cipher_alg_without_iv: also test multipart decryption
For multipart encrpytion, call psa_cipher_finish(). This is not actually
necessary for non-pathological implementations of ECB (the only currently
supported IV-less cipher algorithm) because it requires the input to be a
whole number of blocks and non-pathological implementations emit the output
block from update() as soon as an input block is available. But in principle
a driver could delay output and thus require a call to finish().
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index f67230d..e2bff04 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3312,10 +3312,9 @@
psa_algorithm_t alg = alg_arg;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
uint8_t iv[1] = { 0x5a };
- size_t iv_length;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
- size_t output_length;
+ size_t output_length, length;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
PSA_ASSERT( psa_crypto_init( ) );
@@ -3353,13 +3352,49 @@
/* generate_iv() is not allowed */
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
TEST_EQUAL( psa_cipher_generate_iv( &operation, iv, sizeof( iv ),
- &iv_length ),
+ &length ),
PSA_ERROR_BAD_STATE );
PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
TEST_EQUAL( psa_cipher_generate_iv( &operation, iv, sizeof( iv ),
- &iv_length ),
+ &length ),
PSA_ERROR_BAD_STATE );
+ /* Multipart encryption */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
+ output_length = 0;
+ length = ~0;
+ PSA_ASSERT( psa_cipher_update( &operation,
+ plaintext->x, plaintext->len,
+ output, output_buffer_size,
+ &length ) );
+ TEST_ASSERT( length <= output_buffer_size );
+ output_length += length;
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ output + output_length,
+ output_buffer_size - output_length,
+ &length ) );
+ output_length += length;
+ ASSERT_COMPARE( ciphertext->x, ciphertext->len,
+ output, output_length );
+
+ /* Multipart encryption */
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
+ output_length = 0;
+ length = ~0;
+ PSA_ASSERT( psa_cipher_update( &operation,
+ ciphertext->x, ciphertext->len,
+ output, output_buffer_size,
+ &length ) );
+ TEST_ASSERT( length <= output_buffer_size );
+ output_length += length;
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ output + output_length,
+ output_buffer_size - output_length,
+ &length ) );
+ output_length += length;
+ ASSERT_COMPARE( plaintext->x, plaintext->len,
+ output, output_length );
+
/* One-shot encryption */
output_length = ~0;
PSA_ASSERT( psa_cipher_encrypt( key, alg, plaintext->x, plaintext->len,
@@ -3376,17 +3411,6 @@
ASSERT_COMPARE( plaintext->x, plaintext->len,
output, output_length );
- /* Encrypt, multi-part */
- PSA_ASSERT( psa_cipher_abort( &operation ) );
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-
- PSA_ASSERT( psa_cipher_update( &operation, input->x, input->len,
- output, output_buffer_size,
- &output_length) );
-
- ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, output_length );
-
exit:
PSA_ASSERT( psa_cipher_abort( &operation ) );
mbedtls_free( output );