TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / ae59c5232274df36b1b58dd52eb74cb153829a1a / . / tests / suites / test_suite_chachapoly.function
blob: 906e3f5ade9ce39a8c658d1732305525a33d05e7 [file] [log] [blame]
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]2#include "mbedtls/chachapoly.h"
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]3/* END_HEADER */
4
5/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]6 * depends_on:MBEDTLS_CHACHAPOLY_C
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]7 * END_DEPENDENCIES
8 */
9
10/* BEGIN_CASE */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]11void mbedtls_chachapoly_enc(data_t *key_str,
12 data_t *nonce_str,
13 data_t *aad_str,
14 data_t *input_str,
15 data_t *output_str,
16 data_t *mac_str)
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]17{
Manuel Pégourié-Gonnard528524b2018-05-09 11:21:21 +0200[diff] [blame]18 unsigned char output[265];
Manuel Pégourié-Gonnard528524b2018-05-09 11:21:21 +0200[diff] [blame]19 unsigned char mac[16]; /* size set by the standard */
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]20 mbedtls_chachapoly_context ctx;
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]21
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]22 TEST_ASSERT(key_str->len == 32);
23 TEST_ASSERT(nonce_str->len == 12);
24 TEST_ASSERT(mac_str->len == 16);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]25
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]26 mbedtls_chachapoly_init(&ctx);
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]27
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]28 TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key_str->x) == 0);
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]29
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]30 TEST_ASSERT(mbedtls_chachapoly_encrypt_and_tag(&ctx,
31 input_str->len, nonce_str->x,
32 aad_str->x, aad_str->len,
33 input_str->x, output, mac) == 0);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]34
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]35 TEST_ASSERT(memcmp(output_str->x, output, output_str->len) == 0);
36 TEST_ASSERT(memcmp(mac_str->x, mac, 16U) == 0);
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]37
38exit:
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]39 mbedtls_chachapoly_free(&ctx);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]40}
41/* END_CASE */
42
43/* BEGIN_CASE */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]44void mbedtls_chachapoly_dec(data_t *key_str,
45 data_t *nonce_str,
46 data_t *aad_str,
47 data_t *input_str,
48 data_t *output_str,
49 data_t *mac_str,
50 int ret_exp)
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]51{
Manuel Pégourié-Gonnard528524b2018-05-09 11:21:21 +0200[diff] [blame]52 unsigned char output[265];
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]53 int ret;
54 mbedtls_chachapoly_context ctx;
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]55
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]56 TEST_ASSERT(key_str->len == 32);
57 TEST_ASSERT(nonce_str->len == 12);
58 TEST_ASSERT(mac_str->len == 16);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]59
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]60 mbedtls_chachapoly_init(&ctx);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]61
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]62 TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key_str->x) == 0);
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]63
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]64 ret = mbedtls_chachapoly_auth_decrypt(&ctx,
65 input_str->len, nonce_str->x,
66 aad_str->x, aad_str->len,
67 mac_str->x, input_str->x, output);
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]68
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]69 TEST_ASSERT(ret == ret_exp);
70 if (ret_exp == 0) {
71 TEST_ASSERT(memcmp(output_str->x, output, output_str->len) == 0);
Manuel Pégourié-Gonnard72967712018-05-09 12:22:13 +0200[diff] [blame]72 }
Manuel Pégourié-Gonnard346b8d52018-05-07 12:56:36 +0200[diff] [blame]73
74exit:
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]75 mbedtls_chachapoly_free(&ctx);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]76}
77/* END_CASE */
78
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]79/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]80void chachapoly_bad_params()
81{
82 unsigned char key[32];
83 unsigned char nonce[12];
84 unsigned char aad[1];
85 unsigned char input[1];
86 unsigned char output[1];
87 unsigned char mac[16];
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]88 size_t input_len = sizeof(input);
89 size_t aad_len = sizeof(aad);
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]90 mbedtls_chachapoly_context ctx;
91
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]92 memset(key, 0x00, sizeof(key));
93 memset(nonce, 0x00, sizeof(nonce));
94 memset(aad, 0x00, sizeof(aad));
95 memset(input, 0x00, sizeof(input));
96 memset(output, 0x00, sizeof(output));
97 memset(mac, 0x00, sizeof(mac));
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]98
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]99 TEST_INVALID_PARAM(mbedtls_chachapoly_init(NULL));
100 TEST_VALID_PARAM(mbedtls_chachapoly_free(NULL));
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]101
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]102 /* setkey */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]103 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
104 mbedtls_chachapoly_setkey(NULL, key));
105 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
106 mbedtls_chachapoly_setkey(&ctx, NULL));
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]107
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]108 /* encrypt_and_tag */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]109 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
110 mbedtls_chachapoly_encrypt_and_tag(NULL,
111 0, nonce,
112 aad, 0,
113 input, output, mac));
114 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
115 mbedtls_chachapoly_encrypt_and_tag(&ctx,
116 0, NULL,
117 aad, 0,
118 input, output, mac));
119 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
120 mbedtls_chachapoly_encrypt_and_tag(&ctx,
121 0, nonce,
122 NULL, aad_len,
123 input, output, mac));
124 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
125 mbedtls_chachapoly_encrypt_and_tag(&ctx,
126 input_len, nonce,
127 aad, 0,
128 NULL, output, mac));
129 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
130 mbedtls_chachapoly_encrypt_and_tag(&ctx,
131 input_len, nonce,
132 aad, 0,
133 input, NULL, mac));
134 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
135 mbedtls_chachapoly_encrypt_and_tag(&ctx,
136 0, nonce,
137 aad, 0,
138 input, output, NULL));
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]139
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]140 /* auth_decrypt */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]141 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
142 mbedtls_chachapoly_auth_decrypt(NULL,
143 0, nonce,
144 aad, 0,
145 mac, input, output));
