blob: c530e6b4292de8e8ef9e940dbd2cdf4ab4f5f94e [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +02001/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +00002#include "mbedtls/gcm.h"
Gilles Peskine36dd93e2021-04-13 13:02:03 +02003
4/* Use the multipart interface to process the encrypted data in two parts
5 * and check that the output matches the expected output.
6 * The context must have been set up with the key. */
7static int check_multipart( mbedtls_gcm_context *ctx,
8 int mode,
9 const data_t *iv,
10 const data_t *add,
11 const data_t *input,
12 const data_t *expected_output,
13 const data_t *tag,
Mateusz Starzykaf4ecdd2021-06-15 15:29:48 +020014 size_t n1,
15 size_t n1_add)
Gilles Peskine36dd93e2021-04-13 13:02:03 +020016{
17 int ok = 0;
18 uint8_t *output = NULL;
19 size_t n2 = input->len - n1;
Mateusz Starzyk658f4fd2021-05-26 14:26:48 +020020 size_t n2_add = add->len - n1_add;
Gilles Peskinea56c4482021-04-15 17:22:35 +020021 size_t olen;
Gilles Peskine36dd93e2021-04-13 13:02:03 +020022
23 /* Sanity checks on the test data */
24 TEST_ASSERT( n1 <= input->len );
Mateusz Starzyk658f4fd2021-05-26 14:26:48 +020025 TEST_ASSERT( n1_add <= add->len );
Gilles Peskine36dd93e2021-04-13 13:02:03 +020026 TEST_EQUAL( input->len, expected_output->len );
27
28 TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode,
Gilles Peskine295fc132021-04-15 18:32:23 +020029 iv->x, iv->len ) );
Mateusz Starzyk658f4fd2021-05-26 14:26:48 +020030 TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x, n1_add ) );
31 TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x + n1_add, n2_add ) );
Gilles Peskine36dd93e2021-04-13 13:02:03 +020032
33 /* Allocate a tight buffer for each update call. This way, if the function
34 * tries to write beyond the advertised required buffer size, this will
35 * count as an overflow for memory sanitizers and static checkers. */
36 ASSERT_ALLOC( output, n1 );
Gilles Peskinea56c4482021-04-15 17:22:35 +020037 olen = 0xdeadbeef;
38 TEST_EQUAL( 0, mbedtls_gcm_update( ctx, input->x, n1, output, n1, &olen ) );
39 TEST_EQUAL( n1, olen );
40 ASSERT_COMPARE( output, olen, expected_output->x, n1 );
Gilles Peskine36dd93e2021-04-13 13:02:03 +020041 mbedtls_free( output );
42 output = NULL;
43
44 ASSERT_ALLOC( output, n2 );
Gilles Peskinea56c4482021-04-15 17:22:35 +020045 olen = 0xdeadbeef;
46 TEST_EQUAL( 0, mbedtls_gcm_update( ctx, input->x + n1, n2, output, n2, &olen ) );
47 TEST_EQUAL( n2, olen );
48 ASSERT_COMPARE( output, olen, expected_output->x + n1, n2 );
Gilles Peskine36dd93e2021-04-13 13:02:03 +020049 mbedtls_free( output );
50 output = NULL;
51
52 ASSERT_ALLOC( output, tag->len );
Gilles Peskine5a7be102021-06-23 21:51:32 +020053 TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, &olen, output, tag->len ) );
54 TEST_EQUAL( 0, olen );
Gilles Peskine36dd93e2021-04-13 13:02:03 +020055 ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
56 mbedtls_free( output );
57 output = NULL;
58
59 ok = 1;
60exit:
61 mbedtls_free( output );
62 return( ok );
63}
64
Mateusz Starzykfc606222021-06-16 11:04:07 +020065static void check_cipher_with_empty_ad( mbedtls_gcm_context *ctx,
