blob: c845f44fffb397cdb55107a3f08fe29cea64f8a4 [file] [log] [blame]
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02001/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +00002#include "mbedtls/ccm.h"
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02003/* END_HEADER */
4
5/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006 * depends_on:MBEDTLS_CCM_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02007 * END_DEPENDENCIES
8 */
9
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020010/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
Azim Khanf1aaec92017-05-30 14:23:15 +010011void mbedtls_ccm_self_test( )
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +020012{
Andres AG93012e82016-09-09 09:10:28 +010013 TEST_ASSERT( mbedtls_ccm_self_test( 1 ) == 0 );
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +020014}
15/* END_CASE */
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +020016
17/* BEGIN_CASE */
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +020018void mbedtls_ccm_setkey( int cipher_id, int key_size, int result )
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +020019{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020020 mbedtls_ccm_context ctx;
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +020021 unsigned char key[32];
22 int ret;
23
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +020024 mbedtls_ccm_init( &ctx );
25
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +020026 memset( key, 0x2A, sizeof( key ) );
27 TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) );
28
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +020029 ret = mbedtls_ccm_setkey( &ctx, cipher_id, key, key_size );
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +020030 TEST_ASSERT( ret == result );
31
Paul Bakkerbd51b262014-07-10 15:26:12 +020032exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020033 mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +020034}
35/* END_CASE */
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +020036
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020037/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +020038void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res )
39{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020040 mbedtls_ccm_context ctx;
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +020041 unsigned char key[16];
42 unsigned char msg[10];
43 unsigned char iv[14];
44 unsigned char add[10];
45 unsigned char out[10];
46 unsigned char tag[18];
47 int decrypt_ret;
48
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +020049 mbedtls_ccm_init( &ctx );
50
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +020051 memset( key, 0, sizeof( key ) );
52 memset( msg, 0, sizeof( msg ) );
53 memset( iv, 0, sizeof( iv ) );
54 memset( add, 0, sizeof( add ) );
55 memset( out, 0, sizeof( out ) );
56 memset( tag, 0, sizeof( tag ) );
57
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +020058 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +020059 key, 8 * sizeof( key ) ) == 0 );
60
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020061 TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +020062 msg, out, tag, tag_len ) == res );
63
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020064 decrypt_ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len,
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +020065 msg, out, tag, tag_len );
66
67 if( res == 0 )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020068 TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +020069 else
70 TEST_ASSERT( decrypt_ret == res );
71
Paul Bakkerbd51b262014-07-10 15:26:12 +020072exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020073 mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnard87df5ba2014-05-06 18:07:24 +020074}
75/* END_CASE */
76
Janos Follath95ab93d2018-05-14 14:32:41 +010077/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
78void ccm_star_lengths( int msg_len, int iv_len, int add_len, int tag_len,
79 int res )
80{
81 mbedtls_ccm_context ctx;
82 unsigned char key[16];
83 unsigned char msg[10];
84 unsigned char iv[14];
85 unsigned char add[10];
86 unsigned char out[10];
87 unsigned char tag[18];
88 int decrypt_ret;
89
90 mbedtls_ccm_init( &ctx );
91
92 memset( key, 0, sizeof( key ) );
93 memset( msg, 0, sizeof( msg ) );
94 memset( iv, 0, sizeof( iv ) );
95 memset( add, 0, sizeof( add ) );
96 memset( out, 0, sizeof( out ) );
97 memset( tag, 0, sizeof( tag ) );
98
99 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
100 key, 8 * sizeof( key ) ) == 0 );
101
102 TEST_ASSERT( mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len,
103 add, add_len, msg, out, tag, tag_len ) == res );
104
