| /* BEGIN_HEADER */ |
| #include "mbedtls/nist_kw.h" |
| /* END_HEADER */ |
| |
| /* BEGIN_DEPENDENCIES |
| * depends_on:MBEDTLS_NIST_KW_C |
| * END_DEPENDENCIES |
| */ |
| |
| /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ |
| void mbedtls_nist_kw_self_test() |
| { |
| TEST_ASSERT(mbedtls_nist_kw_self_test(1) == 0); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ |
| void mbedtls_nist_kw_mix_contexts() |
| { |
| mbedtls_nist_kw_context ctx1, ctx2; |
| unsigned char key[16]; |
| unsigned char plaintext[32]; |
| unsigned char ciphertext1[40]; |
| unsigned char ciphertext2[40]; |
| size_t output_len, i; |
| |
| memset(plaintext, 0, sizeof(plaintext)); |
| memset(ciphertext1, 0, sizeof(ciphertext1)); |
| memset(ciphertext2, 0, sizeof(ciphertext2)); |
| memset(key, 0, sizeof(key)); |
| |
| /* |
| * 1. Check wrap and unwrap with two separate contexts |
| */ |
| mbedtls_nist_kw_init(&ctx1); |
| mbedtls_nist_kw_init(&ctx2); |
| |
| TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx1, |
| MBEDTLS_CIPHER_ID_AES, |
| key, sizeof(key) * 8, |
| 1) == 0); |
| |
| TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KW, |
| plaintext, sizeof(plaintext), |
| ciphertext1, &output_len, |
| sizeof(ciphertext1)) == 0); |
| TEST_ASSERT(output_len == sizeof(ciphertext1)); |
| |
| TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx2, |
| MBEDTLS_CIPHER_ID_AES, |
| key, sizeof(key) * 8, |
| 0) == 0); |
| |
| TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KW, |
| ciphertext1, output_len, |
| plaintext, &output_len, |
| sizeof(plaintext)) == 0); |
| |
| TEST_ASSERT(output_len == sizeof(plaintext)); |
| for (i = 0; i < sizeof(plaintext); i++) { |
| TEST_ASSERT(plaintext[i] == 0); |
| } |
| mbedtls_nist_kw_free(&ctx1); |
| mbedtls_nist_kw_free(&ctx2); |
| |
| /* |
| * 2. Check wrapping with two modes, on same context |
| */ |
| mbedtls_nist_kw_init(&ctx1); |
| mbedtls_nist_kw_init(&ctx2); |
| output_len = sizeof(ciphertext1); |
| |
| TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx1, |
| MBEDTLS_CIPHER_ID_AES, |
| key, sizeof(key) * 8, |
| 1) == 0); |
| |
| TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KW, |
| plaintext, sizeof(plaintext), |
| ciphertext1, &output_len, |
| sizeof(ciphertext1)) == 0); |
| TEST_ASSERT(output_len == sizeof(ciphertext1)); |
| |
| TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KWP, |
| plaintext, sizeof(plaintext), |
| ciphertext2, &output_len, |
| sizeof(ciphertext2)) == 0); |
| |
| TEST_ASSERT(output_len == sizeof(ciphertext2)); |
| |
| TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx2, |
| MBEDTLS_CIPHER_ID_AES, |
| key, sizeof(key) * 8, |
| 0) == 0); |
| |
| TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KW, |
| ciphertext1, sizeof(ciphertext1), |
| plaintext, &output_len, |
| sizeof(plaintext)) == 0); |
| |
| TEST_ASSERT(output_len == sizeof(plaintext)); |
| |
| for (i = 0; i < sizeof(plaintext); i++) { |
| TEST_ASSERT(plaintext[i] == 0); |
| } |
| |
| TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KWP, |
| ciphertext2, sizeof(ciphertext2), |
| plaintext, &output_len, |
| sizeof(plaintext)) == 0); |
| |
| TEST_ASSERT(output_len == sizeof(plaintext)); |
| |
| for (i = 0; i < sizeof(plaintext); i++) { |
| TEST_ASSERT(plaintext[i] == 0); |
| } |
| |
| exit: |
| mbedtls_nist_kw_free(&ctx1); |
| mbedtls_nist_kw_free(&ctx2); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE */ |
| void mbedtls_nist_kw_setkey(int cipher_id, int key_size, |
| int is_wrap, int result) |
| { |
| mbedtls_nist_kw_context ctx; |
| unsigned char key[32]; |
| int ret; |
| |
| mbedtls_nist_kw_init(&ctx); |
| |
| memset(key, 0x2A, sizeof(key)); |
| TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key)); |
| |
| ret = mbedtls_nist_kw_setkey(&ctx, cipher_id, key, key_size, is_wrap); |
| TEST_ASSERT(ret == result); |
| |
| exit: |
| mbedtls_nist_kw_free(&ctx); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ |
| void nist_kw_plaintext_lengths(int in_len, int out_len, int mode, int res) |
| { |
| mbedtls_nist_kw_context ctx; |
| unsigned char key[16]; |
| unsigned char *plaintext = NULL; |
| unsigned char *ciphertext = NULL; |
| size_t output_len = out_len; |
| |
