mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 20:55:36 +01:00
Test truncated MAC and AEAD algorithms
For MAC and AEAD algorithms, test the algorithm truncated to certain lengths (1 and 63 bytes).
This commit is contained in:
Gilles Peskine
Darryl Green
parent
f96ed6615c
commit
434899fccd
@ -766,7 +766,7 @@
|
|||||||
* algorithm is considered identical to the untruncated algorithm
|
* algorithm is considered identical to the untruncated algorithm
|
||||||
* for policy comparison purposes.
|
* for policy comparison purposes.
|
||||||
*
|
*
|
||||||
* \param alg A MAC algorithm identifier (value of type
|
* \param mac_alg A MAC algorithm identifier (value of type
|
||||||
* #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
|
* #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
|
||||||
* is true). This may be a truncated or untruncated
|
* is true). This may be a truncated or untruncated
|
||||||
* MAC algorithm.
|
* MAC algorithm.
|
||||||
@ -782,14 +782,14 @@
|
|||||||
* MAC algorithm or if \p mac_length is too small or
|
* MAC algorithm or if \p mac_length is too small or
|
||||||
* too large for the specified MAC algorithm.
|
* too large for the specified MAC algorithm.
|
||||||
*/
|
*/
|
||||||
#define PSA_ALG_TRUNCATED_MAC(alg, mac_length) \
|
#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
|
||||||
(((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \
|
(((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \
|
||||||
((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
|
((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
|
||||||
|
|
||||||
/** Macro to build the base MAC algorithm corresponding to a truncated
|
/** Macro to build the base MAC algorithm corresponding to a truncated
|
||||||
* MAC algorithm.
|
* MAC algorithm.
|
||||||
*
|
*
|
||||||
* \param alg A MAC algorithm identifier (value of type
|
* \param mac_alg A MAC algorithm identifier (value of type
|
||||||
* #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
|
* #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
|
||||||
* is true). This may be a truncated or untruncated
|
* is true). This may be a truncated or untruncated
|
||||||
* MAC algorithm.
|
* MAC algorithm.
|
||||||
@ -798,12 +798,12 @@
|
|||||||
* \return Unspecified if \p alg is not a supported
|
* \return Unspecified if \p alg is not a supported
|
||||||
* MAC algorithm.
|
* MAC algorithm.
|
||||||
*/
|
*/
|
||||||
#define PSA_ALG_FULL_LENGTH_MAC(alg) \
|
#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
|
||||||
((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK)
|
((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK)
|
||||||
|
|
||||||
/** Length to which a MAC algorithm is truncated.
|
/** Length to which a MAC algorithm is truncated.
|
||||||
*
|
*
|
||||||
* \param alg A MAC algorithm identifier (value of type
|
* \param mac_alg A MAC algorithm identifier (value of type
|
||||||
* #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
|
* #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
|
||||||
* is true).
|
* is true).
|
||||||
*
|
*
|
||||||
@ -812,8 +812,8 @@
|
|||||||
* \return Unspecified if \p alg is not a supported
|
* \return Unspecified if \p alg is not a supported
|
||||||
* MAC algorithm.
|
* MAC algorithm.
|
||||||
*/
|
*/
|
||||||
#define PSA_MAC_TRUNCATED_LENGTH(alg) \
|
#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
|
||||||
(((alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
|
(((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
|
||||||
|
|
||||||
#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000)
|
#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000)
|
||||||
#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001)
|
#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001)
|
||||||
@ -910,7 +910,7 @@
|
|||||||
* Depending on the algorithm, the tag length may affect the calculation
|
* Depending on the algorithm, the tag length may affect the calculation
|
||||||
* of the ciphertext.
|
* of the ciphertext.
|
||||||
*
|
*
|
||||||
* \param alg A AEAD algorithm identifier (value of type
|
* \param aead_alg An AEAD algorithm identifier (value of type
|
||||||
* #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg)
|
* #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg)
|
||||||
* is true).
|
* is true).
|
||||||
* \param tag_length Desired length of the authentication tag in bytes.
|
* \param tag_length Desired length of the authentication tag in bytes.
|
||||||
@ -921,26 +921,26 @@
|
|||||||
* AEAD algorithm or if \p tag_length is not valid
|
* AEAD algorithm or if \p tag_length is not valid
|
||||||
* for the specified AEAD algorithm.
|
* for the specified AEAD algorithm.
|
||||||
*/
|
*/
|
||||||
#define PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, tag_length) \
|
#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \
|
||||||
(((alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \
|
(((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \
|
||||||
((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
|
((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
|
||||||
PSA_ALG_AEAD_TAG_LENGTH_MASK))
|
PSA_ALG_AEAD_TAG_LENGTH_MASK))
|
||||||
|
|
||||||
/** Calculate the corresponding AEAD algorithm with the default tag length.
