mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-01 22:04:20 +01:00
Improve comments/structure of auth_crypt test
We want to test both sets of functions (ext and non-ext) in turn, so goto exit is not really and option. Also, separate setting up the context (which is going to be the same for both ext and non-ext functions) from setting up the buffers (which will vary). Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
parent
faddf98bea
commit
4c1a1006df
@ -13,6 +13,10 @@
|
|||||||
#include "test/psa_crypto_helpers.h"
|
#include "test/psa_crypto_helpers.h"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
|
||||||
|
#define MBEDTLS_CIPHER_AUTH_CRYPT
|
||||||
|
#endif
|
||||||
|
|
||||||
/* END_HEADER */
|
/* END_HEADER */
|
||||||
|
|
||||||
/* BEGIN_DEPENDENCIES
|
/* BEGIN_DEPENDENCIES
|
||||||
@ -959,15 +963,17 @@ exit:
|
|||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_AEAD */
|
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_AUTH_CRYPT */
|
||||||
void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
|
void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
|
||||||
data_t * ad, data_t * cipher, data_t * tag,
|
data_t * ad, data_t * cipher, data_t * tag,
|
||||||
char * result, data_t * clear, int use_psa )
|
char * result, data_t * clear, int use_psa )
|
||||||
{
|
{
|
||||||
/* Takes an AEAD ciphertext + tag and performs a pair
|
/*
|
||||||
* of AEAD decryption and AEAD encryption. It checks that
|
* Take an AEAD ciphertext + tag and perform a pair
|
||||||
|
* of AEAD decryption and AEAD encryption. Check that
|
||||||
* this results in the expected plaintext, and that
|
* this results in the expected plaintext, and that
|
||||||
* decryption and encryption are inverse to one another. */
|
* decryption and encryption are inverse to one another.
|
||||||
|
*/
|
||||||
|
|
||||||
int ret;
|
int ret;
|
||||||
unsigned char output[300]; /* Temporary buffer for results of
|
unsigned char output[300]; /* Temporary buffer for results of
|
||||||
@ -984,31 +990,27 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
|
|||||||
mbedtls_cipher_init( &ctx );
|
mbedtls_cipher_init( &ctx );
|
||||||
memset( output, 0xFF, sizeof( output ) );
|
memset( output, 0xFF, sizeof( output ) );
|
||||||
|
|
||||||
/* Prepare context */
|
/* Initialize PSA Crypto */
|
||||||
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
(void) use_psa;
|
if( use_psa == 1 )
|
||||||
|
PSA_ASSERT( psa_crypto_init( ) );
|
||||||
#else
|
#else
|
||||||
|
(void) use_psa;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Prepare context for decryption
|
||||||
|
*/
|
||||||
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
if( use_psa == 1 )
|
if( use_psa == 1 )
|
||||||
{
|
{
|
||||||
PSA_ASSERT( psa_crypto_init( ) );
|
|
||||||
|
|
||||||
/* PSA requires that the tag immediately follows the ciphertext. */
|
|
||||||
tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len );
|
|
||||||
TEST_ASSERT( tmp_cipher != NULL );
|
|
||||||
tmp_tag = tmp_cipher + cipher->len;
|
|
||||||
|
|
||||||
memcpy( tmp_cipher, cipher->x, cipher->len );
|
|
||||||
memcpy( tmp_tag, tag->x, tag->len );
|
|
||||||
|
|
||||||
TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
|
TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
|
||||||
mbedtls_cipher_info_from_type( cipher_id ),
|
mbedtls_cipher_info_from_type( cipher_id ),
|
||||||
tag->len ) );
|
tag->len ) );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
{
|
{
|
||||||
tmp_tag = tag->x;
|
|
||||||
tmp_cipher = cipher->x;
|
|
||||||
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
|
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
|
||||||
mbedtls_cipher_info_from_type( cipher_id ) ) );
|
mbedtls_cipher_info_from_type( cipher_id ) ) );
|
||||||
}
|
}
|
||||||
@ -1016,7 +1018,30 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
|
|||||||
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len,
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len,
|
||||||
MBEDTLS_DECRYPT ) );
|
MBEDTLS_DECRYPT ) );
|
||||||
|
|
||||||
/* decode buffer and check tag->x */
|
/*
|
||||||
|
* Prepare buffers/pointers for decryption
|
||||||
|
*/
|
||||||
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
|
if( use_psa == 1 )
|
||||||
|
{
|
||||||
|
/* PSA requires that the tag immediately follows the ciphertext. */
|
||||||
|
tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len );
|
||||||
|
TEST_ASSERT( tmp_cipher != NULL );
|
||||||
|
tmp_tag = tmp_cipher + cipher->len;
|
||||||
|
|
||||||
|
memcpy( tmp_cipher, cipher->x, cipher->len );
|
||||||
|
memcpy( tmp_tag, tag->x, tag->len );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
{
|
||||||
|
tmp_tag = tag->x;
|
||||||
|
tmp_cipher = cipher->x;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Authenticate and decrypt, and check result
|
||||||
|
*/
|
||||||
|
|
||||||
/* Sanity check that we don't use overly long inputs. */
|
/* Sanity check that we don't use overly long inputs. */
|
||||||
TEST_ASSERT( sizeof( output ) >= cipher->len );
|
TEST_ASSERT( sizeof( output ) >= cipher->len );
|
||||||
@ -1029,16 +1054,18 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
|
|||||||
if( strcmp( result, "FAIL" ) == 0 )
|
if( strcmp( result, "FAIL" ) == 0 )
|
||||||
{
|
{
|
||||||
TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
|
TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
|
||||||
goto exit;
|
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
/* otherwise, make sure it was decrypted properly */
|
/* otherwise, make sure it was decrypted properly */
|
||||||
TEST_ASSERT( ret == 0 );
|
TEST_ASSERT( ret == 0 );
|
||||||
|
|
||||||
TEST_ASSERT( outlen == clear->len );
|
TEST_ASSERT( outlen == clear->len );
|
||||||
TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 );
|
TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 );
|
||||||
|
|
||||||
/* then encrypt the clear->x and make sure we get the same ciphertext and tag->x */
|
/*
|
||||||
|
* Prepare context for encryption
|
||||||
|
*/
|
||||||
mbedtls_cipher_free( &ctx );
|
mbedtls_cipher_free( &ctx );
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
if( use_psa == 1 )
|
if( use_psa == 1 )
|
||||||
@ -1056,6 +1083,9 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
|
|||||||
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len,
|
TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len,
|
||||||
MBEDTLS_ENCRYPT ) );
|
MBEDTLS_ENCRYPT ) );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Encrypt and check the result
|
||||||
|
*/
|
||||||
memset( output, 0xFF, sizeof( output ) );
|
memset( output, 0xFF, sizeof( output ) );
|
||||||
outlen = 0;
|
outlen = 0;
|
||||||
|
|
||||||
@ -1071,6 +1101,7 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
|
|||||||
TEST_ASSERT( outlen == cipher->len );
|
TEST_ASSERT( outlen == cipher->len );
|
||||||
TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 );
|
TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 );
|
||||||
TEST_ASSERT( memcmp( output_tag, tag->x, tag->len ) == 0 );
|
TEST_ASSERT( memcmp( output_tag, tag->x, tag->len ) == 0 );
|
||||||
|
}
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user