Merge pull request #5344 from AndrzejKurek/psa-aead-more-generate-nonce-combinations PSA AEAD: test more combinations of generate_nonce and set_lengths

commit: a15503fcdd5ad3e1d9e3cfdab6b12f1ba33e4d0d [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jan 17 13:12:04 2022 +0100
committer: GitHub <noreply@github.com> Mon Jan 17 13:12:04 2022 +0100
tree: b876b8e98869a00ef72f2e4ccc6c5792367e078c
parent: 188ed1945622a3640d25920e063513e4369d44ce [diff]
parent: ad837528110ee5d3a6b17567ac9be9b3904f6afb [diff]
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 5aade05..90dc08e 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data

@@ -3619,6 +3619,14 @@
 depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
 aead_multipart_state_test:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E"
 
+PSA Multipart State Checks, AES - CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_state_test:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B0C":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E"
+
+PSA Multipart State Checks, AES - CHACHAPOLY
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305
+aead_multipart_state_test:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":PSA_ALG_CHACHA20_POLY1305:"000102030405060708090A0B":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E"
+
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
 signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 638a85c..cbac109 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function

@@ -4781,6 +4781,93 @@
 
     psa_aead_abort( &operation );
 
+    /* Test for generating nonce after calling set lengths */
+
+    PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
+
+    PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len,
+                                      input_data->len ) );
+
+    PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
+                                         PSA_AEAD_NONCE_MAX_SIZE,
+                                         &nonce_length ) );
+
+    psa_aead_abort( &operation );
+
+    /* Test for generating nonce after calling set lengths with UINT32_MAX length */
+
+    PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
+
+    if( operation.alg == PSA_ALG_CCM )
+    {
+        TEST_EQUAL( psa_aead_set_lengths( &operation, UINT32_MAX,
+                                          input_data->len ),
+                    PSA_ERROR_INVALID_ARGUMENT );
+        TEST_EQUAL( psa_aead_generate_nonce( &operation, nonce_buffer,
+                                             PSA_AEAD_NONCE_MAX_SIZE,
+                                             &nonce_length ),
+                    PSA_ERROR_BAD_STATE );
+    }
+    else
+    {
+        PSA_ASSERT( psa_aead_set_lengths( &operation, UINT32_MAX,
+                                          input_data->len ) );
+        PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
+                                             PSA_AEAD_NONCE_MAX_SIZE,
+                                             &nonce_length ) );
+    }
+
+    psa_aead_abort( &operation );
+
+    /* Test for generating nonce after calling set lengths with SIZE_MAX length */
+#if SIZE_MAX > UINT32_MAX
+    PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
+
+    if( operation.alg == PSA_ALG_CCM || operation.alg == PSA_ALG_GCM )
+    {
+        TEST_EQUAL( psa_aead_set_lengths( &operation, SIZE_MAX,
+                                          input_data->len ),
+                    PSA_ERROR_INVALID_ARGUMENT );
+        TEST_EQUAL( psa_aead_generate_nonce( &operation, nonce_buffer,
+                                             PSA_AEAD_NONCE_MAX_SIZE,
+                                             &nonce_length ),
+                    PSA_ERROR_BAD_STATE );
+    }
+    else
+    {
+        PSA_ASSERT( psa_aead_set_lengths( &operation, SIZE_MAX,
+                                          input_data->len ) );
+        PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
+                                             PSA_AEAD_NONCE_MAX_SIZE,
+                                             &nonce_length ) );
+    }
+
+    psa_aead_abort( &operation );
+#endif
+
+    /* Test for calling set lengths with a length too long, after generating nonce */
+
+    PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
+
+    PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
+                                         PSA_AEAD_NONCE_MAX_SIZE,
+                                         &nonce_length ) );
+
+    if( operation.alg == PSA_ALG_CCM )
+    {
+        TEST_EQUAL( psa_aead_set_lengths( &operation, UINT32_MAX,
+                                          input_data->len ),
+                    PSA_ERROR_INVALID_ARGUMENT );
+    }
+    else
+    {
+        PSA_ASSERT( psa_aead_set_lengths( &operation, UINT32_MAX,
+                                          input_data->len ) );
+    }
+
+    psa_aead_abort( &operation );
+
+
     /* ------------------------------------------------------- */
 
     PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
@@ -4820,19 +4907,28 @@
 
     psa_aead_abort( &operation );
 
-    /* Test for setting lengths after already starting data. */
+    /* Test for setting lengths after setting nonce + already starting data. */
 
     PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
 
     PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
 
-    PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x,
-                                    additional_data->len ) );
+    if( operation.alg == PSA_ALG_CCM )
+    {
 
-    TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
-                                      input_data->len ),
-                PSA_ERROR_BAD_STATE );
+        TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x,
+                                        additional_data->len ),
+                    PSA_ERROR_BAD_STATE );
+    }
+    else
+    {
+        PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x,
+                                        additional_data->len ) );
 
+        TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
+                                          input_data->len ),
+                    PSA_ERROR_BAD_STATE );
+    }
     psa_aead_abort( &operation );
 
     /* ------------------------------------------------------- */
@@ -4841,14 +4937,133 @@
 
     PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
 
-    PSA_ASSERT( psa_aead_update( &operation, input_data->x,
-                                 input_data->len, output_data,
-                                 output_size, &output_length ) );
+    if( operation.alg == PSA_ALG_CCM )
+    {
+        TEST_EQUAL( psa_aead_update( &operation, input_data->x,
+                                     input_data->len, output_data,
+                                     output_size, &output_length ),
+                    PSA_ERROR_BAD_STATE );
 
-    TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
-                                      input_data->len ),
-                PSA_ERROR_BAD_STATE );
+    }
+    else
+    {
+        PSA_ASSERT( psa_aead_update( &operation, input_data->x,
+                                     input_data->len, output_data,
+                                     output_size, &output_length ) );
 
+        TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
+                                          input_data->len ),
+                    PSA_ERROR_BAD_STATE );
+    }
+    psa_aead_abort( &operation );
+
+    /* ------------------------------------------------------- */
+
+    PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
+
+    PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
+
+    if( operation.alg == PSA_ALG_CCM )
+    {
+        PSA_ASSERT( psa_aead_finish( &operation, final_data,
+                                     finish_output_size,
+                                     &output_part_length,
+                                     tag_buffer, tag_length,
+                                     &tag_size ) );
+    }
+    else
+    {
+        PSA_ASSERT( psa_aead_finish( &operation, final_data,
+                                     finish_output_size,
+                                     &output_part_length,
+                                     tag_buffer, tag_length,
+                                     &tag_size ) );
+
+        TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
+                                          input_data->len ),
+                    PSA_ERROR_BAD_STATE );
+    }
+    psa_aead_abort( &operation );
+
+    /* Test for setting lengths after generating nonce + already starting data. */
+
+    PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
+
+    PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
+                                         PSA_AEAD_NONCE_MAX_SIZE,
+                                         &nonce_length ) );
+    if( operation.alg == PSA_ALG_CCM )
+    {
+
+        TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x,
+                                        additional_data->len ),
+                    PSA_ERROR_BAD_STATE );
+    }
+    else
+    {
+        PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x,
+                                        additional_data->len ) );
+
+        TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
+                                          input_data->len ),
+                    PSA_ERROR_BAD_STATE );
+    }
+    psa_aead_abort( &operation );
+
+    /* ------------------------------------------------------- */
+
+    PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
+
+    PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
+                                         PSA_AEAD_NONCE_MAX_SIZE,
+                                         &nonce_length ) );
+    if( operation.alg == PSA_ALG_CCM )
+    {
+        TEST_EQUAL( psa_aead_update( &operation, input_data->x,
+                                     input_data->len, output_data,
+                                     output_size, &output_length ),
+                    PSA_ERROR_BAD_STATE );
+
+    }
+    else
+    {
+        PSA_ASSERT( psa_aead_update( &operation, input_data->x,
+                                     input_data->len, output_data,
+                                     output_size, &output_length ) );
+
+        TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
+                                          input_data->len ),
+                    PSA_ERROR_BAD_STATE );
+    }
+    psa_aead_abort( &operation );
+
+    /* ------------------------------------------------------- */
+
+    PSA_ASSERT( psa_aead_encrypt_setup( &operation, key, alg ) );
+
+    PSA_ASSERT( psa_aead_generate_nonce( &operation, nonce_buffer,
+                                         PSA_AEAD_NONCE_MAX_SIZE,
+                                         &nonce_length ) );
+    if( operation.alg == PSA_ALG_CCM )
+    {
+        PSA_ASSERT( psa_aead_finish( &operation, final_data,
+                                     finish_output_size,
+                                     &output_part_length,
+                                     tag_buffer, tag_length,
+                                     &tag_size ) );
+    }
+    else
+    {
+        PSA_ASSERT( psa_aead_finish( &operation, final_data,
+                                     finish_output_size,
+                                     &output_part_length,
+                                     tag_buffer, tag_length,
+                                     &tag_size ) );
+
+        TEST_EQUAL( psa_aead_set_lengths( &operation, additional_data->len,
+                                          input_data->len ),
+                    PSA_ERROR_BAD_STATE );
+    }
     psa_aead_abort( &operation );
 
     /* Test for not sending any additional data or data after setting non zero
@@ -5004,14 +5219,16 @@
 
     PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
 
-    PSA_ASSERT( psa_aead_update( &operation, input_data->x,
-                                 input_data->len, output_data,
-                                 output_size, &output_length ) );
+    if( operation.alg != PSA_ALG_CCM )
+    {
+        PSA_ASSERT( psa_aead_update( &operation, input_data->x,
+                                     input_data->len, output_data,
+                                     output_size, &output_length ) );
 
-    TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x,
-                                    additional_data->len ),
-                PSA_ERROR_BAD_STATE );
-
+        TEST_EQUAL( psa_aead_update_ad( &operation, additional_data->x,
+                                        additional_data->len ),
+                    PSA_ERROR_BAD_STATE );
+    }
     psa_aead_abort( &operation );
 
     /* Test calling finish on decryption. */
commit	a15503fcdd5ad3e1d9e3cfdab6b12f1ba33e4d0d	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Mon Jan 17 13:12:04 2022 +0100
committer	GitHub <noreply@github.com>	Mon Jan 17 13:12:04 2022 +0100
tree	b876b8e98869a00ef72f2e4ccc6c5792367e078c
parent	188ed1945622a3640d25920e063513e4369d44ce [diff]
parent	ad837528110ee5d3a6b17567ac9be9b3904f6afb [diff]