From 2cd9051d5feef12086dbed788f7cc270b9ec231c Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Fri, 12 Jul 2019 14:48:12 +0200 Subject: [PATCH 1/4] Add decoding empty buffer test calls for cipher modes that benefit from this --- tests/suites/test_suite_cipher.aes.data | 2 +- tests/suites/test_suite_cipher.arc4.data | 4 ++++ tests/suites/test_suite_cipher.aria.data | 3 +++ tests/suites/test_suite_cipher.blowfish.data | 4 ++++ tests/suites/test_suite_cipher.camellia.data | 4 ++++ tests/suites/test_suite_cipher.des.data | 12 ++++++++++++ tests/suites/test_suite_cipher.gcm.data | 12 ++++++++++++ 7 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 tests/suites/test_suite_cipher.aria.data diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data index c42fc7911..b2eb26e9d 100644 --- a/tests/suites/test_suite_cipher.aes.data +++ b/tests/suites/test_suite_cipher.aes.data @@ -1,4 +1,4 @@ -Decrypt empty buffer +AES-128 CBC - Decrypt empty buffer depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 dec_empty_buf:MBEDTLS_CIPHER_AES_128_CBC diff --git a/tests/suites/test_suite_cipher.arc4.data b/tests/suites/test_suite_cipher.arc4.data index 6e69b811f..d29d2ae9d 100644 --- a/tests/suites/test_suite_cipher.arc4.data +++ b/tests/suites/test_suite_cipher.arc4.data @@ -1,3 +1,7 @@ +ARC4 Decrypt empty buffer +depends_on:MBEDTLS_ARC4_C +dec_empty_buf:MBEDTLS_CIPHER_ARC4_128 + ARC4 Encrypt and decrypt 0 bytes depends_on:MBEDTLS_ARC4_C enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:0:-1 diff --git a/tests/suites/test_suite_cipher.aria.data b/tests/suites/test_suite_cipher.aria.data new file mode 100644 index 000000000..c1ecafbd1 --- /dev/null +++ b/tests/suites/test_suite_cipher.aria.data @@ -0,0 +1,3 @@ +Aria CBC Decrypt empty buffer +depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC +dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_CBC diff --git a/tests/suites/test_suite_cipher.blowfish.data b/tests/suites/test_suite_cipher.blowfish.data index b94bc4704..627c42b74 100644 --- a/tests/suites/test_suite_cipher.blowfish.data +++ b/tests/suites/test_suite_cipher.blowfish.data @@ -1,3 +1,7 @@ +BLOWFISH CBC Decrypt empty buffer +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC + BLOWFISH Encrypt and decrypt 0 bytes depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:-1 diff --git a/tests/suites/test_suite_cipher.camellia.data b/tests/suites/test_suite_cipher.camellia.data index e6342da2b..a078be198 100644 --- a/tests/suites/test_suite_cipher.camellia.data +++ b/tests/suites/test_suite_cipher.camellia.data @@ -1,3 +1,7 @@ +CAMELLIA CBC Decrypt empty buffer +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC + CAMELLIA Encrypt and decrypt 0 bytes depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:-1 diff --git a/tests/suites/test_suite_cipher.des.data b/tests/suites/test_suite_cipher.des.data index ba9020eab..dbd6809b1 100644 --- a/tests/suites/test_suite_cipher.des.data +++ b/tests/suites/test_suite_cipher.des.data @@ -1,3 +1,15 @@ +DES CBC Decrypt empty buffer +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_DES_CBC + +DES EDE CBC Decrypt empty buffer +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_DES_EDE_CBC + +DES EDE3 CBC Decrypt empty buffer +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_DES_EDE3_CBC + DES Encrypt and decrypt 0 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:-1 diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index 03d08ce32..dc33116c1 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -1,3 +1,15 @@ +AES 128 GCM Decrypt empty buffer +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +dec_empty_buf:MBEDTLS_CIPHER_AES_128_GCM + +CAMELLIA GCM Decrypt empty buffer +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM + +Aria GCM Decrypt empty buffer +depends_on:MBEDTLS_ARIA_C +dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_GCM + AES 128 GCM Encrypt and decrypt 0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_AES_128_GCM:"AES-128-GCM":128:0:-1 From 8e88a8f4eac5a2e720b459e77630e7af5af31f6c Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Mon, 29 Jul 2019 15:09:29 +0200 Subject: [PATCH 2/4] Remove redundant empty buffer decoding test --- tests/suites/test_suite_cipher.gcm.data | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index dc33116c1..15c94a022 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -1,7 +1,3 @@ -AES 128 GCM Decrypt empty buffer -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -dec_empty_buf:MBEDTLS_CIPHER_AES_128_GCM - CAMELLIA GCM Decrypt empty buffer depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_PADDING_PKCS7 dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM From c5899a0fca7287a3f7fb915210f7b8d4f1954cec Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Mon, 29 Jul 2019 15:11:16 +0200 Subject: [PATCH 3/4] Fix dependencies for some GCM empty buffer decoding tests --- tests/suites/test_suite_cipher.gcm.