|
/** Calculate the corresponding AEAD algorithm with the default tag length.
|
||||||
*
|
*
|
||||||
* \param alg An AEAD algorithm (\c PSA_ALG_XXX value such that
|
* \param aead_alg An AEAD algorithm (\c PSA_ALG_XXX value such that
|
||||||
* #PSA_ALG_IS_AEAD(\p alg) is true).
|
* #PSA_ALG_IS_AEAD(\p alg) is true).
|
||||||
*
|
*
|
||||||
* \return The corresponding AEAD algorithm with the default tag length
|
* \return The corresponding AEAD algorithm with the default
|
||||||
* for that algorithm.
|
* tag length for that algorithm.
|
||||||
*/
|
*/
|
||||||
#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) \
|
#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \
|
||||||
( \
|
( \
|
||||||
PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_CCM) \
|
PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_CCM) \
|
||||||
PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_GCM) \
|
PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_GCM) \
|
||||||
0)
|
0)
|
||||||
#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, ref) \
|
#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, ref) \
|
||||||
PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, 0) == \
|
PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, 0) == \
|
||||||
PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \
|
PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \
|
||||||
ref :
|
ref :
|
||||||
|
|
||||||
|
|||||||
@ -60,8 +60,13 @@ when applicable.'''
|
|||||||
self.ecc_curves = set(['0xffff'])
|
self.ecc_curves = set(['0xffff'])
|
||||||
self.key_types = set(['0xffffffff'])
|
self.key_types = set(['0xffffffff'])
|
||||||
self.key_usage_flags = set(['0x80000000'])
|
self.key_usage_flags = set(['0x80000000'])
|
||||||
# Hard-coded value for an unknown hash algorithm
|
# Hard-coded value for unknown algorithms
|
||||||
self.hash_algorithms = set(['0x010000ff'])
|
self.hash_algorithms = set(['0x010000ff'])
|
||||||
|
self.mac_algorithms = set(['0x02ff00ff'])
|
||||||
|
# For AEAD algorithms, the only variability is over the tag length,
|
||||||
|
# and this only applies to known algorithms, so don't test an
|
||||||
|
# unknown algorithm.
|
||||||
|
self.aead_algorithms = set()
|
||||||
# Identifier prefixes
|
# Identifier prefixes
|
||||||
self.table_by_prefix = {
|
self.table_by_prefix = {
|
||||||
'ERROR': self.statuses,
|
'ERROR': self.statuses,
|
||||||
@ -73,12 +78,17 @@ when applicable.'''
|
|||||||
# macro name -> list of argument names
|
# macro name -> list of argument names
|
||||||
self.argspecs = {}
|
self.argspecs = {}
|
||||||
# argument name -> list of values
|
# argument name -> list of values
|
||||||
self.arguments_for = {}
|
self.arguments_for = {
|
||||||
|
'mac_length': ['1', '63'],
|
||||||
|
'tag_length': ['1', '63'],
|
||||||
|
}
|
||||||
|
|
||||||
def gather_arguments(self):
|
def gather_arguments(self):
|
||||||
'''Populate the list of values for macro arguments.
|
'''Populate the list of values for macro arguments.
|
||||||
Call this after parsing all the inputs.'''
|
Call this after parsing all the inputs.'''
|
||||||
self.arguments_for['hash_alg'] = sorted(self.hash_algorithms)
|
self.arguments_for['hash_alg'] = sorted(self.hash_algorithms)
|
||||||
|
self.arguments_for['mac_alg'] = sorted(self.mac_algorithms)
|
||||||
|
self.arguments_for['aead_alg'] = sorted(self.aead_algorithms)
|
||||||
self.arguments_for['curve'] = sorted(self.ecc_curves)
|
self.arguments_for['curve'] = sorted(self.ecc_curves)
|
||||||
|
|
||||||
def format_arguments(self, name, arguments):
|
def format_arguments(self, name, arguments):
|
||||||
@ -145,6 +155,10 @@ where each argument takes each possible value at least once.'''
|
|||||||
self.algorithms.add(argument)
|
self.algorithms.add(argument)
|
||||||
if function == 'hash_algorithm':
|
if function == 'hash_algorithm':
|
||||||
self.hash_algorithms.add(argument)
|
self.hash_algorithms.add(argument)
|
||||||
|
elif function in ['mac_algorithm', 'hmac_algorithm']:
|
||||||
|
self.mac_algorithms.add(argument)
|
||||||
|
elif function == 'aead_algorithm':
|
||||||
|
self.aead_algorithms.add(argument)
|
||||||
elif function == 'key_type':
|
elif function == 'key_type':
|
||||||
self.key_types.add(argument)
|
self.key_types.add(argument)
|
||||||
elif function == 'ecc_key_types':
|
elif function == 'ecc_key_types':
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user