TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 346b8d5050dd66875d1ae15ebff94b25b9694092^! / . / tests
commit346b8d5050dd66875d1ae15ebff94b25b9694092[log] [tgz]
authorManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Mon May 07 12:56:36 2018 +0200
committerManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Thu May 24 13:37:31 2018 +0200
tree78abb510aacea8342196b4f4ba99a6631175d509
parent56206c4db19f472b8429e71d3ae2570072bb5dac [diff]
chachapoly: split crypt_and_mac() to match GCM API

In addition to making the APIs of the various AEAD modules more consistent
with each other, it's useful to have an auth_decrypt() function so that we can
safely check the tag ourselves, as the user might otherwise do it in an
insecure way (or even forget to do it altogether).

diff --git a/tests/suites/test_suite_chachapoly.function b/tests/suites/test_suite_chachapoly.function
index fb1a738..b205c4c 100644
--- a/tests/suites/test_suite_chachapoly.function
+++ b/tests/suites/test_suite_chachapoly.function

@@ -24,6 +24,7 @@
     size_t key_len;
     size_t nonce_len;
     size_t mac_len;
+    mbedtls_chachapoly_context ctx;
 
     memset( key_str,     0x00, 32    );
     memset( nonce_str,   0x00, 12    );
@@ -43,14 +44,21 @@
     TEST_ASSERT( nonce_len == 12 );
     TEST_ASSERT( mac_len   == 16 );
 
-    mbedtls_chachapoly_crypt_and_mac( key_str, nonce_str,
+    mbedtls_chachapoly_init( &ctx );
+
+    mbedtls_chachapoly_setkey( &ctx, key_str );
+
+    mbedtls_chachapoly_crypt_and_tag( &ctx,
                                       MBEDTLS_CHACHAPOLY_ENCRYPT,
-                                      aad_len, aad_str,
-                                      input_len, input_str, output,
-                                      mac );
+                                      input_len, nonce_str,
+                                      aad_str, aad_len,
+                                      input_str, output, mac );
 
     TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
     TEST_ASSERT( memcmp( mac_str, mac, 16U ) == 0 );
+
+exit:
+    mbedtls_chachapoly_free( &ctx );
 }
 /* END_CASE */
 
@@ -64,13 +72,14 @@
     unsigned char output_str[10000];
     unsigned char mac_str[16];
     unsigned char output[10000];
-    unsigned char mac[16];
     size_t input_len;
     size_t output_len;
     size_t aad_len;
     size_t key_len;
     size_t nonce_len;
     size_t mac_len;
+    int ret;
+    mbedtls_chachapoly_context ctx;
 
     memset( key_str,     0x00, 32    );
     memset( nonce_str,   0x00, 12    );
@@ -90,14 +99,20 @@
     TEST_ASSERT( nonce_len == 12 );
     TEST_ASSERT( mac_len   == 16 );
 
-    mbedtls_chachapoly_crypt_and_mac( key_str, nonce_str,
-                                      MBEDTLS_CHACHAPOLY_DECRYPT,
-                                      aad_len, aad_str,
-                                      input_len, input_str, output,
-                                      mac );
+    mbedtls_chachapoly_init( &ctx );
 
+    mbedtls_chachapoly_setkey( &ctx, key_str );
+
+    ret = mbedtls_chachapoly_auth_decrypt( &ctx,
+                                           input_len, nonce_str,
+                                           aad_str, aad_len,
+                                           mac_str, input_str, output );
+
+    TEST_ASSERT( ret == 0 );
     TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
-    TEST_ASSERT( memcmp( mac_str, mac, 16U ) == 0 );
+
+exit:
+    mbedtls_chachapoly_free( &ctx );
 }
 /* END_CASE */