66 int mode,
67 const data_t *iv,
68 const data_t *input,
69 const data_t *expected_output,
70 const data_t *tag,
71 size_t ad_update_count)
72{
73 size_t n;
74 uint8_t *output = NULL;
75 size_t olen;
76
77 /* Sanity checks on the test data */
78 TEST_EQUAL( input->len, expected_output->len );
79
80 TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode,
81 iv->x, iv->len ) );
82
Mateusz Starzyk939a54c2021-06-22 11:12:28 +020083 for( n = 0; n < ad_update_count; n++ )
Mateusz Starzykfc606222021-06-16 11:04:07 +020084 {
85 TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, NULL, 0 ) );
86 }
87
88 /* Allocate a tight buffer for each update call. This way, if the function
89 * tries to write beyond the advertised required buffer size, this will
90 * count as an overflow for memory sanitizers and static checkers. */
91 ASSERT_ALLOC( output, input->len );
92 olen = 0xdeadbeef;
93 TEST_EQUAL( 0, mbedtls_gcm_update( ctx, input->x, input->len, output, input->len, &olen ) );
94 TEST_EQUAL( input->len, olen );
95 ASSERT_COMPARE( output, olen, expected_output->x, input->len );
96 mbedtls_free( output );
97 output = NULL;
98
99 ASSERT_ALLOC( output, tag->len );
Gilles Peskine5a7be102021-06-23 21:51:32 +0200100 TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, &olen, output, tag->len ) );
101 TEST_EQUAL( 0, olen );
Mateusz Starzykfc606222021-06-16 11:04:07 +0200102 ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
103
104exit:
105 mbedtls_free( output );
106}
107
108static void check_empty_cipher_with_ad( mbedtls_gcm_context *ctx,
109 int mode,
110 const data_t *iv,
111 const data_t *add,
112 const data_t *tag,
113 size_t cipher_update_count)
114{
115 size_t olen;
116 size_t n;
117 uint8_t* output_tag = NULL;
118
119 TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode, iv->x, iv->len ) );
120 TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x, add->len ) );
121
Mateusz Starzyk939a54c2021-06-22 11:12:28 +0200122 for( n = 0; n < cipher_update_count; n++ )
Mateusz Starzykfc606222021-06-16 11:04:07 +0200123 {
124 olen = 0xdeadbeef;
125 TEST_EQUAL( 0, mbedtls_gcm_update( ctx, NULL, 0, NULL, 0, &olen ) );
126 TEST_EQUAL( 0, olen );
127 }
128
129 ASSERT_ALLOC( output_tag, tag->len );
Gilles Peskine5a7be102021-06-23 21:51:32 +0200130 TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, &olen,
131 output_tag, tag->len ) );
132 TEST_EQUAL( 0, olen );
Mateusz Starzykfc606222021-06-16 11:04:07 +0200133 ASSERT_COMPARE( output_tag, tag->len, tag->x, tag->len );
134
135exit:
136 mbedtls_free( output_tag );
137}
138
Mateusz Starzyk469c9f32021-06-18 00:06:52 +0200139static void check_no_cipher_no_ad( mbedtls_gcm_context *ctx,
140 int mode,
141 const data_t *iv,
142 const data_t *tag )
143{
144 uint8_t *output = NULL;
Gilles Peskine5a7be102021-06-23 21:51:32 +0200145 size_t olen = 0;
Mateusz Starzyk469c9f32021-06-18 00:06:52 +0200146
147 TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode,
148 iv->x, iv->len ) );
149 ASSERT_ALLOC( output, tag->len );
Gilles Peskine5a7be102021-06-23 21:51:32 +0200150 TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, &olen, output, tag->len ) );
