mbedtls/tests/suites/test_suite_cipher.function
2014-05-20 17:26:16 +02:00

592 lines
19 KiB
Plaintext

/* BEGIN_HEADER */
#include <polarssl/cipher.h>
#if defined(POLARSSL_GCM_C)
#include <polarssl/gcm.h>
#endif
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:POLARSSL_CIPHER_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void cipher_list( )
{
const int *cipher_type;
for( cipher_type = cipher_list(); *cipher_type != 0; cipher_type++ )
TEST_ASSERT( cipher_info_from_type( *cipher_type ) != NULL );
}
/* END_CASE */
/* BEGIN_CASE */
void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
int length_val, int pad_mode )
{
size_t length = length_val, outlen, total_len, i;
unsigned char key[32];
unsigned char iv[16];
unsigned char ad[13];
unsigned char tag[16];
unsigned char inbuf[64];
unsigned char encbuf[64];
unsigned char decbuf[64];
const cipher_info_t *cipher_info;
cipher_context_t ctx_dec;
cipher_context_t ctx_enc;
/*
* Prepare contexts
*/
memset( &ctx_dec, 0, sizeof( ctx_dec ) );
memset( &ctx_enc, 0, sizeof( ctx_enc ) );
memset( key, 0x2a, sizeof( key ) );
/* Check and get info structures */
cipher_info = cipher_info_from_type( cipher_id );
TEST_ASSERT( NULL != cipher_info );
TEST_ASSERT( cipher_info_from_string( cipher_string ) == cipher_info );
/* Initialise enc and dec contexts */
TEST_ASSERT( 0 == cipher_init_ctx( &ctx_dec, cipher_info ) );
TEST_ASSERT( 0 == cipher_init_ctx( &ctx_enc, cipher_info ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx_dec, key, key_len, POLARSSL_DECRYPT ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx_enc, key, key_len, POLARSSL_ENCRYPT ) );
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
if( -1 != pad_mode )
{
TEST_ASSERT( 0 == cipher_set_padding_mode( &ctx_dec, pad_mode ) );
TEST_ASSERT( 0 == cipher_set_padding_mode( &ctx_enc, pad_mode ) );
}
#else
(void) pad_mode;
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
/*
* Do a few encode/decode cycles
*/
for( i = 0; i < 3; i++ )
{
memset( iv , 0x00 + i, sizeof( iv ) );
memset( ad, 0x10 + i, sizeof( ad ) );
memset( inbuf, 0x20 + i, sizeof( inbuf ) );
memset( encbuf, 0, sizeof( encbuf ) );
memset( decbuf, 0, sizeof( decbuf ) );
memset( tag, 0, sizeof( tag ) );
TEST_ASSERT( 0 == cipher_set_iv( &ctx_dec, iv, sizeof( iv ) ) );
TEST_ASSERT( 0 == cipher_set_iv( &ctx_enc, iv, sizeof( iv ) ) );
TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) );
#if defined(POLARSSL_CIPHER_MODE_AEAD)
TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) );
TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */
/* encode length number of bytes from inbuf */
TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) );
total_len = outlen;
TEST_ASSERT( total_len == length ||
( total_len % cipher_get_block_size( &ctx_enc ) == 0 &&
total_len < length &&
total_len + cipher_get_block_size( &ctx_enc ) > length ) );
TEST_ASSERT( 0 == cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) );
total_len += outlen;
#if defined(POLARSSL_CIPHER_MODE_AEAD)
TEST_ASSERT( 0 == cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */
TEST_ASSERT( total_len == length ||
( total_len % cipher_get_block_size( &ctx_enc ) == 0 &&
total_len > length &&
total_len <= length + cipher_get_block_size( &ctx_enc ) ) );
/* decode the previously encoded string */
TEST_ASSERT( 0 == cipher_update( &ctx_dec, encbuf, total_len, decbuf, &outlen ) );