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index 15c94a022..11a12c964 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -1,9 +1,9 @@ CAMELLIA GCM Decrypt empty buffer -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM Aria GCM Decrypt empty buffer -depends_on:MBEDTLS_ARIA_C +depends_on:MBEDTLS_ARIA_C:MBEDTLS_GCM_C dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_GCM AES 128 GCM Encrypt and decrypt 0 bytes From d8727230f7876312d77ee63925cb5c8a845ea049 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Mon, 29 Jul 2019 17:46:29 +0200 Subject: [PATCH 4/4] Add negative tests for empty buffer decoding for certain ciphers --- tests/suites/test_suite_cipher.aes.data | 6 +++- tests/suites/test_suite_cipher.arc4.data | 2 +- tests/suites/test_suite_cipher.aria.data | 2 +- tests/suites/test_suite_cipher.blowfish.data | 2 +- tests/suites/test_suite_cipher.camellia.data | 2 +- .../suites/test_suite_cipher.chachapoly.data | 2 +- tests/suites/test_suite_cipher.des.data | 6 ++-- tests/suites/test_suite_cipher.function | 33 ++++++++++--------- tests/suites/test_suite_cipher.gcm.data | 4 +-- tests/suites/test_suite_cipher.nist_kw.data | 9 ++++- 10 files changed, 41 insertions(+), 27 deletions(-) diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data index b2eb26e9d..6293408d4 100644 --- a/tests/suites/test_suite_cipher.aes.data +++ b/tests/suites/test_suite_cipher.aes.data @@ -1,6 +1,10 @@ AES-128 CBC - Decrypt empty buffer depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_AES_128_CBC +dec_empty_buf:MBEDTLS_CIPHER_AES_128_CBC:0:0 + +AES-128 XTS - Decrypt empty buffer +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS +dec_empty_buf:MBEDTLS_CIPHER_AES_128_XTS:MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:0 AES-128 CBC - Encrypt and decrypt 0 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 diff --git a/tests/suites/test_suite_cipher.arc4.data b/tests/suites/test_suite_cipher.arc4.data index d29d2ae9d..adeed83c5 100644 --- a/tests/suites/test_suite_cipher.arc4.data +++ b/tests/suites/test_suite_cipher.arc4.data @@ -1,6 +1,6 @@ ARC4 Decrypt empty buffer depends_on:MBEDTLS_ARC4_C -dec_empty_buf:MBEDTLS_CIPHER_ARC4_128 +dec_empty_buf:MBEDTLS_CIPHER_ARC4_128:0:0 ARC4 Encrypt and decrypt 0 bytes depends_on:MBEDTLS_ARC4_C diff --git a/tests/suites/test_suite_cipher.aria.data b/tests/suites/test_suite_cipher.aria.data index c1ecafbd1..2c50a21fc 100644 --- a/tests/suites/test_suite_cipher.aria.data +++ b/tests/suites/test_suite_cipher.aria.data @@ -1,3 +1,3 @@ Aria CBC Decrypt empty buffer depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC -dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_CBC +dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_CBC:0:0 diff --git a/tests/suites/test_suite_cipher.blowfish.data b/tests/suites/test_suite_cipher.blowfish.data index 627c42b74..bbb39343b 100644 --- a/tests/suites/test_suite_cipher.blowfish.data +++ b/tests/suites/test_suite_cipher.blowfish.data @@ -1,6 +1,6 @@ BLOWFISH CBC Decrypt empty buffer depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC +dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:0:0 BLOWFISH Encrypt and decrypt 0 bytes depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 diff --git a/tests/suites/test_suite_cipher.camellia.data b/tests/suites/test_suite_cipher.camellia.data index a078be198..8fbbbe91e 100644 --- a/tests/suites/test_suite_cipher.camellia.data +++ b/tests/suites/test_suite_cipher.camellia.data @@ -1,6 +1,6 @@ CAMELLIA CBC Decrypt empty buffer depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC +dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:0:0 CAMELLIA Encrypt and decrypt 0 bytes depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 diff --git a/tests/suites/test_suite_cipher.chachapoly.data b/tests/suites/test_suite_cipher.chachapoly.data index ccd0dfb57..8c246adb4 100644 --- a/tests/suites/test_suite_cipher.chachapoly.data +++ b/tests/suites/test_suite_cipher.chachapoly.data @@ -1,6 +1,6 @@ Decrypt empty buffer depends_on:MBEDTLS_CHACHAPOLY_C -dec_empty_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305 +dec_empty_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:0:0 ChaCha20+Poly1305 