mbedtls/tests/suites/test_suite_aes.function
Simon Butcher a646345e3f Add additional parameter validation tests for the AES module
This adds additional tests to validate the AES module parameter validation
checks which are enabled using the MBEDTLS_CHECK_PARAMS option.
2018-12-11 12:28:56 +01:00

408 lines
12 KiB
Plaintext

/* BEGIN_HEADER */
#include "mbedtls/aes.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_AES_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void aes_encrypt_ecb( data_t * key_str, data_t * src_str,
data_t * hex_dst_string, int setkey_result )
{
unsigned char output[100];
mbedtls_aes_context ctx;
memset(output, 0x00, 100);
TEST_FN( mbedtls_aes_init( &ctx ) );
TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
if( setkey_result == 0 )
{
TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_ENCRYPT, src_str->x, output ) == 0 );
TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
}
exit:
mbedtls_aes_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE */
void aes_decrypt_ecb( data_t * key_str, data_t * src_str,
data_t * hex_dst_string, int setkey_result )
{
unsigned char output[100];
mbedtls_aes_context ctx;
memset(output, 0x00, 100);
TEST_FN( mbedtls_aes_init( &ctx ) );
TEST_ASSERT( mbedtls_aes_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
if( setkey_result == 0 )
{
TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_DECRYPT, src_str->x, output ) == 0 );
TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
}
exit:
mbedtls_aes_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
void aes_encrypt_cbc( data_t * key_str, data_t * iv_str,
data_t * src_str, data_t * hex_dst_string,
int cbc_result )
{
unsigned char output[100];
mbedtls_aes_context ctx;
memset(output, 0x00, 100);
TEST_FN( mbedtls_aes_init( &ctx ) );
mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
if( cbc_result == 0 )
{
TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
mbedtls_aes_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
void aes_decrypt_cbc( data_t * key_str, data_t * iv_str,
data_t * src_str, data_t * hex_dst_string,
int cbc_result )
{
unsigned char output[100];
mbedtls_aes_context ctx;
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
mbedtls_aes_setkey_dec( &ctx, key_str->x, key_str->len * 8 );
TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result );
if( cbc_result == 0)
{
TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
}
exit:
mbedtls_aes_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
void aes_encrypt_xts( char *hex_key_string, char *hex_data_unit_string,
char *hex_src_string, char *hex_dst_string )
{
enum { AES_BLOCK_SIZE = 16 };
unsigned char *data_unit = NULL;
unsigned char *key = NULL;
unsigned char *src = NULL;
unsigned char *dst = NULL;
unsigned char *output = NULL;
mbedtls_aes_xts_context ctx;
size_t key_len, src_len, dst_len, data_unit_len;
mbedtls_aes_xts_init( &ctx );
data_unit = unhexify_alloc( hex_data_unit_string, &data_unit_len );
TEST_ASSERT( data_unit_len == AES_BLOCK_SIZE );
key = unhexify_alloc( hex_key_string, &key_len );
TEST_ASSERT( key_len % 2 == 0 );
src = unhexify_alloc( hex_src_string, &src_len );
dst = unhexify_alloc( hex_dst_string, &dst_len );
TEST_ASSERT( src_len == dst_len );
output = zero_alloc( dst_len );
TEST_ASSERT( mbedtls_aes_xts_setkey_enc( &ctx, key, key_len * 8 ) == 0 );
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, src_len,
data_unit, src, output ) == 0 );
TEST_ASSERT( memcmp( output, dst, dst_len ) == 0 );
exit:
mbedtls_aes_xts_free( &ctx );
mbedtls_free( data_unit );
mbedtls_free( key );
mbedtls_free( src );
mbedtls_free( dst );
mbedtls_free( output );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
void aes_decrypt_xts( char *hex_key_string, char *hex_data_unit_string,
char *hex_dst_string, char *hex_src_string )
{
enum { AES_BLOCK_SIZE = 16 };
unsigned char *data_unit = NULL;
unsigned char *key = NULL;
unsigned char *src = NULL;
unsigned char *dst = NULL;
unsigned char *output = NULL;
mbedtls_aes_xts_context ctx;
size_t key_len, src_len, dst_len, data_unit_len;
mbedtls_aes_xts_init( &ctx );
data_unit = unhexify_alloc( hex_data_unit_string, &data_unit_len );
TEST_ASSERT( data_unit_len == AES_BLOCK_SIZE );
key = unhexify_alloc( hex_key_string, &key_len );
TEST_ASSERT( key_len % 2 == 0 );
src = unhexify_alloc( hex_src_string, &src_len );
dst = unhexify_alloc( hex_dst_string, &dst_len );
TEST_ASSERT( src_len == dst_len );
output = zero_alloc( dst_len );
TEST_ASSERT( mbedtls_aes_xts_setkey_dec( &ctx, key, key_len * 8 ) == 0 );
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, src_len,
data_unit, src, output ) == 0 );
TEST_ASSERT( memcmp( output, dst, dst_len ) == 0 );
exit:
mbedtls_aes_xts_free( &ctx );
mbedtls_free( data_unit );
mbedtls_free( key );
mbedtls_free( src );
mbedtls_free( dst );
