aes: validate keys using crc before encryption/decryption
CRC is calculated when the key is set. This commit also adds new tests
for ecb encryption and decryption, simulating a fault injection after the key is set.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 0a3415e..1a00ca0 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -67,6 +67,7 @@
endif(MSVC)
add_test_suite(aes aes.ecb)
+add_test_suite(aes aes.ecb.crc)
add_test_suite(aes aes.cbc)
add_test_suite(aes aes.cfb)
add_test_suite(aes aes.ofb)
diff --git a/tests/suites/test_suite_aes.ecb.crc.data b/tests/suites/test_suite_aes.ecb.crc.data
new file mode 100644
index 0000000..cd42620
--- /dev/null
+++ b/tests/suites/test_suite_aes.ecb.crc.data
@@ -0,0 +1,46 @@
+AES-128-ECB Encrypt NIST KAT #1 good CRC
+aes_encrypt_ecb_crc:"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:0:1
+
+AES-128-ECB Encrypt NIST KAT #1 bad CRC
+aes_encrypt_ecb_crc:"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"00000000000000000000000000000000":42:MBEDTLS_ERR_PLATFORM_FAULT_DETECTED:0
+
+AES-128-ECB Decrypt NIST KAT #1 good CRC
+depends_on:!MBEDTLS_AES_ONLY_ENCRYPT
+aes_decrypt_ecb_crc:"00000000000000000000000000000000":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":614:0:1
+
+AES-128-ECB Decrypt NIST KAT #1 bad CRC
+depends_on:!MBEDTLS_AES_ONLY_ENCRYPT
+aes_decrypt_ecb_crc:"00000000000000000000000000000000":"db4f1aa530967d6732ce4715eb0ee24b":"00000000000000000000000000000000":42:MBEDTLS_ERR_PLATFORM_FAULT_DETECTED:0
+
+AES-192-ECB Encrypt NIST KAT #1 good CRC
+depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+aes_encrypt_ecb_crc:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01":0:0:1
+
+AES-192-ECB Encrypt NIST KAT #1 bad CRC
+depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+aes_encrypt_ecb_crc:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffff80000000000":"00000000000000000000000000000000":42:MBEDTLS_ERR_PLATFORM_FAULT_DETECTED:0
+
+AES-192-ECB Decrypt NIST KAT #1 good CRC
+depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_AES_ONLY_ENCRYPT
+aes_decrypt_ecb_crc:"fffffffffffffffffffffffffffffffff000000000000000":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":31004:0:1
+
+AES-192-ECB Decrypt NIST KAT #1 bad CRC
+depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_AES_ONLY_ENCRYPT
+aes_decrypt_ecb_crc:"fffffffffffffffffffffffffffffffff000000000000000":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":42:MBEDTLS_ERR_PLATFORM_FAULT_DETECTED:0
+
+AES-256-ECB Encrypt NIST KAT #1 good CRC
+depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+aes_encrypt_ecb_crc:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd":61384:0:1
+
+AES-256-ECB Encrypt NIST KAT #1 bad CRC
+depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+aes_encrypt_ecb_crc:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"00000000000000000000000000000000":"00000000000000000000000000000000":42:MBEDTLS_ERR_PLATFORM_FAULT_DETECTED:0
+
+AES-256-ECB Decrypt NIST KAT #1 good CRC
+depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_AES_ONLY_ENCRYPT
+aes_decrypt_ecb_crc:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":32504:0:1
+
+AES-256-ECB Decrypt NIST KAT #1 bad CRC
+depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_AES_ONLY_ENCRYPT
+aes_decrypt_ecb_crc:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":42:MBEDTLS_ERR_PLATFORM_FAULT_DETECTED:0
+
diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index da8c1e9..2a2f9cb 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -1,5 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/aes.h"
+#include "mbedtls/platform.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -369,6 +370,60 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_VALIDATE_AES_KEYS_INTEGRITY:MBEDTLS_AES_SCA_COUNTERMEASURES:!MBEDTLS_AES_SETKEY_ENC_ALT:!MBEDTLS_AESNI_C */
+void aes_encrypt_ecb_crc( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string, unsigned int crc, int crypt_result, int check_crc )
+{
+ unsigned char output[100];
+ mbedtls_aes_context ctx;
+
+ memset(output, 0x00, 100);
+
+ mbedtls_aes_init( &ctx );
+
+ TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == 0 );
+
+ if( check_crc )
+ TEST_ASSERT( ctx.crc == crc );
+ else
+ ctx.crc = crc;
+
+ TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_ENCRYPT, src_str->x, output ) == crypt_result );
+
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
+
+exit:
+ mbedtls_aes_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_VALIDATE_AES_KEYS_INTEGRITY:MBEDTLS_AES_SCA_COUNTERMEASURES:!MBEDTLS_AES_SETKEY_ENC_ALT:!MBEDTLS_AESNI_C */
+void aes_decrypt_ecb_crc( data_t * key_str, data_t * src_str,
+ data_t * hex_dst_string, unsigned int crc, int crypt_result, int check_crc )
+{
+ unsigned char output[100];
+ mbedtls_aes_context ctx;
+
+ memset(output, 0x00, 100);
+
+ mbedtls_aes_init( &ctx );
+
+ TEST_ASSERT( mbedtls_aes_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == 0 );
+
+ if( check_crc )
+ TEST_ASSERT( ctx.crc == crc );
+ else
+ ctx.crc = crc;
+
+ TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_DECRYPT, src_str->x, output ) == crypt_result );
+
+ TEST_ASSERT( hexcmp( output, hex_dst_string->x, 16, hex_dst_string->len ) == 0 );
+
+exit:
+ mbedtls_aes_free( &ctx );
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
void aes_check_params( )
{