| mbedtls_nist_kw_init(&ctx); |
| |
| memset(key, 0, sizeof(key)); |
| |
| if (in_len != 0) { |
| plaintext = mbedtls_calloc(1, in_len); |
| TEST_ASSERT(plaintext != NULL); |
| } |
| |
| if (out_len != 0) { |
| ciphertext = mbedtls_calloc(1, output_len); |
| TEST_ASSERT(ciphertext != NULL); |
| } |
| |
| TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, |
| key, 8 * sizeof(key), 1) == 0); |
| |
| TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx, mode, plaintext, in_len, |
| ciphertext, &output_len, |
| output_len) == res); |
| if (res == 0) { |
| if (mode == MBEDTLS_KW_MODE_KWP) { |
| TEST_ASSERT(output_len == (size_t) in_len + 8 - |
| (in_len % 8) + 8); |
| } else { |
| TEST_ASSERT(output_len == (size_t) in_len + 8); |
| } |
| } else { |
| TEST_ASSERT(output_len == 0); |
| } |
| |
| exit: |
| mbedtls_free(ciphertext); |
| mbedtls_free(plaintext); |
| mbedtls_nist_kw_free(&ctx); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ |
| void nist_kw_ciphertext_lengths(int in_len, int out_len, int mode, int res) |
| { |
| mbedtls_nist_kw_context ctx; |
| unsigned char key[16]; |
| unsigned char *plaintext = NULL; |
| unsigned char *ciphertext = NULL; |
| int unwrap_ret; |
| size_t output_len = out_len; |
| |
| mbedtls_nist_kw_init(&ctx); |
| |
| memset(key, 0, sizeof(key)); |
| |
| if (out_len != 0) { |
| plaintext = mbedtls_calloc(1, output_len); |
| TEST_ASSERT(plaintext != NULL); |
| } |
| if (in_len != 0) { |
| ciphertext = mbedtls_calloc(1, in_len); |
| TEST_ASSERT(ciphertext != NULL); |
| } |
| |
| TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, |
| key, 8 * sizeof(key), 0) == 0); |
| unwrap_ret = mbedtls_nist_kw_unwrap(&ctx, mode, ciphertext, in_len, |
| plaintext, &output_len, |
| output_len); |
| |
| if (res == 0) { |
| TEST_ASSERT(unwrap_ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED); |
| } else { |
| TEST_ASSERT(unwrap_ret == res); |
| } |
| |
| TEST_ASSERT(output_len == 0); |
| |
| exit: |
| mbedtls_free(ciphertext); |
| mbedtls_free(plaintext); |
| mbedtls_nist_kw_free(&ctx); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE */ |
| void mbedtls_nist_kw_wrap(int cipher_id, int mode, data_t *key, data_t *msg, |
| data_t *expected_result) |
| { |
| unsigned char result[528]; |
| mbedtls_nist_kw_context ctx; |
| size_t result_len, i, padlen; |
| |
| mbedtls_nist_kw_init(&ctx); |
| |
| memset(result, '+', sizeof(result)); |
| |
| TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, cipher_id, |
| key->x, key->len * 8, 1) == 0); |
| |
| /* Test with input == output */ |
| TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx, mode, msg->x, msg->len, |
| result, &result_len, sizeof(result)) == 0); |
| |
| TEST_ASSERT(result_len == expected_result->len); |
| |
| TEST_ASSERT(memcmp(expected_result->x, result, result_len) == 0); |
| |
| padlen = (msg->len % 8 != 0) ? 8 - (msg->len % 8) : 0; |
| /* Check that the function didn't write beyond the end of the buffer. */ |
| for (i = msg->len + 8 + padlen; i < sizeof(result); i++) { |
| TEST_ASSERT(result[i] == '+'); |
| } |
| |
| exit: |
| mbedtls_nist_kw_free(&ctx); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE */ |
| void mbedtls_nist_kw_unwrap(int cipher_id, int mode, data_t *key, data_t *msg, |
| data_t *expected_result, int expected_ret) |
| { |
| unsigned char result[528]; |
| mbedtls_nist_kw_context ctx; |
| size_t result_len, i; |
| |
| mbedtls_nist_kw_init(&ctx); |
| |
| memset(result, '+', sizeof(result)); |
| |
| TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, cipher_id, |
| key->x, key->len * 8, 0) == 0); |
| |
| /* Test with input == output */ |
| TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx, mode, msg->x, msg->len, |
| result, &result_len, sizeof(result)) == expected_ret); |
| if (expected_ret == 0) { |
| TEST_ASSERT(result_len == expected_result->len); |
| TEST_ASSERT(memcmp(expected_result->x, result, result_len) == 0); |
| } else { |
| TEST_ASSERT(result_len == 0); |
| } |
| |
| /* Check that the function didn't write beyond the end of the buffer. */ |
| for (i = msg->len - 8; i < sizeof(result); i++) { |
| TEST_ASSERT(result[i] == '+'); |
| } |
| |
| exit: |
| mbedtls_nist_kw_free(&ctx); |
| } |
| /* END_CASE */ |