1/* BEGIN_HEADER */ 2#include "mbedtls/cipher.h" 3#include "mbedtls/cmac.h" 4/* END_HEADER */ 5 6/* BEGIN_DEPENDENCIES 7 * depends_on:MBEDTLS_CMAC_C 8 * END_DEPENDENCIES 9 */ 10 11/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ 12void mbedtls_cmac_self_test( ) 13{ 14 TEST_ASSERT( mbedtls_cmac_self_test( 1 ) == 0 ); 15} 16/* END_CASE */ 17 18/* BEGIN_CASE */ 19void mbedtls_cmac_null_args( ) 20{ 21 mbedtls_cipher_context_t ctx; 22 const mbedtls_cipher_info_t *cipher_info; 23 unsigned char test_key[MBEDTLS_CIPHER_BLKSIZE_MAX]; 24 unsigned char test_data[MBEDTLS_CIPHER_BLKSIZE_MAX]; 25 unsigned char test_output[MBEDTLS_CIPHER_BLKSIZE_MAX]; 26 27 mbedtls_cipher_init( &ctx ); 28 29 /* Test NULL cipher info */ 30 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, test_data, 16 ) == 31 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 32 33 cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB ); 34 TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 ); 35 36 TEST_ASSERT( mbedtls_cipher_cmac_starts( NULL, test_key, 128 ) == 37 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 38 39 TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, NULL, 128 ) == 40 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 41 42 TEST_ASSERT( mbedtls_cipher_cmac_update( NULL, test_data, 16 ) == 43 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 44 45 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, NULL, 16 ) == 46 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 47 48 TEST_ASSERT( mbedtls_cipher_cmac_finish( NULL, test_output ) == 49 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 50 51 TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, NULL ) == 52 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 53 54 TEST_ASSERT( mbedtls_cipher_cmac_reset( NULL ) == 55 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 56 57 TEST_ASSERT( mbedtls_cipher_cmac( NULL, 58 test_key, 128, 59 test_data, 16, 60 test_output ) == 61 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 62 63 TEST_ASSERT( mbedtls_cipher_cmac( cipher_info, 64 NULL, 128, 65 test_data, 16, 66 test_output ) == 67 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 68 69 TEST_ASSERT( mbedtls_cipher_cmac( cipher_info, 70 test_key, 128, 71 NULL, 16, 72 test_output ) == 73 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 74 75 TEST_ASSERT( mbedtls_cipher_cmac( cipher_info, 76 test_key, 128, 77 test_data, 16, 78 NULL ) == 79 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 80 81 TEST_ASSERT( mbedtls_aes_cmac_prf_128( NULL, 16, 82 test_data, 16, 83 test_output ) == 84 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 85 86 TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16, 87 NULL, 16, 88 test_output ) == 89 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 90 91 TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16, 92 test_data, 16, 93 NULL ) == 94 MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 95 96exit: 97 mbedtls_cipher_free( &ctx ); 98} 99/* END_CASE */ 100 101/* BEGIN_CASE */ 102void mbedtls_cmac_setkey( int cipher_type, int key_size, 103 int result ) 104{ 105 const mbedtls_cipher_info_t *cipher_info; 106 unsigned char key[32]; 107 unsigned char buf[16]; 108 unsigned char tmp[16]; 109 110 memset( key, 0x2A, sizeof( key ) ); 111 TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) ); 112 113 TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) ) 114 != NULL ); 115 116 memset( buf, 0x2A, sizeof( buf ) ); 117 TEST_ASSERT( ( result == mbedtls_cipher_cmac( cipher_info, key, key_size, 118 buf, 16, tmp ) ) != 0 ); 119} 120/* END_CASE */ 121 122/* BEGIN_CASE */ 123void mbedtls_cmac_multiple_blocks( int cipher_type, 124 char *key_string, int keybits, 125 int block_size, 126 char *block1_string, int block1_len, 127 char *block2_string, int block2_len, 128 char *block3_string, int block3_len, 129 char *block4_string, int block4_len, 130 char *expected_result_string ) 131{ 132 unsigned char key[100]; 133 unsigned char block1[100]; 134 unsigned char block2[100]; 135 unsigned char block3[100]; 136 unsigned char block4[100]; 137 unsigned char expected_result[100]; 138 const mbedtls_cipher_info_t *cipher_info; 139 mbedtls_cipher_context_t ctx; 140 unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX]; 141 142 /* Convert the test parameters to binary data */ 143 unhexify( key, key_string ); 144 unhexify( block1, block1_string ); 145 unhexify( block2, block2_string ); 146 unhexify( block3, block3_string ); 147 unhexify( block4, block4_string ); 148 unhexify( expected_result, expected_result_string ); 149 150 mbedtls_cipher_init( &ctx ); 151 152 /* Validate the test inputs */ 153 TEST_ASSERT( block1_len <= 100 ); 154 TEST_ASSERT( block2_len <= 100 ); 155 TEST_ASSERT( block3_len <= 100 ); 156 TEST_ASSERT( block4_len <= 100 ); 157 158 /* Set up */ 159 TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) ) 160 != NULL ); 161 162 TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 ); 163 164 TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, 165 (const unsigned char*)key, 166 keybits ) == 0 ); 167 168 /* Multiple partial and complete blocks. A negative length means skip the 169 * update operation */ 170 if( block1_len >= 0) 171 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, 172 (unsigned char*)block1, 173 block1_len ) == 0); 174 175 if( block2_len >= 0 ) 176 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, 177 (unsigned char*)block2, 178 block2_len ) == 0); 179 180 if( block3_len >= 0 ) 181 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, 182 (unsigned char*)block3, 183 block3_len ) == 0); 184 185 if( block4_len >= 0 ) 186 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, 187 (unsigned char*)block4, 188 block4_len ) == 0); 189 190 TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 ); 191 192 TEST_ASSERT( memcmp( output, expected_result, block_size ) == 0 ); 193 194exit: 195 mbedtls_cipher_free( &ctx ); 196} 197/* END_CASE */ 198 199/* BEGIN_CASE */ 200void mbedtls_cmac_multiple_operations_same_key( int cipher_type, 201 char *key_string, int keybits, 202 int block_size, 203 char *block_a1_string, int block_a1_len, 204 char *block_a2_string, int block_a2_len, 205 char *block_a3_string, int block_a3_len, 206 char *expected_result_a_string, 207 char *block_b1_string, int block_b1_len, 208 char *block_b2_string, int block_b2_len, 209 char *block_b3_string, int block_b3_len, 210 char *expected_result_b_string ) 211{ 212 unsigned char key[100]; 213 unsigned char block_a1[100]; 214 unsigned char block_a2[100]; 215 unsigned char block_a3[100]; 216 unsigned char block_b1[100]; 217 unsigned char block_b2[100]; 218 unsigned char block_b3[100]; 219 unsigned char expected_result_a[100], expected_result_b[100]; 220 const mbedtls_cipher_info_t *cipher_info; 221 mbedtls_cipher_context_t ctx; 222 unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX]; 223 224 /* Convert the test parameters to binary data */ 225 unhexify( key, key_string ); 226 unhexify( block_a1, block_a1_string ); 227 unhexify( block_a2, block_a2_string ); 228 unhexify( block_a3, block_a3_string ); 229 230 unhexify( block_b1, block_b1_string ); 231 unhexify( block_b2, block_b2_string ); 232 unhexify( block_b3, block_b3_string ); 233 234 unhexify( expected_result_a, expected_result_a_string ); 235 unhexify( expected_result_b, expected_result_b_string ); 236 237 mbedtls_cipher_init( &ctx ); 238 239 /* Validate the test inputs */ 240 TEST_ASSERT( block_a1_len <= 100 ); 241 TEST_ASSERT( block_a2_len <= 100 ); 242 TEST_ASSERT( block_a3_len <= 100 ); 243 244 TEST_ASSERT( block_b1_len <= 100 ); 245 TEST_ASSERT( block_b2_len <= 100 ); 246 TEST_ASSERT( block_b3_len <= 100 ); 247 248 /* Set up */ 249 TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) ) 250 != NULL ); 251 252 TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 ); 253 254 TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, 255 (const unsigned char*)key, 256 keybits ) == 0 ); 257 258 /* Sequence A */ 259 260 /* Multiple partial and complete blocks. A negative length means skip the 261 * update operation */ 262 if( block_a1_len >= 0 ) 263 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, 264 (unsigned char*)block_a1, 265 block_a1_len ) == 0); 266 267 if( block_a2_len >= 0 ) 268 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, 269 (unsigned char*)block_a2, 270 block_a2_len ) == 0); 271 272 if( block_a3_len >= 0 ) 273 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, 274 (unsigned char*)block_a3, 275 block_a3_len ) == 0); 276 277 TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 ); 278 279 TEST_ASSERT( memcmp( output, expected_result_a, block_size ) == 0 ); 280 281 TEST_ASSERT( mbedtls_cipher_cmac_reset( &ctx ) == 0 ); 282 283 /* Sequence B */ 284 285 /* Multiple partial and complete blocks. A negative length means skip the 286 * update operation */ 287 if( block_b1_len >= 0) 288 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, 289 (unsigned char*)block_b1, 290 block_b1_len ) == 0); 291 292 if( block_b2_len >= 0 ) 293 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, 294 (unsigned char*)block_b2, 295 block_b2_len ) == 0); 296 297 if( block_b3_len >= 0 ) 298 TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, 299 (unsigned char*)block_b3, 300 block_b3_len ) == 0); 301 302 TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 ); 303 304 TEST_ASSERT( memcmp( output, expected_result_b, block_size ) == 0 ); 305 306exit: 307 mbedtls_cipher_free( &ctx ); 308} 309/* END_CASE */ 310 311
