/* BEGIN_HEADER */ #include "mbedtls/cipher.h" #if defined(MBEDTLS_GCM_C) #include "mbedtls/gcm.h" #endif /* END_HEADER */ /* BEGIN_DEPENDENCIES * depends_on:MBEDTLS_CIPHER_C * END_DEPENDENCIES */ /* BEGIN_CASE */ void mbedtls_cipher_list( ) { const int *cipher_type; for( cipher_type = mbedtls_cipher_list(); *cipher_type != 0; cipher_type++ ) TEST_ASSERT( mbedtls_cipher_info_from_type( *cipher_type ) != NULL ); } /* END_CASE */ /* BEGIN_CASE */ void cipher_null_args( ) { mbedtls_cipher_context_t ctx; const mbedtls_cipher_info_t *info = mbedtls_cipher_info_from_type( *( mbedtls_cipher_list() ) ); unsigned char buf[1] = { 0 }; size_t olen; mbedtls_cipher_init( &ctx ); TEST_ASSERT( mbedtls_cipher_get_block_size( NULL ) == 0 ); TEST_ASSERT( mbedtls_cipher_get_block_size( &ctx ) == 0 ); TEST_ASSERT( mbedtls_cipher_get_cipher_mode( NULL ) == MBEDTLS_MODE_NONE ); TEST_ASSERT( mbedtls_cipher_get_cipher_mode( &ctx ) == MBEDTLS_MODE_NONE ); TEST_ASSERT( mbedtls_cipher_get_iv_size( NULL ) == 0 ); TEST_ASSERT( mbedtls_cipher_get_iv_size( &ctx ) == 0 ); TEST_ASSERT( mbedtls_cipher_info_from_string( NULL ) == NULL ); TEST_ASSERT( mbedtls_cipher_setup( &ctx, NULL ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_setup( NULL, info ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_setkey( NULL, buf, 0, MBEDTLS_ENCRYPT ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_setkey( &ctx, buf, 0, MBEDTLS_ENCRYPT ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_set_iv( NULL, buf, 0 ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, buf, 0 ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_reset( NULL ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_reset( &ctx ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); #if defined(MBEDTLS_GCM_C) TEST_ASSERT( mbedtls_cipher_update_ad( NULL, buf, 0 ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_update_ad( &ctx, buf, 0 ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); #endif TEST_ASSERT( mbedtls_cipher_update( NULL, buf, 0, buf, &olen ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_update( &ctx, buf, 0, buf, &olen ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_finish( NULL, buf, &olen ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_finish( &ctx, buf, &olen ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); #if defined(MBEDTLS_GCM_C) TEST_ASSERT( mbedtls_cipher_write_tag( NULL, buf, olen ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_write_tag( &ctx, buf, olen ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_check_tag( NULL, buf, olen ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_cipher_check_tag( &ctx, buf, olen ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); #endif } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ void cipher_special_behaviours( ) { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; unsigned char input[32]; unsigned char output[32]; unsigned char iv[32]; size_t olen = 0; mbedtls_cipher_init( &ctx ); memset( input, 0, sizeof( input ) ); memset( output, 0, sizeof( output ) ); memset( iv, 0, sizeof( iv ) ); /* Check and get info structures */ cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_CBC ); TEST_ASSERT( NULL != cipher_info ); TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); /* IV too big */ TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1 ) == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); /* IV too small */ TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, 0 ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); mbedtls_cipher_free( &ctx ); cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB ); TEST_ASSERT( NULL != cipher_info ); TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); /* Update ECB with partial block */ TEST_ASSERT( mbedtls_cipher_update( &ctx, input, 1, output, &olen ) == MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); exit: mbedtls_cipher_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE */ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len, int length_val, int pad_mode ) { size_t length = length_val, outlen, total_len, i, block_size; unsigned char key[32]; unsigned char iv[16]; unsigned char ad[13]; unsigned char tag[16]; unsigned char inbuf[64]; unsigned char encbuf[64]; unsigned char decbuf[64]; const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx_dec; mbedtls_cipher_context_t