1/* BEGIN_HEADER */ 2#include "mbedtls/cipher.h" 3 4#if defined(MBEDTLS_GCM_C) 5#include "mbedtls/gcm.h" 6#endif 7/* END_HEADER */ 8 9/* BEGIN_DEPENDENCIES 10 * depends_on:MBEDTLS_CIPHER_C 11 * END_DEPENDENCIES 12 */ 13 14/* BEGIN_CASE */ 15void mbedtls_cipher_list( ) 16{ 17 const int *cipher_type; 18 19 for( cipher_type = mbedtls_cipher_list(); *cipher_type != 0; cipher_type++ ) 20 TEST_ASSERT( mbedtls_cipher_info_from_type( *cipher_type ) != NULL ); 21} 22/* END_CASE */ 23 24/* BEGIN_CASE */ 25void cipher_null_args( ) 26{ 27 mbedtls_cipher_context_t ctx; 28 const mbedtls_cipher_info_t *info = mbedtls_cipher_info_from_type( *( mbedtls_cipher_list() ) ); 29 unsigned char buf[1] = { 0 }; 30 size_t olen; 31 32 mbedtls_cipher_init( &ctx ); 33 34 TEST_ASSERT( mbedtls_cipher_get_block_size( NULL ) == 0 ); 35 TEST_ASSERT( mbedtls_cipher_get_block_size( &ctx ) == 0 ); 36 37 TEST_ASSERT( mbedtls_cipher_get_cipher_mode( NULL ) == MBEDTLS_MODE_NONE ); 38 TEST_ASSERT( mbedtls_cipher_get_cipher_mode( &ctx ) == MBEDTLS_MODE_NONE ); 39 40 TEST_ASSERT( mbedtls_cipher_get_iv_size( NULL ) == 0 ); 41 TEST_ASSERT( mbedtls_cipher_get_iv_size( &ctx ) == 0 ); 42 43 TEST_ASSERT( mbedtls_cipher_info_from_string( NULL ) == NULL ); 44 45 TEST_ASSERT( mbedtls_cipher_setup( &ctx, NULL ) 46 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 47 TEST_ASSERT( mbedtls_cipher_setup( NULL, info ) 48 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 49 50 TEST_ASSERT( mbedtls_cipher_setkey( NULL, buf, 0, MBEDTLS_ENCRYPT ) 51 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 52 TEST_ASSERT( mbedtls_cipher_setkey( &ctx, buf, 0, MBEDTLS_ENCRYPT ) 53 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 54 55 TEST_ASSERT( mbedtls_cipher_set_iv( NULL, buf, 0 ) 56 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 57 TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, buf, 0 ) 58 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 59 60 TEST_ASSERT( mbedtls_cipher_reset( NULL ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 61 TEST_ASSERT( mbedtls_cipher_reset( &ctx ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 62 63#if defined(MBEDTLS_GCM_C) 64 TEST_ASSERT( mbedtls_cipher_update_ad( NULL, buf, 0 ) 65 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 66 TEST_ASSERT( mbedtls_cipher_update_ad( &ctx, buf, 0 ) 67 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 68#endif 69 70 TEST_ASSERT( mbedtls_cipher_update( NULL, buf, 0, buf, &olen ) 71 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 72 TEST_ASSERT( mbedtls_cipher_update( &ctx, buf, 0, buf, &olen ) 73 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 74 75 TEST_ASSERT( mbedtls_cipher_finish( NULL, buf, &olen ) 76 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 77 TEST_ASSERT( mbedtls_cipher_finish( &ctx, buf, &olen ) 78 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 79 80#if defined(MBEDTLS_GCM_C) 81 TEST_ASSERT( mbedtls_cipher_write_tag( NULL, buf, olen ) 82 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 83 TEST_ASSERT( mbedtls_cipher_write_tag( &ctx, buf, olen ) 84 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 85 86 TEST_ASSERT( mbedtls_cipher_check_tag( NULL, buf, olen ) 87 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 88 TEST_ASSERT( mbedtls_cipher_check_tag( &ctx, buf, olen ) 89 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 90#endif 91} 92/* END_CASE */ 93 94/* BEGIN_CASE depends_on:MBEDTLS_AES_C */ 95void cipher_special_behaviours( ) 96{ 97 const mbedtls_cipher_info_t *cipher_info; 98 mbedtls_cipher_context_t ctx; 99 unsigned char input[32]; 100 unsigned char output[32]; 101 unsigned char iv[32]; 102 size_t olen = 0; 103 104 mbedtls_cipher_init( &ctx ); 105 memset( input, 0, sizeof( input ) ); 106 memset( output, 0, sizeof( output ) ); 107 memset( iv, 0, sizeof( iv ) ); 