lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-01 10:06:53 +03:00
Code Activity

Add Cipher module parameter validation

Browse Source
This commit is contained in:
Krzysztof Stachowiak
2018-12-17 10:20:30 +01:00
committed by k-stachowiak
parent 54b789aa74
commit e0215d7869
5 changed files with 441 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tests/CMakeLists.txt
View File

@ -72,6 +72,7 @@ add_test_suite(cipher cipher.chacha20)
add_test_suite(cipher cipher.chachapoly)
add_test_suite(cipher cipher.des)
add_test_suite(cipher cipher.gcm)
add_test_suite(cipher cipher.misc)
add_test_suite(cipher cipher.null)
add_test_suite(cipher cipher.padding)
add_test_suite(cmac)

258
tests/suites/test_suite_cipher.function
View File

@ -91,6 +91,264 @@ void cipher_null_args( )
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
void cipher_invalid_param( )
{
mbedtls_cipher_context_t invalid_ctx;
mbedtls_cipher_context_t valid_ctx;
mbedtls_operation_t invalid_operation = 100;
mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
int valid_size = sizeof(valid_buffer);
int valid_bitlen = valid_size * 8;
size_t size_t_var;
/* mbedtls_cipher_init() */
TEST_VALID_PARAM( mbedtls_cipher_init( &invalid_ctx ) );
TEST_VALID_PARAM( mbedtls_cipher_init( &valid_ctx ) );
TEST_INVALID_PARAM( mbedtls_cipher_init( NULL ) );
/* mbedtls_cipher_setkey() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_setkey( &valid_ctx,
valid_buffer,
valid_bitlen,
invalid_operation ) );
/* mbedtls_cipher_set_padding_mode() */
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_set_padding_mode( NULL, valid_mode ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_set_padding_mode( &invalid_ctx,
valid_mode ) );
/* mbedtls_cipher_update() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_update( &valid_ctx,
NULL, valid_size,
valid_buffer,
&size_t_var ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_update( &valid_ctx,
valid_buffer, valid_size,
NULL,
&size_t_var ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_update( &valid_ctx,
valid_buffer, valid_size,
valid_buffer,
NULL ) );
/* mbedtls_cipher_finish() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_finish( &valid_ctx,
NULL,
&size_t_var ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_finish( &valid_ctx,
valid_buffer,
NULL ) );
/* mbedtls_cipher_write_tag() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_write_tag( &valid_ctx,
NULL,
valid_size ) );
/* mbedtls_cipher_check_tag() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_check_tag( &valid_ctx,
NULL,
valid_size ) );
/* mbedtls_cipher_crypt() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_crypt( NULL,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_crypt( &invalid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_crypt( &valid_ctx,
NULL, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_crypt( &valid_ctx,
valid_buffer, valid_size,
NULL, valid_size,
valid_buffer, &size_t_var ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_crypt( &valid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
NULL, &size_t_var ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_crypt( &valid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, NULL ) );
/* mbedtls_cipher_auth_encrypt() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_encrypt( NULL,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_encrypt( &invalid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_encrypt( &valid_ctx,
NULL, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_encrypt( &valid_ctx,
valid_buffer, valid_size,
NULL, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_encrypt( &valid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
NULL, valid_size,
valid_buffer, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_encrypt( &valid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
NULL, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_encrypt( &valid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, NULL,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_encrypt( &valid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var,
NULL, valid_size ) );
/* mbedtls_cipher_auth_decrypt() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_decrypt( NULL,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_decrypt( &invalid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_decrypt( &valid_ctx,
NULL, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_decrypt( &valid_ctx,
valid_buffer, valid_size,
NULL, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_decrypt( &valid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
NULL, valid_size,
valid_buffer, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_decrypt( &valid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
NULL, &size_t_var,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_decrypt( &valid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, NULL,
valid_buffer, valid_size ) );
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
mbedtls_cipher_auth_decrypt( &valid_ctx,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, valid_size,
valid_buffer, &size_t_var,
NULL, valid_size ) );
/* mbedtls_cipher_free() */
TEST_VALID_PARAM( mbedtls_cipher_free( NULL ) );
exit:
TEST_VALID_PARAM( mbedtls_cipher_free( &invalid_ctx ) );
TEST_VALID_PARAM( mbedtls_cipher_free( &valid_ctx ) );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
void cipher_special_behaviours( )
{

2
tests/suites/test_suite_cipher.misc.data Normal file
View File

@ -0,0 +1,2 @@
CIPHER - Invalid parameters
cipher_invalid_param: