diff] [blame]	51	memset( key, 0, sizeof( key ) );
				52	memset( msg, 0, sizeof( msg ) );
				53	memset( iv, 0, sizeof( iv ) );
				54	memset( add, 0, sizeof( add ) );
				55	memset( out, 0, sizeof( out ) );
				56	memset( tag, 0, sizeof( tag ) );
				57
Manuel Pégourié-Gonnard	6963ff0	2015-04-28 18:02:54 +0200	[diff] [blame]	58	TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
Manuel Pégourié-Gonnard	87df5ba	2014-05-06 18:07:24 +0200	[diff] [blame]	59	key, 8 * sizeof( key ) ) == 0 );
				60
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	61	TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
Manuel Pégourié-Gonnard	87df5ba	2014-05-06 18:07:24 +0200	[diff] [blame]	62	msg, out, tag, tag_len ) == res );
				63
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	64	decrypt_ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len,
Manuel Pégourié-Gonnard	87df5ba	2014-05-06 18:07:24 +0200	[diff] [blame]	65	msg, out, tag, tag_len );
				66
				67	if( res == 0 )
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	68	TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
Manuel Pégourié-Gonnard	87df5ba	2014-05-06 18:07:24 +0200	[diff] [blame]	69	else
				70	TEST_ASSERT( decrypt_ret == res );
				71
Paul Bakker	bd51b26	2014-07-10 15:26:12 +0200	[diff] [blame]	72	exit:
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	73	mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnard	87df5ba	2014-05-06 18:07:24 +0200	[diff] [blame]	74	}
				75	/* END_CASE */
				76
Janos Follath	95ab93d	2018-05-14 14:32:41 +0100	[diff] [blame]	77	/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
				78	void ccm_star_lengths( int msg_len, int iv_len, int add_len, int tag_len,
				79	int res )
				80	{
				81	mbedtls_ccm_context ctx;
				82	unsigned char key[16];
				83	unsigned char msg[10];
				84	unsigned char iv[14];
				85	unsigned char add[10];
				86	unsigned char out[10];
				87	unsigned char tag[18];
				88	int decrypt_ret;
				89
				90	mbedtls_ccm_init( &ctx );
				91
				92	memset( key, 0, sizeof( key ) );
				93	memset( msg, 0, sizeof( msg ) );
				94	memset( iv, 0, sizeof( iv ) );
				95	memset( add, 0, sizeof( add ) );
				96	memset( out, 0, sizeof( out ) );
				97	memset( tag, 0, sizeof( tag ) );
				98
				99	TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
				100	key, 8 * sizeof( key ) ) == 0 );
				101
				102	TEST_ASSERT( mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len,
				103	add, add_len, msg, out, tag, tag_len ) == res );
				104
				105	decrypt_ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len, add,
				106	add_len, msg, out, tag, tag_len );
				107
				108	if( res == 0 && tag_len != 0 )
				109	TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
				110	else
				111	TEST_ASSERT( decrypt_ret == res );
				112
				113	exit:
				114	mbedtls_ccm_free( &ctx );
				115	}
				116	/* END_CASE */
				117
Manuel Pégourié-Gonnard	637eb3d	2014-05-06 12:13:09 +0200	[diff] [blame]	118	/* BEGIN_CASE */
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	119	void mbedtls_ccm_encrypt_and_tag( int cipher_id, HexParam_t * key,
				120	HexParam_t * msg, HexParam_t * iv,
				121	HexParam_t * add, HexParam_t * result )
Manuel Pégourié-Gonnard	637eb3d	2014-05-06 12:13:09 +0200	[diff] [blame]	122	{
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	123	mbedtls_ccm_context ctx;
Azim Khan	f1aaec9	2017-05-30 14:23:15 +0100	[diff] [blame]	124	size_t tag_len;
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	125	uint8_t * msg_n_tag = (uint8_t *)malloc( result->len + 2 );
Manuel Pégourié-Gonnard	637eb3d	2014-05-06 12:13:09 +0200	[diff] [blame]	126
Manuel Pégourié-Gonnard	6963ff0	2015-04-28 18:02:54 +0200	[diff] [blame]	127	mbedtls_ccm_init( &ctx );
				128
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	129	memset( msg_n_tag, 0, result->len + 2 );
				130	memcpy( msg_n_tag, msg->x, msg->len );
Manuel Pégourié-Gonnard	637eb3d	2014-05-06 12:13:09 +0200	[diff] [blame]	131
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	132	tag_len = result->len - msg->len;
Manuel Pégourié-Gonnard	637eb3d	2014-05-06 12:13:09 +0200	[diff] [blame]	133
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	134	TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
Manuel Pégourié-Gonnard	637eb3d	2014-05-06 12:13:09 +0200	[diff] [blame]	135
Manuel Pégourié-Gonnard	0f6b66d	2014-05-07 14:43:46 +0200	[diff] [blame]	136	/* Test with input == output */
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	137	TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg->len, iv->x, iv->len, add->x, add->len,