105 decrypt_ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len, add,
106 add_len, msg, out, tag, tag_len );
107
108 if( res == 0 && tag_len != 0 )
109 TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED );
110 else
111 TEST_ASSERT( decrypt_ret == res );
112
113exit:
114 mbedtls_ccm_free( &ctx );
115}
116/* END_CASE */
117
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200118/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100119void mbedtls_ccm_encrypt_and_tag( int cipher_id, uint8_t * key,
120 uint32_t key_len, uint8_t * msg,
121 uint32_t msg_len, uint8_t * iv,
122 uint32_t iv_len, uint8_t * add,
123 uint32_t add_len, uint8_t * result,
124 uint32_t result_len )
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200125{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200126 mbedtls_ccm_context ctx;
Azim Khanf1aaec92017-05-30 14:23:15 +0100127 size_t tag_len;
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200128
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200129 mbedtls_ccm_init( &ctx );
130
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200131
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200132 tag_len = result_len - msg_len;
133
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200134 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200135
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200136 /* Test with input == output */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200137 TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200138 msg, msg, msg + msg_len, tag_len ) == 0 );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200139
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200140 TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200141
142 /* Check we didn't write past the end */
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200143 TEST_ASSERT( msg[result_len] == 0 && msg[result_len + 1] == 0 );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200144
Paul Bakkerbd51b262014-07-10 15:26:12 +0200145exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200146 mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200147}
148/* END_CASE */
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200149
150/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100151void mbedtls_ccm_auth_decrypt( int cipher_id, uint8_t * key, uint32_t key_len,
152 uint8_t * msg, uint32_t msg_len, uint8_t * iv,
153 uint32_t iv_len, uint8_t * add,
154 uint32_t add_len, int tag_len,
155 uint8_t * result, uint32_t result_len )
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200156{
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200157 unsigned char tag[16];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200158 mbedtls_ccm_context ctx;
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200159 int ret;
160
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200161 mbedtls_ccm_init( &ctx );
162
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200163 memset( tag, 0x00, sizeof( tag ) );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200164
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200165 msg_len -= tag_len;
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200166 memcpy( tag, msg + msg_len, tag_len );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200167
Azim Khanf1aaec92017-05-30 14:23:15 +0100168 if( strcmp( "FAIL", (char *)result ) == 0 )
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200169 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200170 ret = MBEDTLS_ERR_CCM_AUTH_FAILED;
Rich Evans63adb492015-02-10 12:44:07 +0000171 result_len = -1;
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200172 }
173 else
174 {
175 ret = 0;
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200176 }
177
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200178 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200179
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200180 /* Test with input == output */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200181 TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len,
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200182 msg, msg, msg + msg_len, tag_len ) == ret );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200183
184 if( ret == 0 )
185 {
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200186 TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200187 }
188 else
189 {
190 size_t i;
191
192 for( i = 0; i < msg_len; i++ )
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200193 TEST_ASSERT( msg[i] == 0 );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200194 }
195
Manuel Pégourié-Gonnard0f6b66d2014-05-07 14:43:46 +0200196 /* Check we didn't write past the end (where the original tag is) */