151 TEST_EQUAL( 0, olen );
Mateusz Starzyk469c9f32021-06-18 00:06:52 +0200152 ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
153
154exit:
155 mbedtls_free( output );
156}
157
Paul Bakker33b43f12013-08-20 11:48:36 +0200158/* END_HEADER */
Paul Bakker89e80c92012-03-20 13:50:09 +0000159
Paul Bakker33b43f12013-08-20 11:48:36 +0200160/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200161 * depends_on:MBEDTLS_GCM_C
Paul Bakker33b43f12013-08-20 11:48:36 +0200162 * END_DEPENDENCIES
163 */
Paul Bakker89e80c92012-03-20 13:50:09 +0000164
Paul Bakker33b43f12013-08-20 11:48:36 +0200165/* BEGIN_CASE */
Ron Eldor5a21fd62016-12-16 16:15:56 +0200166void gcm_bad_parameters( int cipher_id, int direction,
Azim Khan5fcca462018-06-29 11:05:32 +0100167 data_t *key_str, data_t *src_str,
168 data_t *iv_str, data_t *add_str,
Ron Eldor5a21fd62016-12-16 16:15:56 +0200169 int tag_len_bits, int gcm_result )
170{
Ron Eldor5a21fd62016-12-16 16:15:56 +0200171 unsigned char output[128];
172 unsigned char tag_output[16];
173 mbedtls_gcm_context ctx;
Azim Khan317efe82017-08-02 17:33:54 +0100174 size_t tag_len = tag_len_bits / 8;
Ron Eldor5a21fd62016-12-16 16:15:56 +0200175
176 mbedtls_gcm_init( &ctx );
177
Ron Eldor5a21fd62016-12-16 16:15:56 +0200178 memset( output, 0x00, sizeof( output ) );
179 memset( tag_output, 0x00, sizeof( tag_output ) );
Darryl Green11999bb2018-03-13 15:22:58 +0000180
Azim Khan317efe82017-08-02 17:33:54 +0100181 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
182 TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, direction, src_str->len, iv_str->x, iv_str->len,
183 add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == gcm_result );
Ron Eldor5a21fd62016-12-16 16:15:56 +0200184
185exit:
186 mbedtls_gcm_free( &ctx );
187}
188/* END_CASE */
189
190/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100191void gcm_encrypt_and_tag( int cipher_id, data_t * key_str,
192 data_t * src_str, data_t * iv_str,
Ronald Cronac6ae352020-06-26 14:33:03 +0200193 data_t * add_str, data_t * dst,
194 int tag_len_bits, data_t * tag,
Azim Khand30ca132017-06-09 04:32:58 +0100195 int init_result )
Paul Bakker89e80c92012-03-20 13:50:09 +0000196{
Paul Bakker89e80c92012-03-20 13:50:09 +0000197 unsigned char output[128];
198 unsigned char tag_output[16];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200199 mbedtls_gcm_context ctx;
Azim Khanf1aaec92017-05-30 14:23:15 +0100200 size_t tag_len = tag_len_bits / 8;
Gilles Peskine36dd93e2021-04-13 13:02:03 +0200201 size_t n1;
Mateusz Starzykaf4ecdd2021-06-15 15:29:48 +0200202 size_t n1_add;
Paul Bakker89e80c92012-03-20 13:50:09 +0000203
Manuel Pégourié-Gonnardc34e8dd2015-04-28 21:42:17 +0200204 mbedtls_gcm_init( &ctx );
205
Paul Bakker89e80c92012-03-20 13:50:09 +0000206 memset(output, 0x00, 128);
207 memset(tag_output, 0x00, 16);
208
Paul Bakker89e80c92012-03-20 13:50:09 +0000209
Azim Khand30ca132017-06-09 04:32:58 +0100210 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200211 if( init_result == 0 )
Paul Bakker89e80c92012-03-20 13:50:09 +0000212 {
Azim Khand30ca132017-06-09 04:32:58 +0100213 TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == 0 );