total_len = outlen;
TEST_ASSERT( total_len == length ||
( total_len % cipher_get_block_size( &ctx_dec ) == 0 &&
total_len < length &&
total_len + cipher_get_block_size( &ctx_dec ) >= length ) );
TEST_ASSERT( 0 == cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) );
total_len += outlen;
#if defined(POLARSSL_CIPHER_MODE_AEAD)
TEST_ASSERT( 0 == cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */
/* check result */
TEST_ASSERT( total_len == length );
TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) );
}
/*
* Done
*/
TEST_ASSERT( 0 == cipher_free_ctx( &ctx_dec ) );
TEST_ASSERT( 0 == cipher_free_ctx( &ctx_enc ) );
}
/* END_CASE */
/* BEGIN_CASE */
void enc_fail( int cipher_id, int pad_mode, int key_len,
int length_val, int ret )
{
size_t length = length_val;
unsigned char key[32];
unsigned char iv[16];
const cipher_info_t *cipher_info;
cipher_context_t ctx;
unsigned char inbuf[64];
unsigned char encbuf[64];
size_t outlen = 0;
memset( key, 0, 32 );
memset( iv , 0, 16 );
memset( &ctx, 0, sizeof( ctx ) );
memset( inbuf, 5, 64 );
memset( encbuf, 0, 64 );
/* Check and get info structures */
cipher_info = cipher_info_from_type( cipher_id );
TEST_ASSERT( NULL != cipher_info );
/* Initialise context */
TEST_ASSERT( 0 == cipher_init_ctx( &ctx, cipher_info ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx, key, key_len, POLARSSL_ENCRYPT ) );
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
TEST_ASSERT( 0 == cipher_set_padding_mode( &ctx, pad_mode ) );
#else
(void) pad_mode;
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, 16 ) );
TEST_ASSERT( 0 == cipher_reset( &ctx ) );
#if defined(POLARSSL_CIPHER_MODE_AEAD)
TEST_ASSERT( 0 == cipher_update_ad( &ctx, NULL, 0 ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */
/* encode length number of bytes from inbuf */
TEST_ASSERT( 0 == cipher_update( &ctx, inbuf, length, encbuf, &outlen ) );
TEST_ASSERT( ret == cipher_finish( &ctx, encbuf + outlen, &outlen ) );
/* done */
TEST_ASSERT( 0 == cipher_free_ctx( &ctx ) );
}
/* END_CASE */
/* BEGIN_CASE */
void dec_empty_buf()
{
unsigned char key[32];
unsigned char iv[16];
cipher_context_t ctx_dec;
const cipher_info_t *cipher_info;
unsigned char encbuf[64];
unsigned char decbuf[64];
size_t outlen = 0;
memset( key, 0, 32 );
memset( iv , 0, 16 );
memset( &ctx_dec, 0, sizeof( ctx_dec ) );
memset( encbuf, 0, 64 );
memset( decbuf, 0, 64 );
/* Initialise context */
cipher_info = cipher_info_from_type( POLARSSL_CIPHER_AES_128_CBC );
TEST_ASSERT( NULL != cipher_info);
TEST_ASSERT( 0 == cipher_init_ctx( &ctx_dec, cipher_info ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx_dec, key, 128, POLARSSL_DECRYPT ) );
TEST_ASSERT( 0 == cipher_set_iv( &ctx_dec, iv, 16 ) );
TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
#if defined(POLARSSL_CIPHER_MODE_AEAD)
TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */
/* decode 0-byte string */
TEST_ASSERT( 0 == cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) );
TEST_ASSERT( 0 == outlen );
TEST_ASSERT( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED == cipher_finish(
&ctx_dec, decbuf + outlen, &outlen ) );
TEST_ASSERT( 0 == outlen );
TEST_ASSERT( 0 == cipher_free_ctx( &ctx_dec ) );
}
/* END_CASE */
/* BEGIN_CASE */
void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val,
int second_length_val )
{
size_t first_length = first_length_val;