				138	msg_n_tag, msg_n_tag, msg_n_tag + msg->len, tag_len ) == 0 );
Manuel Pégourié-Gonnard	637eb3d	2014-05-06 12:13:09 +0200	[diff] [blame]	139
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	140	TEST_ASSERT( memcmp( msg_n_tag, result->x, result->len ) == 0 );
Manuel Pégourié-Gonnard	637eb3d	2014-05-06 12:13:09 +0200	[diff] [blame]	141
				142	/* Check we didn't write past the end */
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	143	TEST_ASSERT( msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0 );
Manuel Pégourié-Gonnard	637eb3d	2014-05-06 12:13:09 +0200	[diff] [blame]	144
Paul Bakker	bd51b26	2014-07-10 15:26:12 +0200	[diff] [blame]	145	exit:
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	146	mbedtls_ccm_free( &ctx );
Azim Khan	46c9b1f	2017-05-31 20:46:35 +0100	[diff] [blame]	147	free( msg_n_tag );
Manuel Pégourié-Gonnard	637eb3d	2014-05-06 12:13:09 +0200	[diff] [blame]	148	}
				149	/* END_CASE */
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	150
				151	/* BEGIN_CASE */
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	152	void mbedtls_ccm_auth_decrypt( int cipher_id, HexParam_t * key,
				153	HexParam_t * msg, HexParam_t * iv,
				154	HexParam_t * add, int tag_len, char * result,
				155	HexParam_t * hex_msg )
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	156	{
Manuel Pégourié-Gonnard	0f6b66d	2014-05-07 14:43:46 +0200	[diff] [blame]	157	unsigned char tag[16];
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	158	mbedtls_ccm_context ctx;
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	159	int ret;
				160
Manuel Pégourié-Gonnard	6963ff0	2015-04-28 18:02:54 +0200	[diff] [blame]	161	mbedtls_ccm_init( &ctx );
				162
Manuel Pégourié-Gonnard	0f6b66d	2014-05-07 14:43:46 +0200	[diff] [blame]	163	memset( tag, 0x00, sizeof( tag ) );
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	164
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	165	msg->len -= tag_len;
				166	memcpy( tag, msg->x + msg->len, tag_len );
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	167
Azim Khan	46c9b1f	2017-05-31 20:46:35 +0100	[diff] [blame]	168	if( strcmp( "FAIL", result ) == 0 )
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	169	{
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	170	ret = MBEDTLS_ERR_CCM_AUTH_FAILED;
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	171	}
				172	else
				173	{
				174	ret = 0;
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	175	}
				176
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	177	TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	178
Manuel Pégourié-Gonnard	0f6b66d	2014-05-07 14:43:46 +0200	[diff] [blame]	179	/* Test with input == output */
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	180	TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg->len, iv->x, iv->len, add->x, add->len,
				181	msg->x, msg->x, msg->x + msg->len, tag_len ) == ret );
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	182
				183	if( ret == 0 )
				184	{
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	185	TEST_ASSERT( memcmp( msg->x, hex_msg->x, hex_msg->len ) == 0 );
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	186	}
				187	else
				188	{
				189	size_t i;
				190
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	191	for( i = 0; i < msg->len; i++ )
				192	TEST_ASSERT( msg->x[i] == 0 );
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	193	}
				194
Manuel Pégourié-Gonnard	0f6b66d	2014-05-07 14:43:46 +0200	[diff] [blame]	195	/* Check we didn't write past the end (where the original tag is) */
Azim Khan	d30ca13	2017-06-09 04:32:58 +0100	[diff] [blame^]	196	TEST_ASSERT( memcmp( msg->x + msg->len, tag, tag_len ) == 0 );
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	197
Paul Bakker	bd51b26	2014-07-10 15:26:12 +0200	[diff] [blame]	198	exit:
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	199	mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnard	ce77d55	2014-05-06 18:06:52 +0200	[diff] [blame]	200	}
				201	/* END_CASE */
Darryl Green	0daf4ca	2018-05-29 14:12:26 +0100	[diff] [blame]	202
				203	/* BEGIN_CASE */
				204	void mbedtls_ccm_star_encrypt_and_tag( int cipher_id,
				205	char key_hex, char msg_hex,
				206	char source_address_hex, char frame_counter_hex,
				207	int sec_level, char *add_hex,
				208	char *result_hex, int output_ret )
				209	{
				210	unsigned char key[32];
				211	unsigned char msg[50];
				212	unsigned char iv[13];
				213	unsigned char add[32];