Paul Bakker89e80c92012-03-20 13:50:09 +0000214
Gilles Peskine36dd93e2021-04-13 13:02:03 +0200215 ASSERT_COMPARE( output, src_str->len, dst->x, dst->len );
216 ASSERT_COMPARE( tag_output, tag_len, tag->x, tag->len );
217
Gilles Peskine58fc2722021-04-13 15:58:27 +0200218 for( n1 = 0; n1 <= src_str->len; n1 += 1 )
Gilles Peskine36dd93e2021-04-13 13:02:03 +0200219 {
Mateusz Starzykaf4ecdd2021-06-15 15:29:48 +0200220 for( n1_add = 0; n1_add <= add_str->len; n1_add += 1 )
221 {
Mateusz Starzykf8a0d4d2021-06-17 11:40:52 +0200222 mbedtls_test_set_step( n1 * 10000 + n1_add );
Mateusz Starzykaf4ecdd2021-06-15 15:29:48 +0200223 if( !check_multipart( &ctx, MBEDTLS_GCM_ENCRYPT,
224 iv_str, add_str, src_str,
225 dst, tag,
226 n1, n1_add ) )
227 goto exit;
228 }
Gilles Peskine36dd93e2021-04-13 13:02:03 +0200229 }
Paul Bakker89e80c92012-03-20 13:50:09 +0000230 }
Manuel Pégourié-Gonnard4fe92002013-09-13 13:45:58 +0200231
Paul Bakkerbd51b262014-07-10 15:26:12 +0200232exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200233 mbedtls_gcm_free( &ctx );
Paul Bakker89e80c92012-03-20 13:50:09 +0000234}
Paul Bakker33b43f12013-08-20 11:48:36 +0200235/* END_CASE */
Paul Bakker89e80c92012-03-20 13:50:09 +0000236
Paul Bakker33b43f12013-08-20 11:48:36 +0200237/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100238void gcm_decrypt_and_verify( int cipher_id, data_t * key_str,
239 data_t * src_str, data_t * iv_str,
240 data_t * add_str, int tag_len_bits,
241 data_t * tag_str, char * result,
242 data_t * pt_result, int init_result )
Paul Bakker89e80c92012-03-20 13:50:09 +0000243{
Paul Bakker89e80c92012-03-20 13:50:09 +0000244 unsigned char output[128];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200245 mbedtls_gcm_context ctx;
Paul Bakker89e80c92012-03-20 13:50:09 +0000246 int ret;
Azim Khanf1aaec92017-05-30 14:23:15 +0100247 size_t tag_len = tag_len_bits / 8;
Gilles Peskine36dd93e2021-04-13 13:02:03 +0200248 size_t n1;
Mateusz Starzykaf4ecdd2021-06-15 15:29:48 +0200249 size_t n1_add;
Paul Bakker89e80c92012-03-20 13:50:09 +0000250
Manuel Pégourié-Gonnardc34e8dd2015-04-28 21:42:17 +0200251 mbedtls_gcm_init( &ctx );
252
Paul Bakker89e80c92012-03-20 13:50:09 +0000253 memset(output, 0x00, 128);
254
Paul Bakker89e80c92012-03-20 13:50:09 +0000255
Azim Khand30ca132017-06-09 04:32:58 +0100256 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200257 if( init_result == 0 )
Paul Bakker89e80c92012-03-20 13:50:09 +0000258 {
Azim Khand30ca132017-06-09 04:32:58 +0100259 ret = mbedtls_gcm_auth_decrypt( &ctx, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, tag_str->x, tag_len, src_str->x, output );
Paul Bakker89e80c92012-03-20 13:50:09 +0000260
Azim Khan46c9b1f2017-05-31 20:46:35 +0100261 if( strcmp( "FAIL", result ) == 0 )
Paul Bakker89e80c92012-03-20 13:50:09 +0000262 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200263 TEST_ASSERT( ret == MBEDTLS_ERR_GCM_AUTH_FAILED );
Paul Bakker89e80c92012-03-20 13:50:09 +0000264 }
265 else
266 {
Manuel Pégourié-Gonnardf7ce67f2013-09-03 20:17:35 +0200267 TEST_ASSERT( ret == 0 );