size_t second_length = second_length_val;
size_t length = first_length + second_length;
unsigned char key[32];
unsigned char iv[16];
cipher_context_t ctx_dec;
cipher_context_t ctx_enc;
const cipher_info_t *cipher_info;
unsigned char inbuf[64];
unsigned char encbuf[64];
unsigned char decbuf[64];
size_t outlen = 0;
size_t totaloutlen = 0;
memset( key, 0, 32 );
memset( iv , 0, 16 );
memset( &ctx_dec, 0, sizeof( ctx_dec ) );
memset( &ctx_enc, 0, sizeof( ctx_enc ) );
memset( inbuf, 5, 64 );
memset( encbuf, 0, 64 );
memset( decbuf, 0, 64 );
/* Initialise enc and dec contexts */
cipher_info = cipher_info_from_type( cipher_id );
TEST_ASSERT( NULL != cipher_info);
TEST_ASSERT( 0 == cipher_init_ctx( &ctx_dec, cipher_info ) );
TEST_ASSERT( 0 == cipher_init_ctx( &ctx_enc, cipher_info ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx_dec, key, key_len, POLARSSL_DECRYPT ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx_enc, key, key_len, POLARSSL_ENCRYPT ) );
TEST_ASSERT( 0 == cipher_set_iv( &ctx_dec, iv, 16 ) );
TEST_ASSERT( 0 == cipher_set_iv( &ctx_enc, iv, 16 ) );
TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) );
#if defined(POLARSSL_CIPHER_MODE_AEAD)
TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) );
TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, NULL, 0 ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */
/* encode length number of bytes from inbuf */
TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) );
totaloutlen = outlen;
TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf + first_length, second_length, encbuf + totaloutlen, &outlen ) );
totaloutlen += outlen;
TEST_ASSERT( totaloutlen == length ||
( totaloutlen % cipher_get_block_size( &ctx_enc ) == 0 &&
totaloutlen < length &&
totaloutlen + cipher_get_block_size( &ctx_enc ) > length ) );
TEST_ASSERT( 0 == cipher_finish( &ctx_enc, encbuf + totaloutlen, &outlen ) );
totaloutlen += outlen;
TEST_ASSERT( totaloutlen == length ||
( totaloutlen % cipher_get_block_size( &ctx_enc ) == 0 &&
totaloutlen > length &&
totaloutlen <= length + cipher_get_block_size( &ctx_enc ) ) );
/* decode the previously encoded string */
TEST_ASSERT( 0 == cipher_update( &ctx_dec, encbuf, totaloutlen, decbuf, &outlen ) );
totaloutlen = outlen;
TEST_ASSERT( totaloutlen == length ||
( totaloutlen % cipher_get_block_size( &ctx_dec ) == 0 &&
totaloutlen < length &&
totaloutlen + cipher_get_block_size( &ctx_dec ) >= length ) );
TEST_ASSERT( 0 == cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) );
totaloutlen += outlen;
TEST_ASSERT( totaloutlen == length );
TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) );
TEST_ASSERT( 0 == cipher_free_ctx( &ctx_dec ) );
TEST_ASSERT( 0 == cipher_free_ctx( &ctx_enc ) );
}
/* END_CASE */
/* BEGIN_CASE */
void decrypt_test_vec( int cipher_id, int pad_mode,
char *hex_key, char *hex_iv,
char *hex_cipher, char *hex_clear,
char *hex_ad, char *hex_tag,
int finish_result, int tag_result )
{
unsigned char key[50];
unsigned char iv[50];
unsigned char cipher[200];
unsigned char clear[200];
unsigned char ad[200];
unsigned char tag[20];
size_t key_len, iv_len, cipher_len, clear_len;
#if defined(POLARSSL_CIPHER_MODE_AEAD)
size_t ad_len, tag_len;
#endif
cipher_context_t ctx;
unsigned char output[200];
size_t outlen, total_len;
memset( key, 0x00, sizeof( key ) );
memset( iv, 0x00, sizeof( iv ) );