				214	unsigned char result[50];
				215	unsigned char source_address[8];
				216	unsigned char frame_counter[4];
				217	mbedtls_ccm_context ctx;
				218	size_t i, key_len, msg_len, iv_len, add_len, result_len, source_address_len, frame_counter_len, tag_len;
				219	int ret;
				220
				221	mbedtls_ccm_init( &ctx );
				222
				223	memset( key, 0x00, sizeof( key ) );
				224	memset( msg, 0x00, sizeof( msg ) );
				225	memset( iv, 0x00, sizeof( iv ) );
				226	memset( add, 0x00, sizeof( add ) );
				227	memset( result, 0x00, sizeof( result ) );
				228	memset( source_address, 0x00, sizeof( source_address ) );
				229	memset( frame_counter, 0x00, sizeof( frame_counter ) );
				230
				231	key_len = unhexify( key, key_hex );
				232	msg_len = unhexify( msg, msg_hex );
				233	add_len = unhexify( add, add_hex );
				234	result_len = unhexify( result, result_hex );
				235	source_address_len = unhexify( source_address, source_address_hex );
				236	frame_counter_len = unhexify( frame_counter, frame_counter_hex );
				237
				238	if( sec_level % 4 == 0)
				239	tag_len = 0;
				240	else
				241	tag_len = 1 << ( sec_level % 4 + 1);
				242
				243	for( i = 0; i < source_address_len; i++ )
				244	iv[i] = source_address[i];
				245
				246	for( i = 0; i < frame_counter_len; i++ )
				247	iv[source_address_len + i] = frame_counter[i];
				248
				249	iv[source_address_len + frame_counter_len] = sec_level;
				250	iv_len = sizeof( iv );
				251
				252	TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
				253
				254	ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len,
				255	add, add_len, msg, msg, msg + msg_len, tag_len );
				256
				257	TEST_ASSERT( ret == output_ret );
				258
				259	TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
				260
				261	/* Check we didn't write past the end */
				262	TEST_ASSERT( msg[result_len] == 0 && msg[result_len + 1] == 0 );
				263
				264	exit:
				265	mbedtls_ccm_free( &ctx );
				266	}
				267	/* END_CASE */
				268
				269	/* BEGIN_CASE */
				270	void mbedtls_ccm_star_auth_decrypt( int cipher_id,
				271	char key_hex, char msg_hex,
				272	char source_address_hex, char frame_counter_hex,
				273	int sec_level, char *add_hex,
				274	char *result_hex, int output_ret )
				275	{
				276	unsigned char key[32];
				277	unsigned char msg[50];
				278	unsigned char iv[13];
				279	unsigned char add[32];
				280	unsigned char tag[16];
				281	unsigned char result[50];
				282	unsigned char source_address[8];
				283	unsigned char frame_counter[4];
				284	mbedtls_ccm_context ctx;
				285	size_t i, key_len, msg_len, iv_len, add_len, tag_len, result_len, source_address_len, frame_counter_len;
				286	int ret;
				287
				288	mbedtls_ccm_init( &ctx );
				289
				290	memset( key, 0x00, sizeof( key ) );
				291	memset( msg, 0x00, sizeof( msg ) );
				292	memset( iv, 0x00, sizeof( iv ) );
				293	memset( add, 0x00, sizeof( add ) );
				294	memset( result, 0x00, sizeof( result ) );
				295	memset( source_address, 0x00, sizeof( source_address ) );
				296	memset( frame_counter, 0x00, sizeof( frame_counter ) );
				297	memset( tag, 0x00, sizeof( tag ) );
				298
				299	key_len = unhexify( key, key_hex );
				300	msg_len = unhexify( msg, msg_hex );
				301	add_len = unhexify( add, add_hex );
				302	result_len = unhexify( result, result_hex );
				303	source_address_len = unhexify( source_address, source_address_hex );
				304	frame_counter_len = unhexify( frame_counter, frame_counter_hex );
				305
				306	if( sec_level % 4 == 0)
				307	tag_len = 0;
				308	else
				309	tag_len = 1 << ( sec_level % 4 + 1);
				310
				311	for( i = 0; i < source_address_len; i++ )
				312	iv[i] = source_address[i];
				313
				314	for( i = 0; i < frame_counter_len; i++ )
				315	iv[source_address_len + i] = frame_counter[i];
				316
				317	iv[source_address_len + frame_counter_len] = sec_level;
				318	iv_len = sizeof( iv );
				319
				320	msg_len -= tag_len;
				321	memcpy( tag, msg + msg_len, tag_len );
				322
				323	TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
				324
				325	ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len,
				326	add, add_len, msg, msg, msg + msg_len, tag_len );
				327
				328	TEST_ASSERT( ret == output_ret );
				329
				330	TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
				331
				332	/* Check we didn't write past the end (where the original tag is) */
				333	TEST_ASSERT( memcmp( msg + msg_len, tag, tag_len ) == 0 );
				334
				335	exit:
				336	mbedtls_ccm_free( &ctx );
				337	}
				338	/* END_CASE */