Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / b1c6b4a7a54521561259b0142962e1e1f9b5a363 / . / tests / src / drivers / test_driver_cipher.c
blob: 9c95cc8f8c81abce72ab3981d448a6f9be32ae7a [file] [log] [blame]
/*
* Test driver for cipher functions.
* Currently only supports multi-part operations using AES-CTR.
*/
/* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <test/helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "psa_crypto_cipher.h"
#include "psa_crypto_core.h"
#include "mbedtls/cipher.h"
#include "test/drivers/cipher.h"
#include "test/random.h"
#include <string.h>
mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks =
MBEDTLS_TEST_DRIVER_CIPHER_INIT;
static psa_status_t mbedtls_test_transparent_cipher_oneshot(
mbedtls_operation_t direction,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length)
{
mbedtls_test_driver_cipher_hooks.hits++;
/* Test driver supports AES-CTR only, to verify operation calls. */
if( alg != PSA_ALG_CTR ||
psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
return( PSA_ERROR_NOT_SUPPORTED );
/* If test driver response code is not SUCCESS, we can return early */
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
/* If test driver output is overridden, we don't need to do actual crypto */
if( mbedtls_test_driver_cipher_hooks.forced_output != NULL )
{
if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length )
return( PSA_ERROR_BUFFER_TOO_SMALL );
memcpy( output,
mbedtls_test_driver_cipher_hooks.forced_output,
mbedtls_test_driver_cipher_hooks.forced_output_length );
*output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
return( mbedtls_test_driver_cipher_hooks.forced_status );
}
/* Run AES-CTR using the cipher module */
{
mbedtls_test_rnd_pseudo_info rnd_info;
memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
const mbedtls_cipher_info_t *cipher_info =
mbedtls_cipher_info_from_values( MBEDTLS_CIPHER_ID_AES,
key_length * 8,
MBEDTLS_MODE_CTR );
mbedtls_cipher_context_t cipher;
int ret = 0;
uint8_t temp_output_buffer[16] = {0};
size_t temp_output_length = 0;
if( direction == MBEDTLS_ENCRYPT )
{
/* Oneshot encrypt needs to prepend the IV to the output */
if( output_size < ( input_length + 16 ) )
return( PSA_ERROR_BUFFER_TOO_SMALL );
}
else
{
/* Oneshot decrypt has the IV prepended to the input */
if( output_size < ( input_length - 16 ) )
return( PSA_ERROR_BUFFER_TOO_SMALL );
}
if( cipher_info == NULL )
return( PSA_ERROR_NOT_SUPPORTED );
mbedtls_cipher_init( &cipher );
ret = mbedtls_cipher_setup( &cipher, cipher_info );
if( ret != 0 )
goto exit;
ret = mbedtls_cipher_setkey( &cipher,
key,
key_length * 8, direction );
if( ret != 0 )
goto exit;
if( direction == MBEDTLS_ENCRYPT )
{
mbedtls_test_rnd_pseudo_info rnd_info;
memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
ret = mbedtls_test_rnd_pseudo_rand( &rnd_info,
temp_output_buffer,
16 );
if( ret != 0 )
goto exit;
ret = mbedtls_cipher_set_iv( &cipher, temp_output_buffer, 16 );
}
else
ret = mbedtls_cipher_set_iv( &cipher, input, 16 );
if( ret != 0 )
goto exit;
if( direction == MBEDTLS_ENCRYPT )
{
ret = mbedtls_cipher_update( &cipher,
input, input_length,
&output[16], output_length );
if( ret == 0 )
{
memcpy( output, temp_output_buffer, 16 );
*output_length += 16;
}
}
else
ret = mbedtls_cipher_update( &cipher,
&input[16], input_length - 16,
output, output_length );
if( ret != 0 )
goto exit;
ret = mbedtls_cipher_finish( &cipher,
temp_output_buffer,
&temp_output_length );
exit:
if( ret != 0 )
{
*output_length = 0;
memset(output, 0, output_size);
}
mbedtls_cipher_free( &cipher );
return( mbedtls_to_psa_error( ret ) );
}
}
psa_status_t mbedtls_test_transparent_cipher_encrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length)
{
return (
mbedtls_test_transparent_cipher_oneshot(
MBEDTLS_ENCRYPT,
attributes,
key, key_length,
alg,
input, input_length,
output, output_size, output_length) );
}
psa_status_t mbedtls_test_transparent_cipher_decrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length)
{
return (
mbedtls_test_transparent_cipher_oneshot(
MBEDTLS_DECRYPT,
attributes,
key, key_length,
alg,
input, input_length,
output, output_size, output_length) );
}
psa_status_t mbedtls_test_transparent_cipher_encrypt_setup(
mbedtls_transparent_test_driver_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg)
{
mbedtls_test_driver_cipher_hooks.hits++;
/* Wiping the entire struct here, instead of member-by-member. This is
* useful for the test suite, since it gives a chance of catching memory
* corruption errors should the core not have allocated (enough) memory for
* our context struct. */
memset( operation, 0, sizeof( *operation ) );
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
return ( mbedtls_transparent_test_driver_cipher_encrypt_setup(
operation, attributes, key, key_length, alg ) );
}