memset( cipher, 0x00, sizeof( cipher ) );
memset( clear, 0x00, sizeof( clear ) );
memset( ad, 0x00, sizeof( ad ) );
memset( tag, 0x00, sizeof( tag ) );
memset( output, 0x00, sizeof( output ) );
key_len = unhexify( key, hex_key );
iv_len = unhexify( iv, hex_iv );
cipher_len = unhexify( cipher, hex_cipher );
clear_len = unhexify( clear, hex_clear );
#if defined(POLARSSL_CIPHER_MODE_AEAD)
ad_len = unhexify( ad, hex_ad );
tag_len = unhexify( tag, hex_tag );
#else
((void) hex_ad);
((void) hex_tag);
#endif
/* Prepare context */
TEST_ASSERT( 0 == cipher_init_ctx( &ctx,
cipher_info_from_type( cipher_id ) ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx, key, 8 * key_len, POLARSSL_DECRYPT ) );
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
if( pad_mode != -1 )
TEST_ASSERT( 0 == cipher_set_padding_mode( &ctx, pad_mode ) );
#else
(void) pad_mode;
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, iv_len ) );
TEST_ASSERT( 0 == cipher_reset( &ctx ) );
#if defined(POLARSSL_CIPHER_MODE_AEAD)
TEST_ASSERT( 0 == cipher_update_ad( &ctx, ad, ad_len ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */
/* decode buffer and check tag */
total_len = 0;
TEST_ASSERT( 0 == cipher_update( &ctx, cipher, cipher_len, output, &outlen ) );
total_len += outlen;
TEST_ASSERT( finish_result == cipher_finish( &ctx, output + outlen,
&outlen ) );
total_len += outlen;
#if defined(POLARSSL_CIPHER_MODE_AEAD)
TEST_ASSERT( tag_result == cipher_check_tag( &ctx, tag, tag_len ) );
#endif /* POLARSSL_CIPHER_MODE_AEAD */
/* check plaintext only if everything went fine */
if( 0 == finish_result && 0 == tag_result )
{
TEST_ASSERT( total_len == clear_len );
TEST_ASSERT( 0 == memcmp( output, clear, clear_len ) );
}
cipher_free_ctx( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_CIPHER_MODE_AEAD */
void auth_crypt_tv( int cipher_id, char *hex_key, char *hex_iv,
char *hex_ad, char *hex_cipher,
char *hex_tag, char *hex_clear )
{
int ret;
unsigned char key[50];
unsigned char iv[50];
unsigned char cipher[200];
unsigned char clear[200];
unsigned char ad[200];
unsigned char tag[20];
unsigned char my_tag[20];
size_t key_len, iv_len, cipher_len, clear_len, ad_len, tag_len;
cipher_context_t ctx;
unsigned char output[200];
size_t outlen;
memset( key, 0x00, sizeof( key ) );
memset( iv, 0x00, sizeof( iv ) );
memset( cipher, 0x00, sizeof( cipher ) );
memset( clear, 0x00, sizeof( clear ) );
memset( ad, 0x00, sizeof( ad ) );
memset( tag, 0x00, sizeof( tag ) );
memset( my_tag, 0xFF, sizeof( my_tag ) );
memset( output, 0xFF, sizeof( output ) );
key_len = unhexify( key, hex_key );
iv_len = unhexify( iv, hex_iv );
cipher_len = unhexify( cipher, hex_cipher );
ad_len = unhexify( ad, hex_ad );
tag_len = unhexify( tag, hex_tag );
/* Prepare context */
TEST_ASSERT( 0 == cipher_init_ctx( &ctx,
cipher_info_from_type( cipher_id ) ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx, key, 8 * key_len, POLARSSL_DECRYPT ) );
/* decode buffer and check tag */
ret = cipher_auth_decrypt( &ctx, iv, iv_len, ad, ad_len,
cipher, cipher_len, output, &outlen,
tag, tag_len );
/* make sure we didn't overwrite */
TEST_ASSERT( output[outlen + 0] == 0xFF );
TEST_ASSERT( output[outlen + 1] == 0xFF );
/* make sure the message is rejected if it should be */
if( strcmp( hex_clear, "FAIL" ) == 0 )
{
TEST_ASSERT( ret == POLARSSL_ERR_CIPHER_AUTH_FAILED );
goto cleanup;
}
