mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 00:05:36 +01:00
cipher_encrypt_alg_without_iv: validate size macros independently
Validate the size macros directly from the output length in the test data, rather than using the value returned by the library. This is equivalent since the value returned by the library is checked to be identical. Enforce that SIZE() <= MAX_SIZE(), in addition to length <= SIZE(). This is stronger than the previous code which merely enforced length <= SIZE() and length <= MAX_SIZE(). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
4a83c1047f
commit
5f50420dc8
@ -2611,24 +2611,33 @@ void cipher_encrypt_alg_without_iv( int alg_arg,
|
||||
|
||||
PSA_ASSERT( psa_crypto_init( ) );
|
||||
|
||||
/* Validate size macros */
|
||||
TEST_ASSERT( expected_output->len <=
|
||||
PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) );
|
||||
TEST_ASSERT( PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) <=
|
||||
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
|
||||
|
||||
/* Set up key and output buffer */
|
||||
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
|
||||
psa_set_key_algorithm( &attributes, alg );
|
||||
psa_set_key_type( &attributes, key_type );
|
||||
|
||||
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
|
||||
&key ) );
|
||||
output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
|
||||
ASSERT_ALLOC( output, output_buffer_size );
|
||||
|
||||
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
|
||||
&key ) );
|
||||
|
||||
/* set_iv() is not allowed */
|
||||
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
|
||||
TEST_EQUAL( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ),
|
||||
PSA_ERROR_BAD_STATE );
|
||||
|
||||
/* generate_iv() is not allowed */
|
||||
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
|
||||
TEST_EQUAL( psa_cipher_generate_iv( &operation, iv, sizeof( iv ),
|
||||
&iv_length ),
|
||||
PSA_ERROR_BAD_STATE );
|
||||
|
||||
/* One-shot encryption */
|
||||
PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output,
|
||||
output_buffer_size, &output_length ) );
|
||||
TEST_ASSERT( output_length <=
|
||||
@ -2638,8 +2647,10 @@ void cipher_encrypt_alg_without_iv( int alg_arg,
|
||||
|
||||
ASSERT_COMPARE( expected_output->x, expected_output->len,
|
||||
output, output_length );
|
||||
|
||||
exit:
|
||||
mbedtls_free( output );
|
||||
psa_cipher_abort( &operation );
|
||||
psa_destroy_key( key );
|
||||
PSA_DONE( );
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user