108 109 /* Check and get info structures */ 110 cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB ); 111 TEST_ASSERT( NULL != cipher_info ); 112 113 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); 114 115 /* IV too big */ 116 TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1 ) 117 == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); 118 119 /* IV too small */ 120 TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, 0 ) 121 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); 122 123 /* Update ECB with partial block */ 124 TEST_ASSERT( mbedtls_cipher_update( &ctx, input, 1, output, &olen ) 125 == MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); 126 127exit: 128 mbedtls_cipher_free( &ctx ); 129} 130/* END_CASE */ 131 132/* BEGIN_CASE */ 133void enc_dec_buf( int cipher_id, char *cipher_string, int key_len, 134 int length_val, int pad_mode ) 135{ 136 size_t length = length_val, outlen, total_len, i, block_size; 137 unsigned char key[32]; 138 unsigned char iv[16]; 139 unsigned char ad[13]; 140 unsigned char tag[16]; 141 unsigned char inbuf[64]; 142 unsigned char encbuf[64]; 143 unsigned char decbuf[64]; 144 145 const mbedtls_cipher_info_t *cipher_info; 146 mbedtls_cipher_context_t ctx_dec; 147 mbedtls_cipher_context_t ctx_enc; 148 149 /* 150 * Prepare contexts 151 */ 152 mbedtls_cipher_init( &ctx_dec ); 153 mbedtls_cipher_init( &ctx_enc ); 154 155 memset( key, 0x2a, sizeof( key ) ); 156 157 /* Check and get info structures */ 158 cipher_info = mbedtls_cipher_info_from_type( cipher_id ); 159 TEST_ASSERT( NULL != cipher_info ); 160 TEST_ASSERT( mbedtls_cipher_info_from_string( cipher_string ) == cipher_info ); 161 162 /* Initialise enc and dec contexts */ 163 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); 164 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) ); 165 166 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) ); 167 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) ); 168 169#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) 170 if( -1 != pad_mode ) 171 { 172 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) ); 173 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) ); 174 } 175#else 176 (void) pad_mode; 177#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ 178 179 /* 180 * Do a few encode/decode cycles 181 */ 182 for( i = 0; i < 3; i++ ) 183 { 184 memset( iv , 0x00 + i, sizeof( iv ) ); 185 memset( ad, 0x10 + i, sizeof( ad ) ); 186 memset( inbuf, 0x20 + i, sizeof( inbuf ) ); 187 188 memset( encbuf, 0, sizeof( encbuf ) ); 189 memset( decbuf, 0, sizeof( decbuf ) ); 190 memset( tag, 0, sizeof( tag ) ); 191 192 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, sizeof( iv ) ) ); 193 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, sizeof( iv ) ) ); 194 195 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); 196 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) ); 197 198#if defined(MBEDTLS_GCM_C) 199 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) ); 200 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) ); 201#endif 202 203 block_size = mbedtls_cipher_get_block_size( &ctx_enc ); 204 TEST_ASSERT( block_size != 0 ); 205 206 /* encode length number of bytes from inbuf */ 207 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) ); 208 total_len = outlen; 209 210 TEST_ASSERT( total_len == length || 211 ( total_len % block_size == 0 && 212 total_len < length && 213 total_len + block_size > length ) ); 214 215 TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) ); 216 total_len += outlen; 217 218#if defined(MBEDTLS_GCM_C) 219 TEST_ASSERT( 0 == mbedtls_cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) ); 220#endif 221 222 TEST_ASSERT( total_len == length || 223 ( total_len % block_size == 0 && 224 total_len > length && 225 total_len <= length + block_size ) ); 226 227 /* decode the previously encoded string */ 228 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, total_len, decbuf, &outlen ) ); 229 total_len = outlen; 230 231 TEST_ASSERT( total_len == length || 232 ( total_len % block_size == 0 && 233 total_len < length && 234 total_len + block_size >= length ) ); 235 236 TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) ); 237 total_len += outlen; 238 239#if defined(MBEDTLS_GCM_C) 240 TEST_ASSERT( 0 == mbedtls_cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) ); 241#endif 242 243 /* check result */ 244 TEST_ASSERT( total_len == length ); 245 TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) ); 246 } 247 248 /* 249 * Done 250 */ 251exit: 252 mbedtls_cipher_free( &ctx_dec ); 253 mbedtls_cipher_free( &ctx_enc ); 254} 255/* END_CASE */ 256 257/* BEGIN_CASE */ 258void enc_fail( int cipher_id, int pad_mode, int key_len, 259 int length_val, int ret ) 260{ 261 size_t length = length_val; 262 unsigned char key[32]; 263 unsigned char iv[16]; 264 265 const mbedtls_cipher_info_t *cipher_info; 266 mbedtls_cipher_context_t ctx; 267 268 unsigned char inbuf[64]; 269 unsigned char encbuf[64]; 270 271 size_t outlen = 0; 272 273 memset( key, 0, 32 ); 274 memset( iv , 0, 16 ); 275 276 mbedtls_cipher_init( &ctx ); 277 278 memset( inbuf, 5, 64 ); 279 memset( encbuf, 0, 64 ); 280 281 /* Check and get info structures */ 282 cipher_info = mbedtls_cipher_info_from_type( cipher_id ); 283 TEST_ASSERT( NULL != cipher_info ); 284 285 /* Initialise context */ 286 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); 287 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, key_len, MBEDTLS_ENCRYPT ) ); 288#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) 289 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); 290#else 291 (void) pad_mode; 292#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ 293 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, 16 ) ); 294 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) ); 295#if defined(MBEDTLS_GCM_C) 296 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, NULL, 0 ) ); 297#endif 298 299 /* encode length number of bytes from inbuf */ 300 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, inbuf, length, encbuf, &outlen ) ); 301 TEST_ASSERT( ret == mbedtls_cipher_finish( &ctx, encbuf + outlen, &outlen ) ); 302 303 /* done */ 304exit: 305 mbedtls_cipher_free( &ctx ); 306} 307/* END_CASE */ 308 309/* BEGIN_CASE */ 310void dec_empty_buf() 311{ 312 unsigned char key[32]; 313 unsigned char iv[16]; 314 315 mbedtls_cipher_context_t ctx_dec; 316 const mbedtls_cipher_info_t *cipher_info; 317 318 unsigned char encbuf[64]; 319 unsigned char decbuf[64]; 320 321 size_t outlen = 0; 322 323 memset( key, 0, 32 ); 324 memset( iv , 0, 16 ); 325 326 mbedtls_cipher_init( &ctx_dec ); 327 328 memset( encbuf, 0, 64 ); 329 memset( decbuf, 0, 64 ); 330 331 /* Initialise context */ 332 cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_CBC ); 333 TEST_ASSERT( NULL != cipher_info); 334 335 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); 336 337 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, 128, MBEDTLS_DECRYPT ) ); 338 339 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) ); 340 341 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); 342 343#if defined(MBEDTLS_GCM_C) 344 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) ); 345#endif 346 347 /* decode 0-byte string */ 348 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); 349 TEST_ASSERT( 0 == outlen ); 350 TEST_ASSERT( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED == mbedtls_cipher_finish( 351 &ctx_dec, decbuf + outlen, &outlen ) ); 352 TEST_ASSERT( 0 == outlen ); 353 354exit: 355 mbedtls_cipher_free( &ctx_dec ); 356} 357/* END_CASE */ 358 359/* BEGIN_CASE */ 360void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val, 