197 TEST_ASSERT( memcmp( msg + msg_len, tag, tag_len ) == 0 );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200198
Paul Bakkerbd51b262014-07-10 15:26:12 +0200199exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200200 mbedtls_ccm_free( &ctx );
Manuel Pégourié-Gonnardce77d552014-05-06 18:06:52 +0200201}
202/* END_CASE */
Darryl Green0daf4ca2018-05-29 14:12:26 +0100203
204/* BEGIN_CASE */
205void mbedtls_ccm_star_encrypt_and_tag( int cipher_id,
206 char *key_hex, char *msg_hex,
207 char *source_address_hex, char *frame_counter_hex,
208 int sec_level, char *add_hex,
209 char *result_hex, int output_ret )
210{
211 unsigned char key[32];
212 unsigned char msg[50];
213 unsigned char iv[13];
214 unsigned char add[32];
215 unsigned char result[50];
216 unsigned char source_address[8];
217 unsigned char frame_counter[4];
218 mbedtls_ccm_context ctx;
219 size_t i, key_len, msg_len, iv_len, add_len, result_len, source_address_len, frame_counter_len, tag_len;
220 int ret;
221
222 mbedtls_ccm_init( &ctx );
223
224 memset( key, 0x00, sizeof( key ) );
225 memset( msg, 0x00, sizeof( msg ) );
226 memset( iv, 0x00, sizeof( iv ) );
227 memset( add, 0x00, sizeof( add ) );
228 memset( result, 0x00, sizeof( result ) );
229 memset( source_address, 0x00, sizeof( source_address ) );
230 memset( frame_counter, 0x00, sizeof( frame_counter ) );
231
232 key_len = unhexify( key, key_hex );
233 msg_len = unhexify( msg, msg_hex );
234 add_len = unhexify( add, add_hex );
235 result_len = unhexify( result, result_hex );
236 source_address_len = unhexify( source_address, source_address_hex );
237 frame_counter_len = unhexify( frame_counter, frame_counter_hex );
238
239 if( sec_level % 4 == 0)
240 tag_len = 0;
241 else
242 tag_len = 1 << ( sec_level % 4 + 1);
243
244 for( i = 0; i < source_address_len; i++ )
245 iv[i] = source_address[i];
246
247 for( i = 0; i < frame_counter_len; i++ )
248 iv[source_address_len + i] = frame_counter[i];
249
250 iv[source_address_len + frame_counter_len] = sec_level;
251 iv_len = sizeof( iv );
252
253 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
254
255 ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len,
256 add, add_len, msg, msg, msg + msg_len, tag_len );
257
258 TEST_ASSERT( ret == output_ret );
259
260 TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
261
262 /* Check we didn't write past the end */
263 TEST_ASSERT( msg[result_len] == 0 && msg[result_len + 1] == 0 );
264
265exit:
266 mbedtls_ccm_free( &ctx );
267}
268/* END_CASE */
269
270/* BEGIN_CASE */
271void mbedtls_ccm_star_auth_decrypt( int cipher_id,
272 char *key_hex, char *msg_hex,
273 char *source_address_hex, char *frame_counter_hex,
274 int sec_level, char *add_hex,
275 char *result_hex, int output_ret )
276{
277 unsigned char key[32];
278 unsigned char msg[50];
279 unsigned char iv[13];
280 unsigned char add[32];
281 unsigned char tag[16];
282 unsigned char result[50];
283 unsigned char source_address[8];
284 unsigned char frame_counter[4];
285 mbedtls_ccm_context ctx;
286 size_t i, key_len, msg_len, iv_len, add_len, tag_len, result_len, source_address_len, frame_counter_len;
287 int ret;
288
289 mbedtls_ccm_init( &ctx );
290
291 memset( key, 0x00, sizeof( key ) );
292 memset( msg, 0x00, sizeof( msg ) );
293 memset( iv, 0x00, sizeof( iv ) );
294 memset( add, 0x00, sizeof( add ) );
295 memset( result, 0x00, sizeof( result ) );
296 memset( source_address, 0x00, sizeof( source_address ) );
297 memset( frame_counter, 0x00, sizeof( frame_counter ) );
298 memset( tag, 0x00, sizeof( tag ) );
299
300 key_len = unhexify( key, key_hex );
301 msg_len = unhexify( msg, msg_hex );
302 add_len = unhexify( add, add_hex );
303 result_len = unhexify( result, result_hex );
304 source_address_len = unhexify( source_address, source_address_hex );
305 frame_counter_len = unhexify( frame_counter, frame_counter_hex );
306
307 if( sec_level % 4 == 0)
308 tag_len = 0;
309 else
310 tag_len = 1 << ( sec_level % 4 + 1);
311
312 for( i = 0; i < source_address_len; i++ )
313 iv[i] = source_address[i];
314
315 for( i = 0; i < frame_counter_len; i++ )
316 iv[source_address_len + i] = frame_counter[i];
317
318 iv[source_address_len + frame_counter_len] = sec_level;
319 iv_len = sizeof( iv );
320
321 msg_len -= tag_len;
322 memcpy( tag, msg + msg_len, tag_len );
323
324 TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
325
326 ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len,
327 add, add_len, msg, msg, msg + msg_len, tag_len );
328
329 TEST_ASSERT( ret == output_ret );
330
331 TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
332
333 /* Check we didn't write past the end (where the original tag is) */
334 TEST_ASSERT( memcmp( msg + msg_len, tag, tag_len ) == 0 );
335
336exit:
337 mbedtls_ccm_free( &ctx );
338}
339/* END_CASE */