/* otherwise, make sure it was decrypted properly */
TEST_ASSERT( ret == 0 );
clear_len = unhexify( clear, hex_clear );
TEST_ASSERT( outlen == clear_len );
TEST_ASSERT( memcmp( output, clear, clear_len ) == 0 );
/* then encrypt the clear and make sure we get the same ciphertext and tag */
memset( output, 0xFF, sizeof( output ) );
outlen = 0;
ret = cipher_auth_encrypt( &ctx, iv, iv_len, ad, ad_len,
clear, clear_len, output, &outlen,
my_tag, tag_len );
TEST_ASSERT( ret == 0 );
TEST_ASSERT( outlen == clear_len );
TEST_ASSERT( memcmp( output, cipher, clear_len ) == 0 );
TEST_ASSERT( memcmp( my_tag, tag, tag_len ) == 0 );
/* make sure we didn't overwrite */
TEST_ASSERT( output[outlen + 0] == 0xFF );
TEST_ASSERT( output[outlen + 1] == 0xFF );
TEST_ASSERT( my_tag[tag_len + 0] == 0xFF );
TEST_ASSERT( my_tag[tag_len + 1] == 0xFF );
cleanup:
cipher_free_ctx( &ctx );
}
/* END_CASE */
/* BEGIN_CASE */
void test_vec_ecb( int cipher_id, int operation, char *hex_key,
char *hex_input, char *hex_result,
int finish_result )
{
unsigned char key[50];
unsigned char input[16];
unsigned char result[16];
size_t key_len;
cipher_context_t ctx;
unsigned char output[32];
size_t outlen;
memset( key, 0x00, sizeof( key ) );
memset( input, 0x00, sizeof( input ) );
memset( result, 0x00, sizeof( result ) );
memset( output, 0x00, sizeof( output ) );
/* Prepare context */
TEST_ASSERT( 0 == cipher_init_ctx( &ctx,
cipher_info_from_type( cipher_id ) ) );
key_len = unhexify( key, hex_key );
TEST_ASSERT( unhexify( input, hex_input ) ==
(int) cipher_get_block_size( &ctx ) );
TEST_ASSERT( unhexify( result, hex_result ) ==
(int) cipher_get_block_size( &ctx ) );
TEST_ASSERT( 0 == cipher_setkey( &ctx, key, 8 * key_len, operation ) );
TEST_ASSERT( 0 == cipher_update( &ctx, input,
cipher_get_block_size( &ctx ),
output, &outlen ) );
TEST_ASSERT( outlen == cipher_get_block_size( &ctx ) );
TEST_ASSERT( finish_result == cipher_finish( &ctx, output + outlen,
&outlen ) );
TEST_ASSERT( 0 == outlen );
/* check plaintext only if everything went fine */
if( 0 == finish_result )
TEST_ASSERT( 0 == memcmp( output, result,
cipher_get_block_size( &ctx ) ) );
cipher_free_ctx( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_CIPHER_MODE_WITH_PADDING */
void set_padding( int cipher_id, int pad_mode, int ret )
{
const cipher_info_t *cipher_info;
cipher_context_t ctx;
cipher_info = cipher_info_from_type( cipher_id );
TEST_ASSERT( NULL != cipher_info );
TEST_ASSERT( 0 == cipher_init_ctx( &ctx, cipher_info ) );
TEST_ASSERT( ret == cipher_set_padding_mode( &ctx, pad_mode ) );
TEST_ASSERT( 0 == cipher_free_ctx( &ctx ) );
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_CIPHER_MODE_CBC */
void check_padding( int pad_mode, char *input_str, int ret, int dlen_check )
{
cipher_info_t cipher_info;
cipher_context_t ctx;
unsigned char input[16];
size_t ilen, dlen;
/* build a fake context just for getting access to get_padding */
memset( &ctx, 0, sizeof( ctx ) );
cipher_info.mode = POLARSSL_MODE_CBC;
ctx.cipher_info = &cipher_info;
TEST_ASSERT( 0 == cipher_set_padding_mode( &ctx, pad_mode ) );
ilen = unhexify( input, input_str );
TEST_ASSERT( ret == ctx.get_padding( input, ilen, &dlen ) );
if( 0 == ret )
TEST_ASSERT( dlen == (size_t) dlen_check );
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void cipher_selftest()
{
TEST_ASSERT( cipher_self_test( 0 ) == 0 );
}
/* END_CASE */