ctx_enc; /* * Prepare contexts */ mbedtls_cipher_init( &ctx_dec ); mbedtls_cipher_init( &ctx_enc ); memset( key, 0x2a, sizeof( key ) ); /* Check and get info structures */ cipher_info = mbedtls_cipher_info_from_type( cipher_id ); TEST_ASSERT( NULL != cipher_info ); TEST_ASSERT( mbedtls_cipher_info_from_string( cipher_string ) == cipher_info ); /* Initialise enc and dec contexts */ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) ); TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) ); TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) ); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) if( -1 != pad_mode ) { TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) ); TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) ); } #else (void) pad_mode; #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ /* * Do a few encode/decode cycles */ for( i = 0; i < 3; i++ ) { memset( iv , 0x00 + i, sizeof( iv ) ); memset( ad, 0x10 + i, sizeof( ad ) ); memset( inbuf, 0x20 + i, sizeof( inbuf ) ); memset( encbuf, 0, sizeof( encbuf ) ); memset( decbuf, 0, sizeof( decbuf ) ); memset( tag, 0, sizeof( tag ) ); TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, sizeof( iv ) ) ); TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, sizeof( iv ) ) ); TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) ); #if defined(MBEDTLS_GCM_C) TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) ); TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) ); #endif block_size = mbedtls_cipher_get_block_size( &ctx_enc ); TEST_ASSERT( block_size != 0 ); /* encode length number of bytes from inbuf */ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) ); total_len = outlen; TEST_ASSERT( total_len == length || ( total_len % block_size == 0 && total_len < length && total_len + block_size > length ) ); TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) ); total_len += outlen; #if defined(MBEDTLS_GCM_C) TEST_ASSERT( 0 == mbedtls_cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) ); #endif TEST_ASSERT( total_len == length || ( total_len % block_size == 0 && total_len > length && total_len <= length + block_size ) ); /* decode the previously encoded string */ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, total_len, decbuf, &outlen ) ); total_len = outlen; TEST_ASSERT( total_len == length || ( total_len % block_size == 0 && total_len < length && total_len + block_size >= length ) ); TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) ); total_len += outlen; #if defined(MBEDTLS_GCM_C) TEST_ASSERT( 0 == mbedtls_cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) ); #endif /* check result */ TEST_ASSERT( total_len == length ); TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) ); } /* * Done */ exit: mbedtls_cipher_free( &ctx_dec ); mbedtls_cipher_free( &ctx_enc ); } /* END_CASE */ /* BEGIN_CASE */ void enc_fail( int cipher_id, int pad_mode, int key_len, int length_val, int ret ) { size_t length = length_val; unsigned char key[32]; unsigned char iv[16]; const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; unsigned char inbuf[64]; unsigned char encbuf[64]; size_t outlen = 0; memset( key, 0, 32 ); memset( iv , 0, 16 ); mbedtls_cipher_init( &ctx ); memset( inbuf, 5, 64 ); memset( encbuf, 0, 64 ); /* Check and get info structures */ cipher_info = mbedtls_cipher_info_from_type( cipher_id ); TEST_ASSERT( NULL != cipher_info ); /* Initialise context */ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, key_len, MBEDTLS_ENCRYPT ) ); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); #else (void) pad_mode; #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, 16 ) ); TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) ); #if defined(MBEDTLS_GCM_C) TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, NULL, 0 ) ); #endif /* encode length number of bytes from inbuf */ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, inbuf, length, encbuf, &outlen ) ); TEST_ASSERT( ret == mbedtls_cipher_finish( &ctx, encbuf + outlen, &outlen ) ); /* done */ exit: mbedtls_cipher_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE */ void dec_empty_buf() { unsigned char key[32]; unsigned char iv[16]; mbedtls_cipher_context_t ctx_dec; const mbedtls_cipher_info_t *cipher_info; unsigned char encbuf[64]; unsigned char decbuf[64]; size_t outlen = 