TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / ae59c5232274df36b1b58dd52eb74cb153829a1a / . / tests / suites / test_suite_gcm.function
blob: c00d3253fcd11e52cc1373e5b2d09955c126ccae [file] [log] [blame]
/* BEGIN_HEADER */
#include "mbedtls/gcm.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_GCM_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void gcm_bad_parameters(int cipher_id, int direction,
data_t *key_str, data_t *src_str,
data_t *iv_str, data_t *add_str,
int tag_len_bits, int gcm_result)
{
unsigned char output[128];
unsigned char tag_output[16];
mbedtls_gcm_context ctx;
size_t tag_len = tag_len_bits / 8;
mbedtls_gcm_init(&ctx);
memset(output, 0x00, sizeof(output));
memset(tag_output, 0x00, sizeof(tag_output));
TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0);
TEST_ASSERT(mbedtls_gcm_crypt_and_tag(&ctx, direction, src_str->len, iv_str->x, iv_str->len,
add_str->x, add_str->len, src_str->x, output, tag_len,
tag_output) == gcm_result);
exit:
mbedtls_gcm_free(&ctx);
}
/* END_CASE */
/* BEGIN_CASE */
void gcm_encrypt_and_tag(int cipher_id, data_t *key_str,
data_t *src_str, data_t *iv_str,
data_t *add_str, data_t *dst,
int tag_len_bits, data_t *tag,
int init_result)
{
unsigned char output[128];
unsigned char tag_output[16];
mbedtls_gcm_context ctx;
size_t tag_len = tag_len_bits / 8;
mbedtls_gcm_init(&ctx);
memset(output, 0x00, 128);
memset(tag_output, 0x00, 16);
TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == init_result);
if (init_result == 0) {
TEST_ASSERT(mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x,
iv_str->len, add_str->x, add_str->len, src_str->x,
output, tag_len, tag_output) == 0);
TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x,
src_str->len, dst->len) == 0);
TEST_ASSERT(mbedtls_test_hexcmp(tag_output, tag->x,
tag_len, tag->len) == 0);
}
exit:
mbedtls_gcm_free(&ctx);
}
/* END_CASE */
/* BEGIN_CASE */
void gcm_decrypt_and_verify(int cipher_id, data_t *key_str,
data_t *src_str, data_t *iv_str,
data_t *add_str, int tag_len_bits,
data_t *tag_str, char *result,
data_t *pt_result, int init_result)
{
unsigned char output[128];
mbedtls_gcm_context ctx;
int ret;
size_t tag_len = tag_len_bits / 8;
mbedtls_gcm_init(&ctx);
memset(output, 0x00, 128);
TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == init_result);
if (init_result == 0) {
ret = mbedtls_gcm_auth_decrypt(&ctx,
src_str->len,
iv_str->x,
iv_str->len,
add_str->x,
add_str->len,
tag_str->x,
tag_len,
src_str->x,
output);
if (strcmp("FAIL", result) == 0) {
TEST_ASSERT(ret == MBEDTLS_ERR_GCM_AUTH_FAILED);
} else {
TEST_ASSERT(ret == 0);
TEST_ASSERT(mbedtls_test_hexcmp(output, pt_result->x,
src_str->len,
pt_result->len) == 0);
}
}
exit:
mbedtls_gcm_free(&ctx);
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
void gcm_invalid_param()
{
mbedtls_gcm_context ctx;
unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES;
int valid_mode = MBEDTLS_GCM_ENCRYPT;
int valid_len = sizeof(valid_buffer);
int valid_bitlen = 128, invalid_bitlen = 1;
mbedtls_gcm_init(&ctx);
/* mbedtls_gcm_init() */
TEST_INVALID_PARAM(mbedtls_gcm_init(NULL));
/* mbedtls_gcm_setkey */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_setkey(NULL, valid_cipher, valid_buffer, valid_bitlen));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_setkey(&ctx, valid_cipher, NULL, valid_bitlen));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_setkey(&ctx, valid_cipher, valid_buffer, invalid_bitlen));
/* mbedtls_gcm_crypt_and_tag() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_crypt_and_tag(NULL, valid_mode, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
valid_len, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len,
NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
valid_len, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len,
valid_buffer, valid_len,
NULL, valid_len,
valid_buffer, valid_buffer,
valid_len, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
NULL, valid_buffer,
valid_len, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, NULL,
valid_len, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer,
valid_len, NULL));
/* mbedtls_gcm_auth_decrypt() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_auth_decrypt(NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_auth_decrypt(&ctx, valid_len,
NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_auth_decrypt(&ctx, valid_len,
valid_buffer, valid_len,
NULL, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_auth_decrypt(&ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
NULL, valid_len,
valid_buffer, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_auth_decrypt(&ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
NULL, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_auth_decrypt(&ctx, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, valid_len,
valid_buffer, NULL));
/* mbedtls_gcm_starts() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_starts(NULL, valid_mode,
valid_buffer, valid_len,
valid_buffer, valid_len));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_starts(&ctx, valid_mode,
NULL, valid_len,
valid_buffer, valid_len));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_starts(&ctx, valid_mode,
valid_buffer, valid_len,
NULL, valid_len));
/* mbedtls_gcm_update() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_update(NULL, valid_len,
valid_buffer, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_update(&ctx, valid_len,
NULL, valid_buffer));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_update(&ctx, valid_len,
valid_buffer, NULL));
/* mbedtls_gcm_finish() */
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_finish(NULL, valid_buffer, valid_len));
TEST_INVALID_PARAM_RET(
MBEDTLS_ERR_GCM_BAD_INPUT,
mbedtls_gcm_finish(&ctx, NULL, valid_len));
exit:
mbedtls_gcm_free(&ctx);
}
/* END_CASE */
/* BEGIN_CASE */
void gcm_valid_param()
{
TEST_VALID_PARAM(mbedtls_gcm_free(NULL));
exit:
return;
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
void gcm_selftest()
{
TEST_ASSERT(mbedtls_gcm_self_test(1) == 0);
}
/* END_CASE */
/* BEGIN_CASE */
void gcm_encrypt_input_output_buffer_overlap(int cipher_id, data_t *key_str,
data_t *src_str, data_t *iv_str,
data_t *add_str, data_t *dst,
int tag_len_bits, data_t *tag,
int init_result)
{
unsigned char *buffer = NULL;
size_t buffer_len;
unsigned char tag_output[16];
mbedtls_gcm_context ctx;
size_t tag_len = tag_len_bits / 8;
mbedtls_gcm_init(&ctx);
/* GCM includes padding and therefore input length can be shorter than the output length
* Therefore we must ensure we round up to the nearest 128-bits/16-bytes.
*/
buffer_len = src_str->len;
if (buffer_len % 16 != 0 || buffer_len == 0) {
buffer_len += (16 - (buffer_len % 16));
}
TEST_CALLOC(buffer, buffer_len);
memcpy(buffer, src_str->x, src_str->len);
memset(tag_output, 0x00, 16);
TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == init_result);
if (init_result == 0) {
TEST_ASSERT(mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x,
iv_str->len, add_str->x, add_str->len, buffer,
buffer, tag_len, tag_output) == 0);
TEST_ASSERT(mbedtls_test_hexcmp(buffer, dst->x,
src_str->len, dst->len) == 0);
TEST_ASSERT(mbedtls_test_hexcmp(tag_output, tag->x,
tag_len, tag->len) == 0);
}
exit:
mbedtls_free(buffer);
mbedtls_gcm_free(&ctx);
}
/* END_CASE */
/* BEGIN_CASE */
void gcm_decrypt_input_output_buffer_overlap(int cipher_id, data_t *key_str,
data_t *src_str, data_t *iv_str,
data_t *add_str, int tag_len_bits,
data_t *tag_str, char *result,
data_t *pt_result, int init_result)
{
unsigned char *buffer = NULL;
size_t buffer_len;
mbedtls_gcm_context ctx;
int ret;
size_t tag_len = tag_len_bits / 8;
mbedtls_gcm_init(&ctx);
/* GCM includes padding and therefore input length can be shorter than the output length
* Therefore we must ensure we round up to the nearest 128-bits/16-bytes.
*/
buffer_len = src_str->len;
if (buffer_len % 16 != 0 || buffer_len == 0) {
buffer_len += (16 - (buffer_len % 16));
}
TEST_CALLOC(buffer, buffer_len);
memcpy(buffer, src_str->x, src_str->len);
TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == init_result);
if (init_result == 0) {
ret = mbedtls_gcm_auth_decrypt(&ctx,
src_str->len,
iv_str->x,
iv_str->len,
add_str->x,
add_str->len,
tag_str->x,
tag_len,
buffer,
buffer);
if (strcmp("FAIL", result) == 0) {
TEST_ASSERT(ret == MBEDTLS_ERR_GCM_AUTH_FAILED);
} else {
TEST_ASSERT(ret == 0);
TEST_ASSERT(mbedtls_test_hexcmp(buffer, pt_result->x,
src_str->len,
pt_result->len) == 0);
}
}
exit:
mbedtls_free(buffer);
mbedtls_gcm_free(&ctx);
}
/* END_CASE */