mbedtls_free( output );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
void aes_crypt_xts_size( int size, int retval )
{
mbedtls_aes_xts_context ctx;
const unsigned char *src = NULL;
unsigned char *output = NULL;
unsigned char data_unit[16];
size_t length = size;
mbedtls_aes_xts_init( &ctx );
memset( data_unit, 0x00, sizeof( data_unit ) );
/* Note that this function will most likely crash on failure, as NULL
* parameters will be used. In the passing case, the length check in
* mbedtls_aes_crypt_xts() will prevent any accesses to parameters by
* exiting the function early. */
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
void aes_crypt_xts_keysize( int size, int retval )
{
mbedtls_aes_xts_context ctx;
const unsigned char *key = NULL;
size_t key_len = size;
mbedtls_aes_xts_init( &ctx );
TEST_ASSERT( mbedtls_aes_xts_setkey_enc( &ctx, key, key_len * 8 ) == retval );
TEST_ASSERT( mbedtls_aes_xts_setkey_dec( &ctx, key, key_len * 8 ) == retval );
exit:
mbedtls_aes_xts_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
void aes_encrypt_cfb128( data_t * key_str, data_t * iv_str,
data_t * src_str, data_t * hex_dst_string )
{
unsigned char output[100];
mbedtls_aes_context ctx;
size_t iv_offset = 0;
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_ENCRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
exit:
mbedtls_aes_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
void aes_decrypt_cfb128( data_t * key_str, data_t * iv_str,
data_t * src_str, data_t * hex_dst_string )
{
unsigned char output[100];
mbedtls_aes_context ctx;
size_t iv_offset = 0;
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_DECRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
exit:
mbedtls_aes_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
void aes_encrypt_cfb8( data_t * key_str, data_t * iv_str,
data_t * src_str, data_t * hex_dst_string )
{
unsigned char output[100];
mbedtls_aes_context ctx;
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == 0 );
TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
exit:
mbedtls_aes_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
void aes_decrypt_cfb8( data_t * key_str, data_t * iv_str,
data_t * src_str, data_t * hex_dst_string )
{
unsigned char output[100];
mbedtls_aes_context ctx;
memset(output, 0x00, 100);
mbedtls_aes_init( &ctx );
mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == 0 );
TEST_ASSERT( hexcmp( output, hex_dst_string->x, src_str->len, hex_dst_string->len ) == 0 );
exit:
mbedtls_aes_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_OFB */
void aes_encrypt_ofb( int fragment_size, char *hex_key_string,
char *hex_iv_string, char *hex_src_string,
char *hex_dst_string )
{
unsigned char key_str[32];
unsigned char iv_str[16];
unsigned char src_str[64];
unsigned char dst_str[64];
unsigned char output[32];
mbedtls_aes_context ctx;
size_t iv_offset = 0;
int in_buffer_len;
unsigned char* src_str_next;
int key_len;
memset( key_str, 0x00, sizeof( key_str ) );
memset( iv_str, 0x00, sizeof( iv_str ) );
memset( src_str, 0x00, sizeof( src_str ) );
memset( dst_str, 0x00, sizeof( dst_str ) );
memset( output, 0x00, sizeof( output ) );
mbedtls_aes_init( &ctx );
TEST_ASSERT( strlen( hex_key_string ) <= ( 32 * 2 ) );
TEST_ASSERT( strlen( hex_iv_string ) <= ( 16 * 2 ) );
TEST_ASSERT( strlen( hex_src_string ) <= ( 64 * 2 ) );
TEST_ASSERT( strlen( hex_dst_string ) <= ( 64 * 2 ) );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
in_buffer_len = unhexify( src_str, hex_src_string );
TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 ) == 0 );
src_str_next = src_str;
while( in_buffer_len > 0 )
{
TEST_ASSERT( mbedtls_aes_crypt_ofb( &ctx, fragment_size, &iv_offset,
iv_str, src_str_next, output ) == 0 );
hexify( dst_str, output, fragment_size );
TEST_ASSERT( strncmp( (char *) dst_str, hex_dst_string,
( 2 * fragment_size ) ) == 0 );
in_buffer_len -= fragment_size;
hex_dst_string += ( fragment_size * 2 );
src_str_next += fragment_size;
if( in_buffer_len < fragment_size )
fragment_size = in_buffer_len;
}
exit:
mbedtls_aes_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE */
void aes_invalid_param( )
{
mbedtls_aes_context dummy_ctx;
const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) );
/* mbedtls_aes_setkey_enc() */
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_setkey_enc( NULL, key, 128 ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_setkey_enc( &dummy_ctx, NULL, 128 ) );
/* mbedtls_aes_setkey_dec() */
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_setkey_dec( NULL, key, 128 ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_setkey_dec( &dummy_ctx, NULL, 128 ) );
exit:
return;
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void aes_selftest( )
{
TEST_ASSERT( mbedtls_aes_self_test( 1 ) == 0 );
}
/* END_CASE */