0; memset( key, 0, 32 ); memset( iv , 0, 16 ); mbedtls_cipher_init( &ctx_dec ); memset( encbuf, 0, 64 ); memset( decbuf, 0, 64 ); /* Initialise context */ cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_CBC ); TEST_ASSERT( NULL != cipher_info); TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, 128, MBEDTLS_DECRYPT ) ); TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) ); TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); #if defined(MBEDTLS_GCM_C) TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) ); #endif /* decode 0-byte string */ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); TEST_ASSERT( 0 == outlen ); TEST_ASSERT( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED == mbedtls_cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) ); TEST_ASSERT( 0 == outlen ); exit: mbedtls_cipher_free( &ctx_dec ); } /* END_CASE */ /* BEGIN_CASE */ void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val, int second_length_val, int pad_mode, int first_encrypt_output_len, int second_encrypt_output_len, int first_decrypt_output_len, int second_decrypt_output_len ) { size_t first_length = first_length_val; size_t second_length = second_length_val; size_t length = first_length + second_length; size_t block_size; unsigned char key[32]; unsigned char iv[16]; mbedtls_cipher_context_t ctx_dec; mbedtls_cipher_context_t ctx_enc; const mbedtls_cipher_info_t *cipher_info; unsigned char inbuf[64]; unsigned char encbuf[64]; unsigned char decbuf[64]; size_t outlen = 0; size_t totaloutlen = 0; memset( key, 0, 32 ); memset( iv , 0, 16 ); mbedtls_cipher_init( &ctx_dec ); mbedtls_cipher_init( &ctx_enc ); memset( inbuf, 5, 64 ); memset( encbuf, 0, 64 ); memset( decbuf, 0, 64 ); /* Initialise enc and dec contexts */ cipher_info = mbedtls_cipher_info_from_type( cipher_id ); TEST_ASSERT( NULL != cipher_info); TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) ); TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) ); TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) ); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) if( -1 != pad_mode ) { TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) ); TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) ); } #else (void) pad_mode; #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) ); TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, 16 ) ); TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) ); #if defined(MBEDTLS_GCM_C) TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) ); TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, NULL, 0 ) ); #endif block_size = mbedtls_cipher_get_block_size( &ctx_enc ); TEST_ASSERT( block_size != 0 ); /* encode length number of bytes from inbuf */ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) ); TEST_ASSERT( (size_t)first_encrypt_output_len == outlen ); totaloutlen = outlen; TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf + first_length, second_length, encbuf + totaloutlen, &outlen ) ); TEST_ASSERT( (size_t)second_encrypt_output_len == outlen ); totaloutlen += outlen; TEST_ASSERT( totaloutlen == length || ( totaloutlen % block_size == 0 && totaloutlen < length && totaloutlen + block_size > length ) ); TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + totaloutlen, &outlen ) ); totaloutlen += outlen; TEST_ASSERT( totaloutlen == length || ( totaloutlen % block_size == 0 && totaloutlen > length && totaloutlen <= length + block_size ) ); /* decode the previously encoded string */ second_length = totaloutlen - first_length; TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, first_length, decbuf, &outlen ) ); TEST_ASSERT( (size_t)first_decrypt_output_len == outlen ); totaloutlen = outlen; TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf + first_length, second_length, decbuf + totaloutlen, &outlen ) ); TEST_ASSERT( (size_t)second_decrypt_output_len == outlen ); totaloutlen += outlen; TEST_ASSERT( totaloutlen == length || ( totaloutlen % block_size == 0 && totaloutlen < length && totaloutlen + block_size >= length ) ); TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + totaloutlen, &outlen ) ); totaloutlen += outlen; TEST_ASSERT( totaloutlen == length ); TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) ); exit: mbedtls_cipher_free( &ctx_dec ); mbedtls_cipher_free( &ctx_enc ); } /* END_CASE */ /* BEGIN_CASE */ void