Fix errors in AEAD test function

It was failing to set the key in the ENCRYPT direction before encrypting.
This just happened to work for GCM and CCM.

After re-encrypting, compare the length to the expected ciphertext
length not the plaintext length. Again this just happens to work for
GCM and CCM since they do not perform any kind of padding.
This commit is contained in:
Jack Lloyd 2019-03-07 16:59:14 -05:00
parent 57773d4ede
commit 1dbc5a257f
2 changed files with 7 additions and 1 deletions

View File

@ -7,6 +7,9 @@ Features
rfc 5280 section 4.2.1.4. rfc 5280 section 4.2.1.4.
Bugfix Bugfix
* Fix bugs in the AEAD test suite which would be exposed by ciphers which
either used both encrypt and decrypt key schedules, or which perform padding.
GCM and CCM were not affected. Fixed by Jack Lloyd.
* Fix private key DER output in the key_app_writer example. File contents * Fix private key DER output in the key_app_writer example. File contents
were shifted by one byte, creating an invalid ASN.1 tag. Fixed by were shifted by one byte, creating an invalid ASN.1 tag. Fixed by
Christian Walther in #2239. Christian Walther in #2239.

View File

@ -1011,6 +1011,9 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 ); TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 );
/* then encrypt the clear->x and make sure we get the same ciphertext and tag->x */ /* then encrypt the clear->x and make sure we get the same ciphertext and tag->x */
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len,
MBEDTLS_ENCRYPT ) );
memset( output, 0xFF, sizeof( output ) ); memset( output, 0xFF, sizeof( output ) );
outlen = 0; outlen = 0;
@ -1023,7 +1026,7 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
output_tag, tag->len ); output_tag, tag->len );
TEST_ASSERT( ret == 0 ); TEST_ASSERT( ret == 0 );
TEST_ASSERT( outlen == clear->len ); TEST_ASSERT( outlen == cipher->len );
TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 ); TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 );
TEST_ASSERT( memcmp( output_tag, tag->x, tag->len ) == 0 ); TEST_ASSERT( memcmp( output_tag, tag->x, tag->len ) == 0 );