diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index dc7644396..520055409 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -428,7 +428,8 @@ static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx ) { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - MBEDTLS_INTERNAL_VALIDATE_RET( ctx->cipher_info != NULL, 0 ); + if( ctx->cipher_info == NULL ) + return 0; return ctx->cipher_info->block_size; } @@ -446,7 +447,8 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx ) { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE ); - MBEDTLS_INTERNAL_VALIDATE_RET( ctx->cipher_info != NULL, MBEDTLS_MODE_NONE ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_MODE_NONE; return ctx->cipher_info->mode; } @@ -465,7 +467,8 @@ static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx ) { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - MBEDTLS_INTERNAL_VALIDATE_RET( ctx->cipher_info != NULL, 0 ); + if( ctx->cipher_info == NULL ) + return 0; if( ctx->iv_size != 0 ) return (int) ctx->iv_size; @@ -486,8 +489,8 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_CIPHER_NONE ); - MBEDTLS_INTERNAL_VALIDATE_RET( - ctx->cipher_info != NULL, MBEDTLS_CIPHER_NONE ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_CIPHER_NONE; return ctx->cipher_info->type; } @@ -505,7 +508,8 @@ static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx ) { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - MBEDTLS_INTERNAL_VALIDATE_RET( ctx->cipher_info != NULL, 0 ); + if( ctx->cipher_info == NULL ) + return 0; return ctx->cipher_info->name; } @@ -524,8 +528,8 @@ static inline int mbedtls_cipher_get_key_bitlen( { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_KEY_LENGTH_NONE ); - MBEDTLS_INTERNAL_VALIDATE_RET( - ctx->cipher_info != NULL, MBEDTLS_KEY_LENGTH_NONE ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_KEY_LENGTH_NONE; return (int) ctx->cipher_info->key_bitlen; } @@ -543,8 +547,8 @@ static inline mbedtls_operation_t mbedtls_cipher_get_operation( { MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_OPERATION_NONE ); - MBEDTLS_INTERNAL_VALIDATE_RET( - ctx->cipher_info != NULL, MBEDTLS_OPERATION_NONE ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_OPERATION_NONE; return ctx->operation; } diff --git a/library/cipher.c b/library/cipher.c index 14ff37111..b37fc768c 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -182,7 +182,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ) int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ) { CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( cipher_info != NULL ); + if( cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); @@ -211,10 +212,11 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const mbedtls_operation_t operation ) { CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); CIPHER_VALIDATE_RET( key != NULL ); CIPHER_VALIDATE_RET( operation == MBEDTLS_ENCRYPT || operation == MBEDTLS_DECRYPT ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 && (int) ctx->cipher_info->key_bitlen != key_bitlen ) @@ -251,8 +253,9 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, size_t actual_iv_size; CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; /* avoid buffer overflow in ctx->iv */ if( iv_len > MBEDTLS_MAX_IV_LENGTH ) @@ -293,7 +296,8 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ) { CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; ctx->unprocessed_len = 0; @@ -305,8 +309,9 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len ) { CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) @@ -348,10 +353,11 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i size_t block_size; CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); CIPHER_VALIDATE_RET( output != NULL ); CIPHER_VALIDATE_RET( olen != NULL ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; *olen = 0; block_size = mbedtls_cipher_get_block_size( ctx ); @@ -757,9 +763,10 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen ) { CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); CIPHER_VALIDATE_RET( output != NULL ); CIPHER_VALIDATE_RET( olen != NULL ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; *olen = 0; @@ -847,7 +854,8 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode ) { CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; if( MBEDTLS_MODE_CBC != ctx->cipher_info->mode ) { @@ -898,8 +906,9 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len ) { CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; if( MBEDTLS_ENCRYPT != ctx->operation ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); @@ -931,8 +940,9 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, int ret; CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; if( MBEDTLS_DECRYPT != ctx->operation ) { @@ -997,11 +1007,12 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, size_t finish_olen; CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); CIPHER_VALIDATE_RET( output != NULL ); CIPHER_VALIDATE_RET( olen != NULL ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 ) return( ret ); @@ -1032,13 +1043,14 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len ) { CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); CIPHER_VALIDATE_RET( iv != NULL ); CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); CIPHER_VALIDATE_RET( output != NULL ); CIPHER_VALIDATE_RET( olen != NULL ); CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) @@ -1088,13 +1100,14 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len ) { CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ctx->cipher_info != NULL ); CIPHER_VALIDATE_RET( iv != NULL ); CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); CIPHER_VALIDATE_RET( output != NULL ); CIPHER_VALIDATE_RET( olen != NULL ); CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index fba32fdd6..16327c387 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -48,53 +48,49 @@ void cipher_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_setup( NULL, valid_info ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setup( &valid_ctx, NULL ) ); + TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, NULL ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); /* mbedtls_cipher_get_block_size() */ TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_block_size( NULL ) ); - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_block_size( &invalid_ctx ) ); + TEST_ASSERT( mbedtls_cipher_get_block_size( &invalid_ctx ) == 0 ); /* mbedtls_cipher_get_cipher_mode() */ TEST_INVALID_PARAM_RET( MBEDTLS_MODE_NONE, mbedtls_cipher_get_cipher_mode( NULL ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_MODE_NONE, - mbedtls_cipher_get_cipher_mode( &invalid_ctx ) ); + TEST_ASSERT( mbedtls_cipher_get_cipher_mode( &invalid_ctx ) == + MBEDTLS_MODE_NONE ); /* mbedtls_cipher_get_iv_size() */ TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_iv_size( NULL ) ); - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_iv_size( &invalid_ctx ) ); + TEST_ASSERT( mbedtls_cipher_get_iv_size( &invalid_ctx ) == 0 ); /* mbedtls_cipher_get_type() */ TEST_INVALID_PARAM_RET( MBEDTLS_CIPHER_NONE, mbedtls_cipher_get_type( NULL ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_CIPHER_NONE, - mbedtls_cipher_get_type( &invalid_ctx ) ); + TEST_ASSERT( + mbedtls_cipher_get_type( &invalid_ctx ) == + MBEDTLS_CIPHER_NONE); /* mbedtls_cipher_get_name() */ TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_name( NULL ) ); - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_name( &invalid_ctx ) ); + TEST_ASSERT( mbedtls_cipher_get_name( &invalid_ctx ) == 0 ); /* mbedtls_cipher_get_key_bitlen() */ TEST_INVALID_PARAM_RET( MBEDTLS_KEY_LENGTH_NONE, mbedtls_cipher_get_key_bitlen( NULL ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_KEY_LENGTH_NONE, - mbedtls_cipher_get_key_bitlen( &invalid_ctx ) ); + TEST_ASSERT( mbedtls_cipher_get_key_bitlen( &invalid_ctx ) == + MBEDTLS_KEY_LENGTH_NONE ); /* mbedtls_cipher_get_operation() */ TEST_INVALID_PARAM_RET( MBEDTLS_OPERATION_NONE, mbedtls_cipher_get_operation( NULL ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_OPERATION_NONE, - mbedtls_cipher_get_operation( &invalid_ctx ) ); + TEST_ASSERT( mbedtls_cipher_get_operation( &invalid_ctx ) == + MBEDTLS_OPERATION_NONE ); /* mbedtls_cipher_setkey() */ TEST_INVALID_PARAM_RET( @@ -103,12 +99,12 @@ void cipher_invalid_param( ) valid_buffer, valid_bitlen, valid_operation ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + TEST_ASSERT( mbedtls_cipher_setkey( &invalid_ctx, valid_buffer, valid_bitlen, - valid_operation ) ); + valid_operation ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_setkey( &valid_ctx, @@ -128,11 +124,11 @@ void cipher_invalid_param( ) mbedtls_cipher_set_iv( NULL, valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + TEST_ASSERT( mbedtls_cipher_set_iv( &invalid_ctx, valid_buffer, - valid_size ) ); + valid_size ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_set_iv( &valid_ctx, @@ -142,8 +138,8 @@ void cipher_invalid_param( ) /* mbedtls_cipher_reset() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_reset( NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_reset( &invalid_ctx ) ); + TEST_ASSERT( mbedtls_cipher_reset( &invalid_ctx ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /* mbedtls_cipher_update_ad() */ @@ -152,11 +148,11 @@ void cipher_invalid_param( ) mbedtls_cipher_update_ad( NULL, valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + TEST_ASSERT( mbedtls_cipher_update_ad( &invalid_ctx, valid_buffer, - valid_size ) ); + valid_size ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_update_ad( &valid_ctx, @@ -168,9 +164,8 @@ void cipher_invalid_param( ) /* mbedtls_cipher_set_padding_mode() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_set_padding_mode( NULL, valid_mode ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_set_padding_mode( &invalid_ctx, - valid_mode ) ); + TEST_ASSERT( mbedtls_cipher_set_padding_mode( &invalid_ctx, valid_mode ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); #endif /* mbedtls_cipher_update() */ @@ -181,13 +176,13 @@ void cipher_invalid_param( ) valid_size, valid_buffer, &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + TEST_ASSERT( mbedtls_cipher_update( &invalid_ctx, valid_buffer, valid_size, valid_buffer, - &size_t_var ) ); + &size_t_var ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_update( &valid_ctx, @@ -213,11 +208,11 @@ void cipher_invalid_param( ) mbedtls_cipher_finish( NULL, valid_buffer, &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + TEST_ASSERT( mbedtls_cipher_finish( &invalid_ctx, valid_buffer, - &size_t_var ) ); + &size_t_var ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_finish( &valid_ctx, @@ -236,11 +231,11 @@ void cipher_invalid_param( ) mbedtls_cipher_write_tag( NULL, valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + TEST_ASSERT( mbedtls_cipher_write_tag( &invalid_ctx, valid_buffer, - valid_size ) ); + valid_size ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_write_tag( &valid_ctx, @@ -253,11 +248,11 @@ void cipher_invalid_param( ) mbedtls_cipher_check_tag( NULL, valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + TEST_ASSERT( mbedtls_cipher_check_tag( &invalid_ctx, valid_buffer, - valid_size ) ); + valid_size ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_check_tag( &valid_ctx, @@ -272,12 +267,12 @@ void cipher_invalid_param( ) valid_buffer, valid_size, valid_buffer, valid_size, valid_buffer, &size_t_var ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + TEST_ASSERT( mbedtls_cipher_crypt( &invalid_ctx, valid_buffer, valid_size, valid_buffer, valid_size, - valid_buffer, &size_t_var ) ); + valid_buffer, &size_t_var ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_crypt( &valid_ctx, @@ -313,14 +308,14 @@ void cipher_invalid_param( ) valid_buffer, valid_size, valid_buffer, &size_t_var, valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + TEST_ASSERT( mbedtls_cipher_auth_encrypt( &invalid_ctx, valid_buffer, valid_size, valid_buffer, valid_size, valid_buffer, valid_size, valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + valid_buffer, valid_size ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_auth_encrypt( &valid_ctx, @@ -379,14 +374,14 @@ void cipher_invalid_param( ) valid_buffer, valid_size, valid_buffer, &size_t_var, valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + TEST_ASSERT( mbedtls_cipher_auth_decrypt( &invalid_ctx, valid_buffer, valid_size, valid_buffer, valid_size, valid_buffer, valid_size, valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + valid_buffer, valid_size ) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_cipher_auth_decrypt( &valid_ctx,