Encrypt and decrypt 0 bytes depends_on:MBEDTLS_CHACHAPOLY_C diff --git a/tests/suites/test_suite_cipher.des.data b/tests/suites/test_suite_cipher.des.data index dbd6809b1..c272a3e33 100644 --- a/tests/suites/test_suite_cipher.des.data +++ b/tests/suites/test_suite_cipher.des.data @@ -1,14 +1,14 @@ DES CBC Decrypt empty buffer depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_DES_CBC +dec_empty_buf:MBEDTLS_CIPHER_DES_CBC:0:0 DES EDE CBC Decrypt empty buffer depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_DES_EDE_CBC +dec_empty_buf:MBEDTLS_CIPHER_DES_EDE_CBC:0:0 DES EDE3 CBC Decrypt empty buffer depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_DES_EDE3_CBC +dec_empty_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:0:0 DES Encrypt and decrypt 0 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 1ea14088b..70f4bc120 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -1,6 +1,10 @@ /* BEGIN_HEADER */ #include "mbedtls/cipher.h" +#if defined(MBEDTLS_AES_C) +#include "mbedtls/aes.h" +#endif + #if defined(MBEDTLS_GCM_C) #include "mbedtls/gcm.h" #endif @@ -710,7 +714,9 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void dec_empty_buf( int cipher ) +void dec_empty_buf( int cipher, + int expected_update_ret, + int expected_finish_ret ) { unsigned char key[32]; unsigned char iv[16]; @@ -723,8 +729,6 @@ void dec_empty_buf( int cipher ) size_t outlen = 0; - int expected_ret; - memset( key, 0, 32 ); memset( iv , 0, 16 ); @@ -753,25 +757,24 @@ void dec_empty_buf( int cipher ) #endif /* decode 0-byte string */ - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); + TEST_ASSERT( expected_update_ret == + mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); TEST_ASSERT( 0 == outlen ); - if ( cipher_info->mode == MBEDTLS_MODE_CBC || - cipher_info->mode == MBEDTLS_MODE_ECB ) - { - /* CBC and ECB ciphers need a full block of input. */ - expected_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; - } - else + if ( expected_finish_ret == 0 && + ( cipher_info->mode == MBEDTLS_MODE_CBC || + cipher_info->mode == MBEDTLS_MODE_ECB ) ) { /* Non-CBC and non-ECB ciphers are OK with decrypting empty buffers and * return success, not MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED, when - * decrypting an empty buffer. */ - expected_ret = 0; + * decrypting an empty buffer. + * On the other hand, CBC and ECB ciphers need a full block of input. + */ + expected_finish_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; } - TEST_ASSERT( expected_ret == mbedtls_cipher_finish( - &ctx_dec, decbuf + outlen, &outlen ) ); + TEST_ASSERT( expected_finish_ret == mbedtls_cipher_finish( + &ctx_dec, decbuf + outlen, &outlen ) ); TEST_ASSERT( 0 == outlen ); exit: diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index 11a12c964..83889de47 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -1,10 +1,10 @@ CAMELLIA GCM Decrypt empty buffer depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C -dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM +dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM:0:0 Aria GCM Decrypt empty buffer depends_on:MBEDTLS_ARIA_C:MBEDTLS_GCM_C -dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_GCM +dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_GCM:0:0 AES 128 GCM Encrypt and decrypt 0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C diff --git a/tests/suites/test_suite_cipher.nist_kw.data b/tests/suites/test_suite_cipher.nist_kw.data index 59ef931e3..820189159 100644 --- a/tests/suites/test_suite_cipher.nist_kw.data +++ b/tests/suites/test_suite_cipher.nist_kw.data @@ -1,3 +1,11 @@ +KW AES-128 wrap - Decrypt empty buffer +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +dec_empty_buf:MBEDTLS_CIPHER_AES_128_KW:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE + +KWP AES-128 wrap - Decrypt empty buffer +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +dec_empty_buf:MBEDTLS_CIPHER_AES_128_KWP:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE + KW AES-128 wrap rfc 3394 depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KW:"000102030405060708090A0B0C0D0E0F":"":"":"1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5":"":"":"00112233445566778899AABBCCDDEEFF":0 @@ -268,4 +276,3 @@ auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"21fb6600c1d34a74adee67612672593a86cf23 KWP AES-256 wrap CAVS 17.4 FAIL COUNT 4 CLEN 32 depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KWP:"c32cb3e1e41a4b9f4de79989957866f5dd48dba38c22a6ebb80e14c84bdd9534":"":"":"c29b05c2619a58ecc1d239e7a34273cd":"":"FAIL":"":0 -