decrypt_test_vec( int cipher_id, int pad_mode, char *hex_key, char *hex_iv, char *hex_cipher, char *hex_clear, char *hex_ad, char *hex_tag, int finish_result, int tag_result ) { unsigned char key[50]; unsigned char iv[50]; unsigned char cipher[200]; unsigned char clear[200]; unsigned char ad[200]; unsigned char tag[20]; size_t key_len, iv_len, cipher_len, clear_len; #if defined(MBEDTLS_GCM_C) size_t ad_len, tag_len; #endif mbedtls_cipher_context_t ctx; unsigned char output[200]; size_t outlen, total_len; mbedtls_cipher_init( &ctx ); memset( key, 0x00, sizeof( key ) ); memset( iv, 0x00, sizeof( iv ) ); memset( cipher, 0x00, sizeof( cipher ) ); memset( clear, 0x00, sizeof( clear ) ); memset( ad, 0x00, sizeof( ad ) ); memset( tag, 0x00, sizeof( tag ) ); memset( output, 0x00, sizeof( output ) ); key_len = unhexify( key, hex_key ); iv_len = unhexify( iv, hex_iv ); cipher_len = unhexify( cipher, hex_cipher ); clear_len = unhexify( clear, hex_clear ); #if defined(MBEDTLS_GCM_C) ad_len = unhexify( ad, hex_ad ); tag_len = unhexify( tag, hex_tag ); #else ((void) hex_ad); ((void) hex_tag); #endif /* Prepare context */ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, mbedtls_cipher_info_from_type( cipher_id ) ) ); TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, MBEDTLS_DECRYPT ) ); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) if( pad_mode != -1 ) TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); #else (void) pad_mode; #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, iv_len ) ); TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) ); #if defined(MBEDTLS_GCM_C) TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, ad, ad_len ) ); #endif /* decode buffer and check tag */ total_len = 0; TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, cipher, cipher_len, output, &outlen ) ); total_len += outlen; TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen, &outlen ) ); total_len += outlen; #if defined(MBEDTLS_GCM_C) TEST_ASSERT( tag_result == mbedtls_cipher_check_tag( &ctx, tag, tag_len ) ); #endif /* check plaintext only if everything went fine */ if( 0 == finish_result && 0 == tag_result ) { TEST_ASSERT( total_len == clear_len ); TEST_ASSERT( 0 == memcmp( output, clear, clear_len ) ); } exit: mbedtls_cipher_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_AEAD */ void auth_crypt_tv( int cipher_id, char *hex_key, char *hex_iv, char *hex_ad, char *hex_cipher, char *hex_tag, char *hex_clear ) { int ret; unsigned char key[50]; unsigned char iv[50]; unsigned char cipher[200]; unsigned char clear[200]; unsigned char ad[200]; unsigned char tag[20]; unsigned char my_tag[20]; size_t key_len, iv_len, cipher_len, clear_len, ad_len, tag_len; mbedtls_cipher_context_t ctx; unsigned char output[200]; size_t outlen; mbedtls_cipher_init( &ctx ); memset( key, 0x00, sizeof( key ) ); memset( iv, 0x00, sizeof( iv ) ); memset( cipher, 0x00, sizeof( cipher ) ); memset( clear, 0x00, sizeof( clear ) ); memset( ad, 0x00, sizeof( ad ) ); memset( tag, 0x00, sizeof( tag ) ); memset( my_tag, 0xFF, sizeof( my_tag ) ); memset( output, 0xFF, sizeof( output ) ); key_len = unhexify( key, hex_key ); iv_len = unhexify( iv, hex_iv ); cipher_len = unhexify( cipher, hex_cipher ); ad_len = unhexify( ad, hex_ad ); tag_len = unhexify( tag, hex_tag ); /* Prepare context */ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, mbedtls_cipher_info_from_type( cipher_id ) ) ); TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, MBEDTLS_DECRYPT ) ); /* decode buffer and check tag */ ret = mbedtls_cipher_auth_decrypt( &ctx, iv, iv_len, ad, ad_len, cipher, cipher_len, output, &outlen, tag, tag_len ); /* make sure we didn't overwrite */ TEST_ASSERT( output[outlen + 0] == 0xFF ); TEST_ASSERT( output[outlen + 1] == 0xFF ); /* make sure the message is rejected if it should be */ if( strcmp( hex_clear, "FAIL" ) == 0 ) { TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ); goto exit; } /* otherwise, make sure it was decrypted properly */ TEST_ASSERT( ret == 0 ); clear_len = unhexify( clear, hex_clear ); TEST_ASSERT( outlen == clear_len ); TEST_ASSERT( memcmp( output, clear, clear_len ) == 0 ); /* then encrypt the clear and make sure we get the same ciphertext and tag */ memset( output, 0xFF, sizeof( output ) ); outlen = 0; ret = mbedtls_cipher_auth_encrypt( &ctx, iv, iv_len, ad, ad_len, clear, clear_len, output, &outlen, my_tag, tag_len ); TEST_ASSERT( ret == 0 ); TEST_ASSERT( outlen == clear_len ); TEST_ASSERT( memcmp( output, cipher, clear_len ) == 0 ); TEST_ASSERT( memcmp( my_tag, tag, tag_len ) == 0 ); /* make sure we didn't overwrite */ TEST_ASSERT( output[outlen + 0] == 0xFF ); TEST_ASSERT( output[outlen + 1] == 0xFF ); TEST_ASSERT( my_tag[tag_len + 0] == 0xFF ); TEST_ASSERT( my_tag[tag_len + 1] == 0xFF ); exit: mbedtls_cipher_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE */ void test_vec_ecb( int cipher_id, int operation, char *hex_key, char *hex_input, char *hex_result, int finish_result ) { unsigned char key[50]; unsigned char input[16]; unsigned char result[16]; size_t key_len; mbedtls_cipher_context_t ctx; unsigned char output[32]; size_t outlen; mbedtls_cipher_init( &ctx ); memset( key, 0x00, sizeof( key ) ); memset( input, 0x00, sizeof( input ) ); memset( result, 0x00, sizeof( result ) ); memset( output, 0x00, sizeof( output ) ); /* Prepare context */ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, mbedtls_cipher_info_from_type( cipher_id ) ) ); key_len = unhexify( key, hex_key ); TEST_ASSERT( unhexify( input, hex_input ) == (int) mbedtls_cipher_get_block_size( &ctx ) ); TEST_ASSERT( unhexify( result, hex_result ) == (int) mbedtls_cipher_get_block_size( &ctx ) ); TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, operation ) ); TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, input, mbedtls_cipher_get_block_size( &ctx ), output, &outlen ) ); TEST_ASSERT( outlen == mbedtls_cipher_get_block_size( &ctx ) ); TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen, &outlen ) ); TEST_ASSERT( 0 == outlen ); /* check plaintext only if everything went fine */ if( 0 == finish_result ) TEST_ASSERT( 0 == memcmp( output, result, mbedtls_cipher_get_block_size( &ctx ) ) ); exit: mbedtls_cipher_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */ void test_vec_crypt( int cipher_id, int operation, char *hex_key, char *hex_iv, char *hex_input, char *hex_result, int finish_result ) { unsigned char key[50]; unsigned char input[16]; unsigned char result[16]; unsigned char iv[16]; size_t key_len, iv_len, inputlen, resultlen; mbedtls_cipher_context_t ctx; unsigned char output[32]; size_t outlen; mbedtls_cipher_init( &ctx ); memset( key, 0x00, sizeof( key ) ); memset( input, 0x00, sizeof( input ) ); memset( result, 0x00, sizeof( result ) ); memset( output, 0x00, sizeof( output ) ); memset( iv, 0x00, sizeof( iv ) ); /* Prepare context */ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, mbedtls_cipher_info_from_type( cipher_id ) ) ); key_len = unhexify( key, hex_key ); inputlen = unhexify( input, hex_input ); resultlen = unhexify( result, hex_result ); TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, operation ) ); if( MBEDTLS_MODE_CBC == ctx.cipher_info->mode ) TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, MBEDTLS_PADDING_NONE ) ); iv_len = unhexify( iv, hex_iv ); TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv_len ? iv : NULL, iv_len, input, inputlen, output, &outlen ) ); TEST_ASSERT( resultlen == outlen ); /* check plaintext only if everything went fine */ if( 0 == finish_result ) TEST_ASSERT( 0 == memcmp( output, result, outlen ) ); exit: mbedtls_cipher_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */ void set_padding( int cipher_id, int pad_mode, int ret ) { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; mbedtls_cipher_init( &ctx ); cipher_info = mbedtls_cipher_info_from_type( cipher_id ); TEST_ASSERT( NULL != cipher_info ); TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); TEST_ASSERT( ret == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); exit: mbedtls_cipher_free( &ctx ); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ void check_padding( int pad_mode, char *input_str, int ret, int dlen_check ) { mbedtls_cipher_info_t cipher_info; mbedtls_cipher_context_t ctx; unsigned char input[16]; size_t ilen, dlen; /* build a fake context just for getting access to get_padding */ mbedtls_cipher_init( &ctx ); cipher_info.mode = MBEDTLS_MODE_CBC; ctx.cipher_info = &cipher_info; TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); ilen = unhexify( input, input_str ); TEST_ASSERT( ret == ctx.get_padding( input, ilen, &dlen ) ); if( 0 == ret ) TEST_ASSERT( dlen == (size_t) dlen_check ); } /* END_CASE */