361 int second_length_val ) 362{ 363 size_t first_length = first_length_val; 364 size_t second_length = second_length_val; 365 size_t length = first_length + second_length; 366 size_t block_size; 367 unsigned char key[32]; 368 unsigned char iv[16]; 369 370 mbedtls_cipher_context_t ctx_dec; 371 mbedtls_cipher_context_t ctx_enc; 372 const mbedtls_cipher_info_t *cipher_info; 373 374 unsigned char inbuf[64]; 375 unsigned char encbuf[64]; 376 unsigned char decbuf[64]; 377 378 size_t outlen = 0; 379 size_t totaloutlen = 0; 380 381 memset( key, 0, 32 ); 382 memset( iv , 0, 16 ); 383 384 mbedtls_cipher_init( &ctx_dec ); 385 mbedtls_cipher_init( &ctx_enc ); 386 387 memset( inbuf, 5, 64 ); 388 memset( encbuf, 0, 64 ); 389 memset( decbuf, 0, 64 ); 390 391 /* Initialise enc and dec contexts */ 392 cipher_info = mbedtls_cipher_info_from_type( cipher_id ); 393 TEST_ASSERT( NULL != cipher_info); 394 395 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); 396 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) ); 397 398 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) ); 399 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) ); 400 401 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) ); 402 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, 16 ) ); 403 404 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); 405 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) ); 406 407#if defined(MBEDTLS_GCM_C) 408 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) ); 409 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, NULL, 0 ) ); 410#endif 411 412 block_size = mbedtls_cipher_get_block_size( &ctx_enc ); 413 TEST_ASSERT( block_size != 0 ); 414 415 /* encode length number of bytes from inbuf */ 416 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) ); 417 totaloutlen = outlen; 418 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf + first_length, second_length, encbuf + totaloutlen, &outlen ) ); 419 totaloutlen += outlen; 420 TEST_ASSERT( totaloutlen == length || 421 ( totaloutlen % block_size == 0 && 422 totaloutlen < length && 423 totaloutlen + block_size > length ) ); 424 425 TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + totaloutlen, &outlen ) ); 426 totaloutlen += outlen; 427 TEST_ASSERT( totaloutlen == length || 428 ( totaloutlen % block_size == 0 && 429 totaloutlen > length && 430 totaloutlen <= length + block_size ) ); 431 432 /* decode the previously encoded string */ 433 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, totaloutlen, decbuf, &outlen ) ); 434 totaloutlen = outlen; 435 436 TEST_ASSERT( totaloutlen == length || 437 ( totaloutlen % block_size == 0 && 438 totaloutlen < length && 439 totaloutlen + block_size >= length ) ); 440 441 TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) ); 442 totaloutlen += outlen; 443 444 TEST_ASSERT( totaloutlen == length ); 445 446 TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) ); 447 448exit: 449 mbedtls_cipher_free( &ctx_dec ); 450 mbedtls_cipher_free( &ctx_enc ); 451} 452/* END_CASE */ 453 454/* BEGIN_CASE */ 455void decrypt_test_vec( int cipher_id, int pad_mode, 456 char *hex_key, char *hex_iv, 457 char *hex_cipher, char *hex_clear, 458 char *hex_ad, char *hex_tag, 459 int finish_result, int tag_result ) 460{ 461 unsigned char key[50]; 462 unsigned char iv[50]; 463 unsigned char cipher[200]; 464 unsigned char clear[200]; 465 unsigned char ad[200]; 466 unsigned char tag[20]; 467 size_t key_len, iv_len, cipher_len, clear_len; 468#if defined(MBEDTLS_GCM_C) 469 size_t ad_len, tag_len; 470#endif 471 mbedtls_cipher_context_t ctx; 472 unsigned char output[200]; 473 size_t outlen, total_len; 474 475 mbedtls_cipher_init( &ctx ); 476 477 memset( key, 0x00, sizeof( key ) ); 478 memset( iv, 0x00, sizeof( iv ) ); 479 memset( cipher, 0x00, sizeof( cipher ) ); 480 memset( clear, 