mirror of
				https://github.com/Mbed-TLS/mbedtls.git
				synced 2025-10-26 00:37:41 +03:00 
			
		
		
		
	Add state checks for multipart AEAD
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
		| @@ -2394,6 +2394,10 @@ PSA Multipart Nonce Generation: ChaCha20 - Poly1305, IV = 0 | ||||
| depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 | ||||
| aead_multipart_generate_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:0:PSA_ERROR_BUFFER_TOO_SMALL | ||||
|  | ||||
| PSA Multipart State Checks, AES - GCM | ||||
| depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES | ||||
| aead_multipart_state_test:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E" | ||||
|  | ||||
| PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw | ||||
| depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR | ||||
| signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 | ||||
|   | ||||
| @@ -4193,6 +4193,288 @@ exit: | ||||
| } | ||||
| /* END_CASE */ | ||||
|  | ||||
| /* BEGIN_CASE */ | ||||
| void aead_multipart_state_test( int key_type_arg, data_t *key_data, | ||||
|                                 int alg_arg, | ||||
|                                 data_t *nonce, | ||||
|                                 data_t *additional_data, | ||||
|                                 data_t *input_data ) | ||||
| { | ||||
|     mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; | ||||
|     psa_key_type_t key_type = key_type_arg; | ||||
|     psa_algorithm_t alg = alg_arg; | ||||
|     psa_aead_operation_t operation; | ||||
|     unsigned char *output_data = NULL; | ||||
|     unsigned char *final_data = NULL; | ||||
|     size_t output_size = 0; | ||||
|     size_t finish_output_size = 0; | ||||
|     size_t output_length = 0; | ||||
|     size_t key_bits = 0; | ||||
|     size_t tag_length = 0; | ||||
|     size_t tag_size = 0; | ||||
|     size_t nonce_length = 0; | ||||
|     uint8_t nonce_buffer[PSA_AEAD_NONCE_MAX_SIZE]; | ||||
|     uint8_t tag_buffer[PSA_AEAD_TAG_MAX_SIZE]; | ||||
|     size_t output_part_length = 0; | ||||
|     psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; | ||||
|  | ||||
|     PSA_ASSERT( psa_crypto_init( ) ); | ||||
|  | ||||
|     psa_set_key_usage_flags( & attributes, | ||||
|                              PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); | ||||
|     psa_set_key_algorithm( & attributes, alg ); | ||||
|     psa_set_key_type( & attributes, key_type ); | ||||
|  | ||||
|     PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, | ||||
|                                 &key ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); | ||||
|     key_bits = psa_get_key_bits( &attributes ); | ||||
|  | ||||
|     tag_length = PSA_AEAD_TAG_LENGTH( key_type, key_bits, alg ); | ||||
|  | ||||
|     TEST_ASSERT( tag_length <= PSA_AEAD_TAG_MAX_SIZE ); | ||||
|  | ||||
|     output_size = PSA_AEAD_UPDATE_OUTPUT_SIZE( key_type, alg, input_data->len ); | ||||
|  | ||||
|     ASSERT_ALLOC( output_data, output_size ); | ||||
|  | ||||
|     finish_output_size = PSA_AEAD_FINISH_OUTPUT_SIZE( key_type, alg ); | ||||
|  | ||||
|     TEST_ASSERT( finish_output_size <= PSA_AEAD_FINISH_OUTPUT_MAX_SIZE ); | ||||
|  | ||||
|     ASSERT_ALLOC( final_data, finish_output_size ); | ||||
|  | ||||
|     /* Test all operations error without calling setup first. */ | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_set_nonce( &operation, nonce->x, nonce->len ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_generate_nonce( &operation, nonce_buffer, | ||||
|                                          PSA_AEAD_NONCE_MAX_SIZE, | ||||
|                                          &nonce_length ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, | ||||
|                                       input_data->len ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x, | ||||
|                                     additional_data->len ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_update( &operation, input_data->x, | ||||
|                                  input_data->len, output_data, | ||||
|                                  output_size, &output_length ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_finish( &operation, final_data, | ||||
|                                  finish_output_size, | ||||
|                                  &output_part_length, | ||||
|                                  tag_buffer, tag_length, | ||||
|                                  &tag_size ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_verify( &operation, final_data, | ||||
|                                  finish_output_size, | ||||
|                                  &output_part_length, | ||||
|                                  tag_buffer, | ||||
|                                  tag_length ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     /* Test for double setups. */ | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_encrypt_setup( &operation, key, alg ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_decrypt_setup( &operation, key, alg ) ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_decrypt_setup( &operation, key, alg ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     /* Test for not setting a nonce. */ | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x, | ||||
|                                     additional_data->len ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     /* Test for double setting nonce. */ | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_set_nonce( &operation, nonce->x, nonce->len ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     /* Test for setting lengths twice. */ | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, | ||||
|                                       input_data->len ) ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, | ||||
|                                       input_data->len ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     /* Test for setting lengths after already starting data. */ | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_update( &operation, input_data->x, | ||||
|                                  input_data->len, output_data, | ||||
|                                  output_size, &output_length ) ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len, | ||||
|                                       input_data->len ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     /* Test for not sending any additional data or data (encrypt) */ | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, | ||||
|                                       input_data->len ) ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_finish( &operation, final_data, | ||||
|                                  finish_output_size, | ||||
|                                  &output_part_length, | ||||
|                                  tag_buffer, tag_length, | ||||
|                                  &tag_size ), | ||||
|                 PSA_ERROR_INVALID_ARGUMENT ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     /* Test for not sending any additional data or data (decrypt) */ | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_decrypt_setup( &operation, key, alg ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, | ||||
|                                       input_data->len ) ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_verify( &operation, final_data, | ||||
|                                  finish_output_size, | ||||
|                                  &output_part_length, | ||||
|                                  tag_buffer, | ||||
|                                  tag_length ), | ||||
|                 PSA_ERROR_INVALID_ARGUMENT ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     /* Test for not sending any additional data. */ | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, | ||||
|                                       input_data->len ) ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_update( &operation, input_data->x, | ||||
|                                  input_data->len, output_data, | ||||
|                                  output_size, &output_length ), | ||||
|                 PSA_ERROR_INVALID_ARGUMENT ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
|     /* Test sending additional data after data. */ | ||||
|  | ||||
|     operation = psa_aead_operation_init( ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); | ||||
|  | ||||
|     PSA_ASSERT( psa_aead_update( &operation, input_data->x, | ||||
|                                  input_data->len, output_data, | ||||
|                                  output_size, &output_length ) ); | ||||
|  | ||||
|     TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x, | ||||
|                                     additional_data->len ), | ||||
|                 PSA_ERROR_BAD_STATE ); | ||||
|  | ||||
|     psa_aead_abort( &operation ); | ||||
|  | ||||
| exit: | ||||
|     psa_destroy_key( key ); | ||||
|     psa_aead_abort( &operation ); | ||||
|     mbedtls_free( output_data ); | ||||
|     mbedtls_free( final_data ); | ||||
|     PSA_DONE( ); | ||||
| } | ||||
| /* END_CASE */ | ||||
|  | ||||
| /* BEGIN_CASE */ | ||||
| void signature_size( int type_arg, | ||||
|                      int bits, | ||||
|   | ||||
		Reference in New Issue
	
	Block a user