146 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
147 mbedtls_chachapoly_auth_decrypt(&ctx,
148 0, NULL,
149 aad, 0,
150 mac, input, output));
151 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
152 mbedtls_chachapoly_auth_decrypt(&ctx,
153 0, nonce,
154 NULL, aad_len,
155 mac, input, output));
156 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
157 mbedtls_chachapoly_auth_decrypt(&ctx,
158 0, nonce,
159 aad, 0,
160 NULL, input, output));
161 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
162 mbedtls_chachapoly_auth_decrypt(&ctx,
163 input_len, nonce,
164 aad, 0,
165 mac, NULL, output));
166 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
167 mbedtls_chachapoly_auth_decrypt(&ctx,
168 input_len, nonce,
169 aad, 0,
170 mac, input, NULL));
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]171
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]172 /* starts */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]173 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
174 mbedtls_chachapoly_starts(NULL, nonce,
175 MBEDTLS_CHACHAPOLY_ENCRYPT));
176 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
177 mbedtls_chachapoly_starts(&ctx, NULL,
178 MBEDTLS_CHACHAPOLY_ENCRYPT));
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]179
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]180 /* update_aad */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]181 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
182 mbedtls_chachapoly_update_aad(NULL, aad,
183 aad_len));
184 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
185 mbedtls_chachapoly_update_aad(&ctx, NULL,
186 aad_len));
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]187
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]188 /* update */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]189 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
190 mbedtls_chachapoly_update(NULL, input_len,
191 input, output));
192 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
193 mbedtls_chachapoly_update(&ctx, input_len,
194 NULL, output));
195 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
196 mbedtls_chachapoly_update(&ctx, input_len,
197 input, NULL));
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]198
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]199 /* finish */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]200 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
201 mbedtls_chachapoly_finish(NULL, mac));
202 TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA,
203 mbedtls_chachapoly_finish(&ctx, NULL));
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]204
205exit:
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]206 return;
Manuel Pégourié-Gonnard59d2c302018-05-10 10:39:32 +0200[diff] [blame]207}
208/* END_CASE */
209
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]210/* BEGIN_CASE */
211void chachapoly_state()
212{
213 unsigned char key[32];
214 unsigned char nonce[12];
215 unsigned char aad[1];
216 unsigned char input[1];
217 unsigned char output[1];
218 unsigned char mac[16];
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]219 size_t input_len = sizeof(input);
220 size_t aad_len = sizeof(aad);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]221 mbedtls_chachapoly_context ctx;
222
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]223 memset(key, 0x00, sizeof(key));
224 memset(nonce, 0x00, sizeof(nonce));
225 memset(aad, 0x00, sizeof(aad));
226 memset(input, 0x00, sizeof(input));
227 memset(output, 0x00, sizeof(output));
228 memset(mac, 0x00, sizeof(mac));
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]229
230 /* Initial state: finish, update, update_aad forbidden */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]231 mbedtls_chachapoly_init(&ctx);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]232
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]233 TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
234 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
235 TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
236 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
237 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
238 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]239
240 /* Still initial state: finish, update, update_aad forbidden */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]241 TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key)
242 == 0);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]243
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]244 TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
245 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
246 TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
247 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
248 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
249 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]250
251 /* Starts -> finish OK */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]252 TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT)
253 == 0);
254 TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
255 == 0);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]256
257 /* After finish: update, update_aad forbidden */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]258 TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
259 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
260 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
261 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]262
263 /* Starts -> update* OK */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]264 TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT)
265 == 0);
266 TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
267 == 0);
268 TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output)
269 == 0);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]270
271 /* After update: update_aad forbidden */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]272 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
273 == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]274
275 /* Starts -> update_aad* -> finish OK */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]276 TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT)
277 == 0);
278 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
279 == 0);
280 TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len)
281 == 0);
282 TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac)
283 == 0);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]284
285exit:
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]286 mbedtls_chachapoly_free(&ctx);
Manuel Pégourié-Gonnardceb12252018-05-10 11:41:00 +0200[diff] [blame]287}
288/* END_CASE */
289
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]290/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +0200[diff] [blame]291void chachapoly_selftest()
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]292{
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100[diff] [blame]293 TEST_ASSERT(mbedtls_chachapoly_self_test(1) == 0);
Daniel Kingb8025c52016-05-17 14:43:01 -0300[diff] [blame]294}
295/* END_CASE */