0x00, sizeof( clear ) ); 481 memset( ad, 0x00, sizeof( ad ) ); 482 memset( tag, 0x00, sizeof( tag ) ); 483 memset( output, 0x00, sizeof( output ) ); 484 485 key_len = unhexify( key, hex_key ); 486 iv_len = unhexify( iv, hex_iv ); 487 cipher_len = unhexify( cipher, hex_cipher ); 488 clear_len = unhexify( clear, hex_clear ); 489#if defined(MBEDTLS_GCM_C) 490 ad_len = unhexify( ad, hex_ad ); 491 tag_len = unhexify( tag, hex_tag ); 492#else 493 ((void) hex_ad); 494 ((void) hex_tag); 495#endif 496 497 /* Prepare context */ 498 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, 499 mbedtls_cipher_info_from_type( cipher_id ) ) ); 500 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, MBEDTLS_DECRYPT ) ); 501#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) 502 if( pad_mode != -1 ) 503 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); 504#else 505 (void) pad_mode; 506#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ 507 TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, iv_len ) ); 508 TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) ); 509#if defined(MBEDTLS_GCM_C) 510 TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, ad, ad_len ) ); 511#endif 512 513 /* decode buffer and check tag */ 514 total_len = 0; 515 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, cipher, cipher_len, output, &outlen ) ); 516 total_len += outlen; 517 TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen, 518 &outlen ) ); 519 total_len += outlen; 520#if defined(MBEDTLS_GCM_C) 521 TEST_ASSERT( tag_result == mbedtls_cipher_check_tag( &ctx, tag, tag_len ) ); 522#endif 523 524 /* check plaintext only if everything went fine */ 525 if( 0 == finish_result && 0 == tag_result ) 526 { 527 TEST_ASSERT( total_len == clear_len ); 528 TEST_ASSERT( 0 == memcmp( output, clear, clear_len ) ); 529 } 530 531exit: 532 mbedtls_cipher_free( &ctx ); 533} 534/* END_CASE */ 535 536/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_AEAD */ 537void auth_crypt_tv( int cipher_id, char *hex_key, char *hex_iv, 538 char *hex_ad, char *hex_cipher, 539 char *hex_tag, char *hex_clear ) 540{ 541 int ret; 542 unsigned char key[50]; 543 unsigned char iv[50]; 544 unsigned char cipher[200]; 545 unsigned char clear[200]; 546 unsigned char ad[200]; 547 unsigned char tag[20]; 548 unsigned char my_tag[20]; 549 size_t key_len, iv_len, cipher_len, clear_len, ad_len, tag_len; 550 mbedtls_cipher_context_t ctx; 551 unsigned char output[200]; 552 size_t outlen; 553 554 mbedtls_cipher_init( &ctx ); 555 556 memset( key, 0x00, sizeof( key ) ); 557 memset( iv, 0x00, sizeof( iv ) ); 558 memset( cipher, 0x00, sizeof( cipher ) ); 559 memset( clear, 0x00, sizeof( clear ) ); 560 memset( ad, 0x00, sizeof( ad ) ); 561 memset( tag, 0x00, sizeof( tag ) ); 562 memset( my_tag, 0xFF, sizeof( my_tag ) ); 563 memset( output, 0xFF, sizeof( output ) ); 564 565 key_len = unhexify( key, hex_key ); 566 iv_len = unhexify( iv, hex_iv ); 567 cipher_len = unhexify( cipher, hex_cipher ); 568 ad_len = unhexify( ad, hex_ad ); 569 tag_len = unhexify( tag, hex_tag ); 570 571 /* Prepare context */ 572 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, 573 mbedtls_cipher_info_from_type( cipher_id ) ) ); 574 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, MBEDTLS_DECRYPT ) ); 575 576 /* decode buffer and check tag */ 577 ret = mbedtls_cipher_auth_decrypt( &ctx, iv, iv_len, ad, ad_len, 578 cipher, cipher_len, output, &outlen, 579 tag, tag_len ); 580 581 /* make sure we didn't overwrite */ 582 TEST_ASSERT( output[outlen + 0] == 0xFF ); 583 TEST_ASSERT( output[outlen + 1] == 0xFF ); 584 585 /* make sure the message is rejected if it should be */ 586 if( strcmp( hex_clear, "FAIL" ) == 0 ) 587 { 588 TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ); 589 goto exit; 590 } 591 592 /* otherwise, make sure it was decrypted properly */ 