psa_status_t mbedtls_test_transparent_cipher_decrypt_setup(
mbedtls_transparent_test_driver_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg)
{
mbedtls_test_driver_cipher_hooks.hits++;
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
return ( mbedtls_transparent_test_driver_cipher_decrypt_setup(
operation, attributes, key, key_length, alg ) );
}
psa_status_t mbedtls_test_transparent_cipher_abort(
mbedtls_transparent_test_driver_cipher_operation_t *operation)
{
mbedtls_test_driver_cipher_hooks.hits++;
if( operation->alg == 0 )
return( PSA_SUCCESS );
mbedtls_transparent_test_driver_cipher_abort( operation );
/* Wiping the entire struct here, instead of member-by-member. This is
* useful for the test suite, since it gives a chance of catching memory
* corruption errors should the core not have allocated (enough) memory for
* our context struct. */
memset( operation, 0, sizeof( *operation ) );
return( mbedtls_test_driver_cipher_hooks.forced_status );
}
psa_status_t mbedtls_test_transparent_cipher_set_iv(
mbedtls_transparent_test_driver_cipher_operation_t *operation,
const uint8_t *iv,
size_t iv_length)
{
mbedtls_test_driver_cipher_hooks.hits++;
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
return( mbedtls_transparent_test_driver_cipher_set_iv(
operation, iv, iv_length ) );
}
psa_status_t mbedtls_test_transparent_cipher_update(
mbedtls_transparent_test_driver_cipher_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
mbedtls_test_driver_cipher_hooks.hits++;
if( mbedtls_test_driver_cipher_hooks.forced_output != NULL )
{
if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length )
return PSA_ERROR_BUFFER_TOO_SMALL;
memcpy( output,
mbedtls_test_driver_cipher_hooks.forced_output,
mbedtls_test_driver_cipher_hooks.forced_output_length );
*output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
return( mbedtls_test_driver_cipher_hooks.forced_status );
}
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
return( mbedtls_transparent_test_driver_cipher_update(
operation, input, input_length,
output, output_size, output_length ) );
}
psa_status_t mbedtls_test_transparent_cipher_finish(
mbedtls_transparent_test_driver_cipher_operation_t *operation,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
mbedtls_test_driver_cipher_hooks.hits++;
if( mbedtls_test_driver_cipher_hooks.forced_output != NULL )
{
if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length )
return PSA_ERROR_BUFFER_TOO_SMALL;
memcpy( output,
mbedtls_test_driver_cipher_hooks.forced_output,
mbedtls_test_driver_cipher_hooks.forced_output_length );
*output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
return( mbedtls_test_driver_cipher_hooks.forced_status );
}
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
return( mbedtls_transparent_test_driver_cipher_finish(
operation, output, output_size, output_length ) );
}
/*
* opaque versions, to do
*/
psa_status_t mbedtls_test_opaque_cipher_encrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length)
{
(void) attributes;
(void) key;
(void) key_length;
(void) alg;
(void) input;
(void) input_length;
(void) output;
(void) output_size;
(void) output_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_opaque_cipher_decrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length)
{
(void) attributes;
(void) key;
(void) key_length;
(void) alg;
(void) input;
(void) input_length;
(void) output;
(void) output_size;
(void) output_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_opaque_cipher_encrypt_setup(
mbedtls_opaque_test_driver_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg)
{
(void) operation;
(void) attributes;
(void) key;
(void) key_length;
(void) alg;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_opaque_cipher_decrypt_setup(
mbedtls_opaque_test_driver_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg)
{
(void) operation;
(void) attributes;
(void) key;
(void) key_length;
(void) alg;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_opaque_cipher_abort(
mbedtls_opaque_test_driver_cipher_operation_t *operation )
{
(void) operation;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_opaque_cipher_set_iv(
mbedtls_opaque_test_driver_cipher_operation_t *operation,
const uint8_t *iv,
size_t iv_length)
{
(void) operation;
(void) iv;
(void) iv_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_opaque_cipher_update(
mbedtls_opaque_test_driver_cipher_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
(void) operation;
(void) input;
(void) input_length;
(void) output;
(void) output_size;
(void) output_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_opaque_cipher_finish(
mbedtls_opaque_test_driver_cipher_operation_t *operation,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
(void) operation;
(void) output;
(void) output_size;
(void) output_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */