eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'public/pr/2287' into development

Browse source
This commit is contained in:
Simon Butcher 2018-12-20 12:00:50 +00:00
commit 2a8d32c6c1
6 changed files with 410 additions and 68 deletions
Download patch file Download diff file Expand all files Collapse all files

246
tests/suites/test_suite_aes.function
View file

@ -194,8 +194,8 @@ exit:
void aes_crypt_xts_size( int size, int retval )
{
mbedtls_aes_xts_context ctx;
const unsigned char *src = NULL;
unsigned char *output = NULL;
const unsigned char src[16] = { 0 };
unsigned char output[16];
unsigned char data_unit[16];
size_t length = size;
@ -203,10 +203,8 @@ void aes_crypt_xts_size( int size, int retval )
memset( data_unit, 0x00, sizeof( data_unit ) );
/* Note that this function will most likely crash on failure, as NULL
* parameters will be used. In the passing case, the length check in
* mbedtls_aes_crypt_xts() will prevent any accesses to parameters by
* exiting the function early. */
/* Valid pointers are passed for builds with MBEDTLS_CHECK_PARAMS, as
* otherwise we wouldn't get to the size check we're interested in. */
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval );
}
/* END_CASE */
@ -215,7 +213,7 @@ void aes_crypt_xts_size( int size, int retval )
void aes_crypt_xts_keysize( int size, int retval )
{
mbedtls_aes_xts_context ctx;
const unsigned char *key = NULL;
const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
size_t key_len = size;
mbedtls_aes_xts_init( &ctx );
@ -372,39 +370,255 @@ exit:
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
void aes_invalid_param( )
void aes_check_params( )
{
mbedtls_aes_context dummy_ctx;
mbedtls_aes_context aes_ctx;
#if defined(MBEDTLS_CIPHER_MODE_XTS)
mbedtls_aes_xts_context xts_ctx;
#endif
const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
const unsigned char in[16] = { 0 };
unsigned char out[16];
size_t size;
const int valid_mode = MBEDTLS_AES_ENCRYPT;
const int invalid_mode = 42;
TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) );
#if defined(MBEDTLS_CIPHER_MODE_XTS)
TEST_INVALID_PARAM( mbedtls_aes_xts_init( NULL ) );
#endif
/* mbedtls_aes_setkey_enc() */
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_setkey_enc( NULL, key, 128 ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_setkey_enc( &dummy_ctx, NULL, 128 ) );
mbedtls_aes_setkey_enc( &aes_ctx, NULL, 128 ) );
/* mbedtls_aes_setkey_dec() */
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_setkey_dec( NULL, key, 128 ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_setkey_dec( &aes_ctx, NULL, 128 ) );
#if defined(MBEDTLS_CIPHER_MODE_XTS)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_xts_setkey_enc( NULL, key, 128 ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_xts_setkey_enc( &xts_ctx, NULL, 128 ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_setkey_dec( &dummy_ctx, NULL, 128 ) );
mbedtls_aes_xts_setkey_dec( NULL, key, 128 ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_xts_setkey_dec( &xts_ctx, NULL, 128 ) );
#endif
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ecb( NULL,
valid_mode, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ecb( &aes_ctx,
invalid_mode, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ecb( &aes_ctx,
valid_mode, NULL, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ecb( &aes_ctx,
valid_mode, in, NULL ) );
#if defined(MBEDTLS_CIPHER_MODE_CBC)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cbc( NULL,
valid_mode, 16,
out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cbc( &aes_ctx,
invalid_mode, 16,
out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cbc( &aes_ctx,
valid_mode, 16,
NULL, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cbc( &aes_ctx,
valid_mode, 16,
out, NULL, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cbc( &aes_ctx,
valid_mode, 16,
out, in, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_xts( NULL,
valid_mode, 16,
in, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_xts( &xts_ctx,
invalid_mode, 16,
in, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_xts( &xts_ctx,
valid_mode, 16,
NULL, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_xts( &xts_ctx,
valid_mode, 16,
