TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 33ca6af8a3bd770cb454793b9f6fc52e5d43bb21^! / . / tests / suites / test_suite_cipher.function
commit33ca6af8a3bd770cb454793b9f6fc52e5d43bb21[log] [tgz]
authorAndrzej Kurek <Andrzej.Kurek@arm.com>Wed Dec 01 21:58:05 2021 +0100
committerAndrzej Kurek <Andrzej.Kurek@arm.com>Fri Jan 14 16:31:54 2022 +0100
tree78c2db88b888b4ada5ffaa06aa963137bc4890fe
parentce8a6173f754d7df0945cf867f480cba629aa545 [diff] [blame]
Return an error for IV lengths other than 12 with ChaCha20

The implementation was silently overwriting the IV length to 12
even though the caller passed a different value.
Change the behavior to signal that a different length is not supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index fd2985b..c837a69 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function

@@ -442,6 +442,8 @@
     if( NULL != strstr( cipher_info->name, "CCM*-NO-TAG") )
         iv_len = 13; /* For CCM, IV length is expected to be between 7 and 13 bytes.
                       * For CCM*-NO-TAG, IV length must be exactly 13 bytes long. */
+    else if( cipher_info->type == MBEDTLS_CIPHER_CHACHA20 )
+        iv_len = 12;
     else
         iv_len = sizeof(iv);
 
@@ -689,6 +691,8 @@
     if( NULL != strstr( cipher_info->name, "CCM*-NO-TAG") )
         iv_len = 13; /* For CCM, IV length is expected to be between 7 and 13 bytes.
                       * For CCM*-NO-TAG, IV length must be exactly 13 bytes long. */
+    else if( cipher_info->type == MBEDTLS_CIPHER_CHACHA20 )
+        iv_len = 12;
     else
         iv_len = sizeof(iv);
 
@@ -1130,3 +1134,40 @@
         TEST_ASSERT( dlen == (size_t) dlen_check );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void check_iv( int cipher_id, char * cipher_string,
+               int iv_len_val, int ret )
+{
+    size_t iv_len = iv_len_val;
+    unsigned char iv[16];
+
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_cipher_context_t ctx_dec;
+    mbedtls_cipher_context_t ctx_enc;
+
+    /*
+     * Prepare contexts
+     */
+    mbedtls_cipher_init( &ctx_dec );
+    mbedtls_cipher_init( &ctx_enc );
+
+    /* Check and get info structures */
+    cipher_info = mbedtls_cipher_info_from_type( cipher_id );
+    TEST_ASSERT( NULL != cipher_info );
+    TEST_ASSERT( mbedtls_cipher_info_from_string( cipher_string ) == cipher_info );
+    TEST_ASSERT( strcmp( mbedtls_cipher_info_get_name( cipher_info ),
+                         cipher_string ) == 0 );
+
+    /* Initialise enc and dec contexts */
+    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
+    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) );
+
+    TEST_ASSERT( ret == mbedtls_cipher_set_iv( &ctx_dec, iv, iv_len ) );
+    TEST_ASSERT( ret == mbedtls_cipher_set_iv( &ctx_enc, iv, iv_len ) );
+
+exit:
+    mbedtls_cipher_free( &ctx_dec );
+    mbedtls_cipher_free( &ctx_enc );
+}
+/* END_CASE */