593 TEST_ASSERT( ret == 0 ); 594 595 clear_len = unhexify( clear, hex_clear ); 596 TEST_ASSERT( outlen == clear_len ); 597 TEST_ASSERT( memcmp( output, clear, clear_len ) == 0 ); 598 599 /* then encrypt the clear and make sure we get the same ciphertext and tag */ 600 memset( output, 0xFF, sizeof( output ) ); 601 outlen = 0; 602 603 ret = mbedtls_cipher_auth_encrypt( &ctx, iv, iv_len, ad, ad_len, 604 clear, clear_len, output, &outlen, 605 my_tag, tag_len ); 606 TEST_ASSERT( ret == 0 ); 607 608 TEST_ASSERT( outlen == clear_len ); 609 TEST_ASSERT( memcmp( output, cipher, clear_len ) == 0 ); 610 TEST_ASSERT( memcmp( my_tag, tag, tag_len ) == 0 ); 611 612 /* make sure we didn't overwrite */ 613 TEST_ASSERT( output[outlen + 0] == 0xFF ); 614 TEST_ASSERT( output[outlen + 1] == 0xFF ); 615 TEST_ASSERT( my_tag[tag_len + 0] == 0xFF ); 616 TEST_ASSERT( my_tag[tag_len + 1] == 0xFF ); 617 618 619exit: 620 mbedtls_cipher_free( &ctx ); 621} 622/* END_CASE */ 623 624/* BEGIN_CASE */ 625void test_vec_ecb( int cipher_id, int operation, char *hex_key, 626 char *hex_input, char *hex_result, 627 int finish_result ) 628{ 629 unsigned char key[50]; 630 unsigned char input[16]; 631 unsigned char result[16]; 632 size_t key_len; 633 mbedtls_cipher_context_t ctx; 634 unsigned char output[32]; 635 size_t outlen; 636 637 mbedtls_cipher_init( &ctx ); 638 639 memset( key, 0x00, sizeof( key ) ); 640 memset( input, 0x00, sizeof( input ) ); 641 memset( result, 0x00, sizeof( result ) ); 642 memset( output, 0x00, sizeof( output ) ); 643 644 /* Prepare context */ 645 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, 646 mbedtls_cipher_info_from_type( cipher_id ) ) ); 647 648 key_len = unhexify( key, hex_key ); 649 TEST_ASSERT( unhexify( input, hex_input ) == 650 (int) mbedtls_cipher_get_block_size( &ctx ) ); 651 TEST_ASSERT( unhexify( result, hex_result ) == 652 (int) mbedtls_cipher_get_block_size( &ctx ) ); 653 654 TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, operation ) ); 655 656 TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, input, 657 mbedtls_cipher_get_block_size( &ctx ), 658 output, &outlen ) ); 659 TEST_ASSERT( outlen == mbedtls_cipher_get_block_size( &ctx ) ); 660 TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen, 661 &outlen ) ); 662 TEST_ASSERT( 0 == outlen ); 663 664 /* check plaintext only if everything went fine */ 665 if( 0 == finish_result ) 666 TEST_ASSERT( 0 == memcmp( output, result, 667 mbedtls_cipher_get_block_size( &ctx ) ) ); 668 669exit: 670 mbedtls_cipher_free( &ctx ); 671} 672/* END_CASE */ 673 674/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */ 675void set_padding( int cipher_id, int pad_mode, int ret ) 676{ 677 const mbedtls_cipher_info_t *cipher_info; 678 mbedtls_cipher_context_t ctx; 679 680 mbedtls_cipher_init( &ctx ); 681 682 cipher_info = mbedtls_cipher_info_from_type( cipher_id ); 683 TEST_ASSERT( NULL != cipher_info ); 684 TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); 685 686 TEST_ASSERT( ret == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); 687 688exit: 689 mbedtls_cipher_free( &ctx ); 690} 691/* END_CASE */ 692 693/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ 694void check_padding( int pad_mode, char *input_str, int ret, int dlen_check ) 695{ 696 mbedtls_cipher_info_t cipher_info; 697 mbedtls_cipher_context_t ctx; 698 unsigned char input[16]; 699 size_t ilen, dlen; 700 701 /* build a fake context just for getting access to get_padding */ 702 mbedtls_cipher_init( &ctx ); 703 cipher_info.mode = MBEDTLS_MODE_CBC; 704 ctx.cipher_info = &cipher_info; 705 706 TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); 707 708 ilen = unhexify( input, input_str ); 709 710 TEST_ASSERT( ret == ctx.get_padding( input, ilen, &dlen ) ); 711 if( 0 == ret ) 712 TEST_ASSERT( dlen == (size_t) dlen_check ); 713} 714/* END_CASE */ 715