Gilles Peskine36dd93e2021-04-13 13:02:03 +0200268 ASSERT_COMPARE( output, src_str->len, pt_result->x, pt_result->len );
Paul Bakker89e80c92012-03-20 13:50:09 +0000269
Gilles Peskine58fc2722021-04-13 15:58:27 +0200270 for( n1 = 0; n1 <= src_str->len; n1 += 1 )
Gilles Peskine36dd93e2021-04-13 13:02:03 +0200271 {
Mateusz Starzykaf4ecdd2021-06-15 15:29:48 +0200272 for( n1_add = 0; n1_add <= add_str->len; n1_add += 1 )
273 {
Mateusz Starzykf8a0d4d2021-06-17 11:40:52 +0200274 mbedtls_test_set_step( n1 * 10000 + n1_add );
Mateusz Starzykaf4ecdd2021-06-15 15:29:48 +0200275 if( !check_multipart( &ctx, MBEDTLS_GCM_DECRYPT,
276 iv_str, add_str, src_str,
277 pt_result, tag_str,
278 n1, n1_add ) )
279 goto exit;
280 }
Gilles Peskine36dd93e2021-04-13 13:02:03 +0200281 }
Paul Bakker89e80c92012-03-20 13:50:09 +0000282 }
283 }
Manuel Pégourié-Gonnard4fe92002013-09-13 13:45:58 +0200284
Paul Bakkerbd51b262014-07-10 15:26:12 +0200285exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200286 mbedtls_gcm_free( &ctx );
Paul Bakker89e80c92012-03-20 13:50:09 +0000287}
Paul Bakker33b43f12013-08-20 11:48:36 +0200288/* END_CASE */
Paul Bakker89e80c92012-03-20 13:50:09 +0000289
Mateusz Starzykfc606222021-06-16 11:04:07 +0200290/* BEGIN_CASE */
291void gcm_decrypt_and_verify_empty_cipher( int cipher_id,
292 data_t * key_str,
293 data_t * iv_str,
294 data_t * add_str,
295 data_t * tag_str,
Mateusz Starzyk032a1ce2021-06-17 11:50:26 +0200296 int cipher_update_calls )
Mateusz Starzykfc606222021-06-16 11:04:07 +0200297{
298 mbedtls_gcm_context ctx;
299
300 mbedtls_gcm_init( &ctx );
301
Mateusz Starzyk032a1ce2021-06-17 11:50:26 +0200302 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
303 check_empty_cipher_with_ad( &ctx, MBEDTLS_GCM_DECRYPT,
304 iv_str, add_str, tag_str,
305 cipher_update_calls );
Mateusz Starzykfc606222021-06-16 11:04:07 +0200306
307 mbedtls_gcm_free( &ctx );
308}
309/* END_CASE */
310
311/* BEGIN_CASE */
312void gcm_decrypt_and_verify_empty_ad( int cipher_id,
313 data_t * key_str,
314 data_t * iv_str,
315 data_t * src_str,
316 data_t * tag_str,
317 data_t * pt_result,
Mateusz Starzyk032a1ce2021-06-17 11:50:26 +0200318 int ad_update_calls )
Mateusz Starzykfc606222021-06-16 11:04:07 +0200319{
320 mbedtls_gcm_context ctx;
321
322 mbedtls_gcm_init( &ctx );
323
Mateusz Starzyk032a1ce2021-06-17 11:50:26 +0200324 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
325 check_cipher_with_empty_ad( &ctx, MBEDTLS_GCM_DECRYPT,
326 iv_str, src_str, pt_result, tag_str,
327 ad_update_calls );
Mateusz Starzykfc606222021-06-16 11:04:07 +0200328
329 mbedtls_gcm_free( &ctx );
330}
331/* END_CASE */
332
333/* BEGIN_CASE */
Mateusz Starzyk469c9f32021-06-18 00:06:52 +0200334void gcm_decrypt_and_verify_no_ad_no_cipher( int cipher_id,
335 data_t * key_str,
336 data_t * iv_str,
337 data_t * tag_str )
338{
339 mbedtls_gcm_context ctx;
340
341 mbedtls_gcm_init( &ctx );
342
343 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
344 check_no_cipher_no_ad( &ctx, MBEDTLS_GCM_DECRYPT,
345 iv_str, tag_str );
346
347 mbedtls_gcm_free( &ctx );
348}
349/* END_CASE */
350
351/* BEGIN_CASE */
Mateusz Starzykfc606222021-06-16 11:04:07 +0200352void gcm_encrypt_and_tag_empty_cipher( int cipher_id,
353 data_t * key_str,
354 data_t * iv_str,
355 data_t * add_str,
356 data_t * tag_str,
Mateusz Starzyk032a1ce2021-06-17 11:50:26 +0200357 int cipher_update_calls )
Mateusz Starzykfc606222021-06-16 11:04:07 +0200358{
359 mbedtls_gcm_context ctx;
360
361 mbedtls_gcm_init( &ctx );
362
Mateusz Starzyk032a1ce2021-06-17 11:50:26 +0200363 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
364 check_empty_cipher_with_ad( &ctx, MBEDTLS_GCM_ENCRYPT,
365 iv_str, add_str, tag_str,
366 cipher_update_calls );
Mateusz Starzykfc606222021-06-16 11:04:07 +0200367
368exit:
369 mbedtls_gcm_free( &ctx );
370}
371/* END_CASE */
372
373/* BEGIN_CASE */
374void gcm_encrypt_and_tag_empty_ad( int cipher_id,
375 data_t * key_str,
376 data_t * iv_str,
377 data_t * src_str,
378 data_t * dst,
379 data_t * tag_str,
Mateusz Starzyk032a1ce2021-06-17 11:50:26 +0200380 int ad_update_calls )
Mateusz Starzykfc606222021-06-16 11:04:07 +0200381{
382 mbedtls_gcm_context ctx;
383
384 mbedtls_gcm_init( &ctx );
385
Mateusz Starzyk032a1ce2021-06-17 11:50:26 +0200386 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
387 check_cipher_with_empty_ad( &ctx, MBEDTLS_GCM_ENCRYPT,
388 iv_str, src_str, dst, tag_str,
389 ad_update_calls );
Mateusz Starzykfc606222021-06-16 11:04:07 +0200390
391exit:
392 mbedtls_gcm_free( &ctx );
393}
394/* END_CASE */
395
Mateusz Starzyk469c9f32021-06-18 00:06:52 +0200396/* BEGIN_CASE */
397void gcm_encrypt_and_verify_no_ad_no_cipher( int cipher_id,
398 data_t * key_str,
399 data_t * iv_str,
400 data_t * tag_str )
401{
402 mbedtls_gcm_context ctx;
403
404 mbedtls_gcm_init( &ctx );
405
406 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
407 check_no_cipher_no_ad( &ctx, MBEDTLS_GCM_ENCRYPT,
408 iv_str, tag_str );
409
410 mbedtls_gcm_free( &ctx );
411}
412/* END_CASE */
413
TRodziewicz062f3532021-05-25 15:15:57 +0200414/* BEGIN_CASE depends_on:NOT_DEFINED */
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500415void gcm_invalid_param( )
416{
417 mbedtls_gcm_context ctx;
418 unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
419 mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES;
Ronald Cron875b5fb2021-05-21 08:50:00 +0200420 int invalid_bitlen = 1;
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500421
422 mbedtls_gcm_init( &ctx );
423
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500424 /* mbedtls_gcm_setkey */
Ronald Cron875b5fb2021-05-21 08:50:00 +0200425 TEST_EQUAL(
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500426 MBEDTLS_ERR_GCM_BAD_INPUT,
427 mbedtls_gcm_setkey( &ctx, valid_cipher, valid_buffer, invalid_bitlen ) );
428
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500429exit:
430 mbedtls_gcm_free( &ctx );
431}
432/* END_CASE */
433
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200434/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100435void gcm_selftest( )
Paul Bakker89e80c92012-03-20 13:50:09 +0000436{
Andres AG93012e82016-09-09 09:10:28 +0100437 TEST_ASSERT( mbedtls_gcm_self_test( 1 ) == 0 );
Paul Bakker89e80c92012-03-20 13:50:09 +0000438}
Paul Bakker33b43f12013-08-20 11:48:36 +0200439/* END_CASE */