in, NULL, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_xts( &xts_ctx,
valid_mode, 16,
in, in, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_XTS */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cfb128( NULL,
valid_mode, 16,
&size, out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cfb128( &aes_ctx,
invalid_mode, 16,
&size, out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cfb128( &aes_ctx,
valid_mode, 16,
NULL, out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cfb128( &aes_ctx,
valid_mode, 16,
&size, NULL, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cfb128( &aes_ctx,
valid_mode, 16,
&size, out, NULL, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cfb128( &aes_ctx,
valid_mode, 16,
&size, out, in, NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cfb8( NULL,
valid_mode, 16,
out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cfb8( &aes_ctx,
invalid_mode, 16,
out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cfb8( &aes_ctx,
valid_mode, 16,
NULL, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cfb8( &aes_ctx,
valid_mode, 16,
out, NULL, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_cfb8( &aes_ctx,
valid_mode, 16,
out, in, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_OFB)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ofb( NULL, 16,
&size, out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
NULL, out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
&size, NULL, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
&size, out, NULL, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
&size, out, in, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_OFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ctr( NULL, 16, &size, out,
out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ctr( &aes_ctx, 16, NULL, out,
out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, NULL,
out, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
NULL, in, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
out, NULL, out ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
out, in, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_CTR */
}
/* END_CASE */
/* BEGIN_CASE */
void aes_valid_param( )
void aes_misc_params( )
{
#if defined(MBEDTLS_CIPHER_MODE_CBC) || \
defined(MBEDTLS_CIPHER_MODE_XTS) || \
defined(MBEDTLS_CIPHER_MODE_CFB) || \
defined(MBEDTLS_CIPHER_MODE_OFB)
mbedtls_aes_context aes_ctx;
const unsigned char in[16] = { 0 };
unsigned char out[16];
#endif
#if defined(MBEDTLS_CIPHER_MODE_XTS)
mbedtls_aes_xts_context xts_ctx;
#endif
#if defined(MBEDTLS_CIPHER_MODE_CFB) || \
defined(MBEDTLS_CIPHER_MODE_OFB)
size_t size;
#endif
/* These calls accept NULL */
TEST_VALID_PARAM( mbedtls_aes_free( NULL ) );
#if defined(MBEDTLS_CIPHER_MODE_XTS)
TEST_VALID_PARAM( mbedtls_aes_xts_free( NULL ) );
#endif
#if defined(MBEDTLS_CIPHER_MODE_CBC)
TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT,
15,
out, in, out )
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT,
17,
out, in, out )
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
#endif
#if defined(MBEDTLS_CIPHER_MODE_XTS)
TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT,
15,
in, in, out )
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT,
(1 << 24) + 1,
in, in, out )
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
#endif
#if defined(MBEDTLS_CIPHER_MODE_CFB)
size = 16;
TEST_ASSERT( mbedtls_aes_crypt_cfb128( &aes_ctx, MBEDTLS_AES_ENCRYPT, 16,
&size, out, in, out )
== MBEDTLS_ERR_AES_BAD_INPUT_DATA );
#endif
#if defined(MBEDTLS_CIPHER_MODE_OFB)
size = 16;
TEST_ASSERT( mbedtls_aes_crypt_ofb( &aes_ctx, 16, &size, out, in, out )
== MBEDTLS_ERR_AES_BAD_INPUT_DATA );
#endif
}
/* END_CASE */

8
tests/suites/test_suite_aes.rest.data
View file

@ -10,11 +10,11 @@ aes_encrypt_cbc:"000000000000000000000000000000000000000000000000000000000000000
AES-256-CBC Decrypt (Invalid input length)
aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c74":"":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
AES - Invalid parameters
aes_invalid_param:
AES - Optional Parameter Validation (MBEDTLS_CHECK_PARAMS)
aes_check_params:
AES - Valid parameters
aes_valid_param:
AES - Mandatory Parameter Validation and Valid Parameters
aes_misc_params:
AES Selftest
depends_on:MBEDTLS_SELF_TEST