Merge pull request #6383 from mprse/aead_driver_test

Enable testing of AEAD drivers with libtestdriver1
2025-07-28 00:21:48 +03:00 · 2022-10-14 11:11:01 +02:00
parent 49e4184812 072fad12d9
commit b3c30907d6
9 changed files with 163 additions and 69 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -3705,39 +3705,34 @@ exit:
    return( status );
 }

-static psa_status_t psa_validate_tag_length( psa_aead_operation_t *operation,
-                                             psa_algorithm_t alg ) {
-    uint8_t tag_len = 0;
-    if( psa_driver_get_tag_len( operation, &tag_len ) != PSA_SUCCESS )
-    {
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    }
+static psa_status_t psa_validate_tag_length( psa_algorithm_t alg ) {
+    const uint8_t tag_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg );

    switch( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) )
    {
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+#if defined(PSA_WANT_ALG_CCM)
        case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
            /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.*/
            if( tag_len < 4 || tag_len > 16 || tag_len % 2 )
                return( PSA_ERROR_INVALID_ARGUMENT );
            break;
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+#endif /* PSA_WANT_ALG_CCM */

-#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+#if defined(PSA_WANT_ALG_GCM)
        case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
            /* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16. */
            if( tag_len != 4 && tag_len != 8 && ( tag_len < 12 || tag_len > 16 ) )
                return( PSA_ERROR_INVALID_ARGUMENT );
            break;
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#endif /* PSA_WANT_ALG_GCM */

-#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
        case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
            /* We only support the default tag length. */
            if( tag_len != 16 )
                return( PSA_ERROR_INVALID_ARGUMENT );
            break;
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */

        default:
            (void) tag_len;
@ -3788,6 +3783,9 @@ static psa_status_t psa_aead_setup( psa_aead_operation_t *operation,
        .core = slot->attr
    };

+    if( ( status = psa_validate_tag_length( alg ) ) != PSA_SUCCESS )
+        goto exit;
+
    if( is_encrypt )
        status = psa_driver_wrapper_aead_encrypt_setup( operation,
                                                        &attributes,
@ -3803,9 +3801,6 @@ static psa_status_t psa_aead_setup( psa_aead_operation_t *operation,
    if( status != PSA_SUCCESS )
        goto exit;

-    if( ( status = psa_validate_tag_length( operation, alg ) ) != PSA_SUCCESS )
-        goto exit;
-
    operation->key_type = psa_get_key_type( &attributes );

 exit:
--- a/library/psa_crypto_aead.c
+++ b/library/psa_crypto_aead.c
@ -45,7 +45,6 @@ static psa_status_t psa_aead_setup(
    size_t key_bits;
    const mbedtls_cipher_info_t *cipher_info;
    mbedtls_cipher_id_t cipher_id;
-    size_t full_tag_length = 0;

    ( void ) key_buffer_size;

@ -62,7 +61,6 @@ static psa_status_t psa_aead_setup(
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
        case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
            operation->alg = PSA_ALG_CCM;
-            full_tag_length = 16;
            /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
             * The call to mbedtls_ccm_encrypt_and_tag or
             * mbedtls_ccm_auth_decrypt will validate the tag length. */
@ -81,7 +79,6 @@ static psa_status_t psa_aead_setup(
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
        case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
            operation->alg = PSA_ALG_GCM;
-            full_tag_length = 16;
            /* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
             * The call to mbedtls_gcm_crypt_and_tag or
             * mbedtls_gcm_auth_decrypt will validate the tag length. */
@ -100,7 +97,6 @@ static psa_status_t psa_aead_setup(
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
        case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
            operation->alg = PSA_ALG_CHACHA20_POLY1305;
-            full_tag_length = 16;
            /* We only support the default tag length. */
            if( alg != PSA_ALG_CHACHA20_POLY1305 )
                return( PSA_ERROR_NOT_SUPPORTED );
@ -120,16 +116,9 @@ static psa_status_t psa_aead_setup(
            return( PSA_ERROR_NOT_SUPPORTED );
    }

-    if( PSA_AEAD_TAG_LENGTH( attributes->core.type,
-                             key_bits, alg )
-        > full_tag_length )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
    operation->key_type = psa_get_key_type( attributes );

-    operation->tag_length = PSA_AEAD_TAG_LENGTH( operation->key_type,
-                                                 key_bits,
-                                                 alg );
+    operation->tag_length = PSA_ALG_AEAD_GET_TAG_LENGTH( alg );

    return( PSA_SUCCESS );
 }
--- a/library/psa_crypto_driver_wrappers.h
+++ b/library/psa_crypto_driver_wrappers.h
@ -226,10 +226,6 @@ psa_status_t psa_driver_wrapper_aead_decrypt(
    const uint8_t *ciphertext, size_t ciphertext_length,
    uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length );

-psa_status_t psa_driver_get_tag_len(
-    psa_aead_operation_t *operation,
-    uint8_t *tag_len );
-
 psa_status_t psa_driver_wrapper_aead_encrypt_setup(
    psa_aead_operation_t *operation,
    const psa_key_attributes_t *attributes,