1/* BEGIN_HEADER */ 2#include "mbedtls/gcm.h" 3/* END_HEADER */ 4 5/* BEGIN_DEPENDENCIES 6 * depends_on:MBEDTLS_GCM_C 7 * END_DEPENDENCIES 8 */ 9 10/* BEGIN_CASE */ 11void gcm_bad_parameters( int cipher_id, int direction, 12 data_t *key_str, data_t *src_str, 13 data_t *iv_str, data_t *add_str, 14 int tag_len_bits, int gcm_result ) 15{ 16 unsigned char output[128]; 17 unsigned char tag_output[16]; 18 mbedtls_gcm_context ctx; 19 size_t tag_len = tag_len_bits / 8; 20 21 mbedtls_gcm_init( &ctx ); 22 23 memset( output, 0x00, sizeof( output ) ); 24 memset( tag_output, 0x00, sizeof( tag_output ) ); 25 26 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 ); 27 TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, direction, src_str->len, iv_str->x, iv_str->len, 28 add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == gcm_result ); 29 30exit: 31 mbedtls_gcm_free( &ctx ); 32} 33/* END_CASE */ 34 35/* BEGIN_CASE */ 36void gcm_encrypt_and_tag( int cipher_id, data_t * key_str, 37 data_t * src_str, data_t * iv_str, 38 data_t * add_str, data_t * dst, 39 int tag_len_bits, data_t * tag, 40 int init_result ) 41{ 42 unsigned char output[128]; 43 unsigned char tag_output[16]; 44 mbedtls_gcm_context ctx; 45 size_t tag_len = tag_len_bits / 8; 46 47 mbedtls_gcm_init( &ctx ); 48 49 memset(output, 0x00, 128); 50 memset(tag_output, 0x00, 16); 51 52 53 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); 54 if( init_result == 0 ) 55 { 56 TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == 0 ); 57 58 TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 59 src_str->len, dst->len ) == 0 ); 60 TEST_ASSERT( mbedtls_test_hexcmp( tag_output, tag->x, 61 tag_len, tag->len ) == 0 ); 62 } 63 64exit: 65 mbedtls_gcm_free( &ctx ); 66} 67/* END_CASE */ 68 69/* BEGIN_CASE */ 70void gcm_decrypt_and_verify( int cipher_id, data_t * key_str, 71 data_t * src_str, data_t * iv_str, 72 data_t * add_str, int tag_len_bits, 73 data_t * tag_str, char * result, 74 data_t * pt_result, int init_result ) 75{ 76 unsigned char output[128]; 77 mbedtls_gcm_context ctx; 78 int ret; 79 size_t tag_len = tag_len_bits / 8; 80 81 mbedtls_gcm_init( &ctx ); 82 83 memset(output, 0x00, 128); 84 85 86 TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); 87 if( init_result == 0 ) 88 { 89 ret = mbedtls_gcm_auth_decrypt( &ctx, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, tag_str->x, tag_len, src_str->x, output ); 90 91 if( strcmp( "FAIL", result ) == 0 ) 92 { 93 TEST_ASSERT( ret == MBEDTLS_ERR_GCM_AUTH_FAILED ); 94 } 95 else 96 { 97 TEST_ASSERT( ret == 0 ); 98 99 TEST_ASSERT( mbedtls_test_hexcmp( output, pt_result->x, 100 src_str->len, 101 pt_result->len ) == 0 ); 102 } 103 } 104 105exit: 106 mbedtls_gcm_free( &ctx ); 107} 108/* END_CASE */ 109 110/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ 111void gcm_invalid_param( ) 112{ 113 mbedtls_gcm_context ctx; 114 unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; 115 mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES; 116 int valid_mode = MBEDTLS_GCM_ENCRYPT; 117 int valid_len = sizeof(valid_buffer); 118 int valid_bitlen = 128, invalid_bitlen = 1; 119 120 mbedtls_gcm_init( &ctx ); 121 122 /* mbedtls_gcm_init() */ 123 TEST_INVALID_PARAM( mbedtls_gcm_init( NULL ) ); 124 125 /* mbedtls_gcm_setkey */ 126 TEST_INVALID_PARAM_RET( 127 MBEDTLS_ERR_GCM_BAD_INPUT, 128 mbedtls_gcm_setkey( NULL, valid_cipher, valid_buffer, valid_bitlen ) ); 129 TEST_INVALID_PARAM_RET( 130 MBEDTLS_ERR_GCM_BAD_INPUT, 131 mbedtls_gcm_setkey( &ctx, valid_cipher, NULL, valid_bitlen ) ); 132 TEST_INVALID_PARAM_RET( 133 MBEDTLS_ERR_GCM_BAD_INPUT, 134 mbedtls_gcm_setkey( &ctx, valid_cipher, valid_buffer, invalid_bitlen ) ); 135 136 /* mbedtls_gcm_crypt_and_tag() */ 137 TEST_INVALID_PARAM_RET( 138 MBEDTLS_ERR_GCM_BAD_INPUT, 139 mbedtls_gcm_crypt_and_tag( NULL, valid_mode, valid_len, 140 valid_buffer, valid_len, 141 valid_buffer, valid_len, 142 valid_buffer, valid_buffer, 143 valid_len, valid_buffer ) ); 144 TEST_INVALID_PARAM_RET( 145 MBEDTLS_ERR_GCM_BAD_INPUT, 146 mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, 147 NULL, valid_len, 148 valid_buffer, valid_len, 149 valid_buffer, valid_buffer, 150 valid_len, valid_buffer ) ); 151 TEST_INVALID_PARAM_RET( 152 MBEDTLS_ERR_GCM_BAD_INPUT, 153 mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, 154 valid_buffer, valid_len, 155 NULL, valid_len, 156 valid_buffer, valid_buffer, 157 valid_len, valid_buffer ) ); 158 TEST_INVALID_PARAM_RET( 159 MBEDTLS_ERR_GCM_BAD_INPUT, 160 mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, 161 valid_buffer, valid_len, 162 valid_buffer, valid_len, 163 NULL, valid_buffer, 164 valid_len, valid_buffer ) ); 165 TEST_INVALID_PARAM_RET( 166 MBEDTLS_ERR_GCM_BAD_INPUT, 167 mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, 168 valid_buffer, valid_len, 169 valid_buffer, valid_len, 170 valid_buffer, NULL, 171 valid_len, valid_buffer ) ); 172 TEST_INVALID_PARAM_RET( 173 MBEDTLS_ERR_GCM_BAD_INPUT, 174 mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, 175 valid_buffer, valid_len, 176 valid_buffer, valid_len, 177 valid_buffer, valid_buffer, 178 valid_len, NULL ) ); 179 180 /* mbedtls_gcm_auth_decrypt() */ 181 TEST_INVALID_PARAM_RET( 182 MBEDTLS_ERR_GCM_BAD_INPUT, 183 mbedtls_gcm_auth_decrypt( NULL, valid_len, 184 valid_buffer, valid_len, 185 valid_buffer, valid_len, 186 valid_buffer, valid_len, 187 valid_buffer, valid_buffer) ); 188 TEST_INVALID_PARAM_RET( 189 MBEDTLS_ERR_GCM_BAD_INPUT, 190 mbedtls_gcm_auth_decrypt( &ctx, valid_len, 191 NULL, valid_len, 192 valid_buffer, valid_len, 193 valid_buffer, valid_len, 194 valid_buffer, valid_buffer) ); 195 TEST_INVALID_PARAM_RET( 196 MBEDTLS_ERR_GCM_BAD_INPUT, 197 mbedtls_gcm_auth_decrypt( &ctx, valid_len, 198 valid_buffer, valid_len, 199 NULL, valid_len, 200 valid_buffer, valid_len, 201 valid_buffer, valid_buffer) ); 202 TEST_INVALID_PARAM_RET( 203 MBEDTLS_ERR_GCM_BAD_INPUT, 204 mbedtls_gcm_auth_decrypt( &ctx, valid_len, 205 valid_buffer, valid_len, 206 valid_buffer, valid_len, 207 NULL, valid_len, 208 valid_buffer, valid_buffer) ); 209 TEST_INVALID_PARAM_RET( 210 MBEDTLS_ERR_GCM_BAD_INPUT, 211 mbedtls_gcm_auth_decrypt( &ctx, valid_len, 212 valid_buffer, valid_len, 213 valid_buffer, valid_len, 214 valid_buffer, valid_len, 215 NULL, valid_buffer) ); 216 TEST_INVALID_PARAM_RET( 217 MBEDTLS_ERR_GCM_BAD_INPUT, 218 mbedtls_gcm_auth_decrypt( &ctx, valid_len, 219 valid_buffer, valid_len, 220 valid_buffer, valid_len, 221 valid_buffer, valid_len, 222 valid_buffer, NULL) ); 223 224 /* mbedtls_gcm_starts() */ 225 TEST_INVALID_PARAM_RET( 226 MBEDTLS_ERR_GCM_BAD_INPUT, 227 mbedtls_gcm_starts( NULL, valid_mode, 228 valid_buffer, valid_len, 229 valid_buffer, valid_len ) ); 230 231 TEST_INVALID_PARAM_RET( 232 MBEDTLS_ERR_GCM_BAD_INPUT, 233 mbedtls_gcm_starts( &ctx, valid_mode, 234 NULL, valid_len, 235 valid_buffer, valid_len ) ); 236 237 TEST_INVALID_PARAM_RET( 238 MBEDTLS_ERR_GCM_BAD_INPUT, 239 mbedtls_gcm_starts( &ctx, valid_mode, 240 valid_buffer, valid_len, 241 NULL, valid_len ) ); 242 243 /* mbedtls_gcm_update() */ 244 TEST_INVALID_PARAM_RET( 245 MBEDTLS_ERR_GCM_BAD_INPUT, 246 mbedtls_gcm_update( NULL, valid_len, 247 valid_buffer, valid_buffer ) ); 248 TEST_INVALID_PARAM_RET( 249 MBEDTLS_ERR_GCM_BAD_INPUT, 250 mbedtls_gcm_update( &ctx, valid_len, 251 NULL, valid_buffer ) ); 252 TEST_INVALID_PARAM_RET( 253 MBEDTLS_ERR_GCM_BAD_INPUT, 254 mbedtls_gcm_update( &ctx, valid_len, 255 valid_buffer, NULL ) ); 256 257 /* mbedtls_gcm_finish() */ 258 TEST_INVALID_PARAM_RET( 259 MBEDTLS_ERR_GCM_BAD_INPUT, 260 mbedtls_gcm_finish( NULL, valid_buffer, valid_len ) ); 261 TEST_INVALID_PARAM_RET( 262 MBEDTLS_ERR_GCM_BAD_INPUT, 263 mbedtls_gcm_finish( &ctx, NULL, valid_len ) ); 264 265exit: 266 mbedtls_gcm_free( &ctx ); 267} 268/* END_CASE */ 269 270/* BEGIN_CASE */ 271void gcm_valid_param( ) 272{ 273 TEST_VALID_PARAM( mbedtls_gcm_free( NULL ) ); 274exit: 275 return; 276} 277/* END_CASE */ 278 279/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ 280void gcm_selftest( ) 281{ 282 TEST_ASSERT( mbedtls_gcm_self_test( 1 ) == 0 ); 283} 284/* END_CASE */ 285