1/* BEGIN_HEADER */ 2#include "mbedtls/ccm.h" 3/* END_HEADER */ 4 5/* BEGIN_DEPENDENCIES 6 * depends_on:MBEDTLS_CCM_C 7 * END_DEPENDENCIES 8 */ 9 10/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ 11void mbedtls_ccm_self_test() 12{ 13 TEST_ASSERT(mbedtls_ccm_self_test(1) == 0); 14} 15/* END_CASE */ 16 17/* BEGIN_CASE */ 18void mbedtls_ccm_setkey(int cipher_id, int key_size, int result) 19{ 20 mbedtls_ccm_context ctx; 21 unsigned char key[32]; 22 int ret; 23 24 mbedtls_ccm_init(&ctx); 25 26 memset(key, 0x2A, sizeof(key)); 27 TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key)); 28 29 ret = mbedtls_ccm_setkey(&ctx, cipher_id, key, key_size); 30 TEST_ASSERT(ret == result); 31 32exit: 33 mbedtls_ccm_free(&ctx); 34} 35/* END_CASE */ 36 37/* BEGIN_CASE depends_on:MBEDTLS_AES_C */ 38void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res) 39{ 40 mbedtls_ccm_context ctx; 41 unsigned char key[16]; 42 unsigned char msg[10]; 43 unsigned char iv[14]; 44 unsigned char *add = NULL; 45 unsigned char out[10]; 46 unsigned char tag[18]; 47 int decrypt_ret; 48 49 mbedtls_ccm_init(&ctx); 50 51 TEST_CALLOC_OR_SKIP(add, add_len); 52 memset(key, 0, sizeof(key)); 53 memset(msg, 0, sizeof(msg)); 54 memset(iv, 0, sizeof(iv)); 55 memset(out, 0, sizeof(out)); 56 memset(tag, 0, sizeof(tag)); 57 58 TEST_ASSERT(mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, 59 key, 8 * sizeof(key)) == 0); 60 61 TEST_ASSERT(mbedtls_ccm_encrypt_and_tag(&ctx, msg_len, iv, iv_len, add, add_len, 62 msg, out, tag, tag_len) == res); 63 64 decrypt_ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len, iv, iv_len, add, add_len, 65 msg, out, tag, tag_len); 66 67 if (res == 0) { 68 TEST_ASSERT(decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED); 69 } else { 70 TEST_ASSERT(decrypt_ret == res); 71 } 72 73exit: 74 mbedtls_free(add); 75 mbedtls_ccm_free(&ctx); 76} 77/* END_CASE */ 78 79/* BEGIN_CASE depends_on:MBEDTLS_AES_C */ 80void ccm_star_lengths(int msg_len, int iv_len, int add_len, int tag_len, 81 int res) 82{ 83 mbedtls_ccm_context ctx; 84 unsigned char key[16]; 85 unsigned char msg[10]; 86 unsigned char iv[14]; 87 unsigned char add[10]; 88 unsigned char out[10]; 89 unsigned char tag[18]; 90 int decrypt_ret; 91 92 mbedtls_ccm_init(&ctx); 93 94 memset(key, 0, sizeof(key)); 95 memset(msg, 0, sizeof(msg)); 96 memset(iv, 0, sizeof(iv)); 97 memset(add, 0, sizeof(add)); 98 memset(out, 0, sizeof(out)); 99 memset(tag, 0, sizeof(tag)); 100 101 TEST_ASSERT(mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, 102 key, 8 * sizeof(key)) == 0); 103 104 TEST_ASSERT(mbedtls_ccm_star_encrypt_and_tag(&ctx, msg_len, iv, iv_len, 105 add, add_len, msg, out, tag, tag_len) == res); 106 107 decrypt_ret = mbedtls_ccm_star_auth_decrypt(&ctx, msg_len, iv, iv_len, add, 108 add_len, msg, out, tag, tag_len); 109 110 if (res == 0 && tag_len != 0) { 111 TEST_ASSERT(decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED); 112 } else { 113 TEST_ASSERT(decrypt_ret == res); 114 } 115 116exit: 117 mbedtls_ccm_free(&ctx); 118} 119/* END_CASE */ 120 121/* BEGIN_CASE */ 122void mbedtls_ccm_encrypt_and_tag(int cipher_id, data_t *key, 123 data_t *msg, data_t *iv, 124 data_t *add, data_t *result) 125{ 126 mbedtls_ccm_context ctx; 127 size_t tag_len; 128 uint8_t *msg_n_tag = (uint8_t *) malloc(result->len + 2); 129 130 mbedtls_ccm_init(&ctx); 131 132 memset(msg_n_tag, 0, result->len + 2); 133 memcpy(msg_n_tag, msg->x, msg->len); 134 135 tag_len = result->len - msg->len; 136 137 TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0); 138 139 /* Test with input == output */ 140 TEST_ASSERT(mbedtls_ccm_encrypt_and_tag(&ctx, msg->len, iv->x, iv->len, add->x, add->len, 141 msg_n_tag, msg_n_tag, msg_n_tag + msg->len, 142 tag_len) == 0); 143 144 TEST_ASSERT(memcmp(msg_n_tag, result->x, result->len) == 0); 145 146 /* Check we didn't write past the end */ 147 TEST_ASSERT(msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0); 148 149exit: 150 mbedtls_ccm_free(&ctx); 151 free(msg_n_tag); 152} 153/* END_CASE */ 154 155/* BEGIN_CASE */ 156void mbedtls_ccm_auth_decrypt(int cipher_id, data_t *key, 157 data_t *msg, data_t *iv, 158 data_t *add, int tag_len, int result, 159 data_t *expected_msg) 160{ 161 unsigned char tag[16]; 162 mbedtls_ccm_context ctx; 163 164 mbedtls_ccm_init(&ctx); 165 166 memset(tag, 0x00, sizeof(tag)); 167 168 msg->len -= tag_len; 169 memcpy(tag, msg->x + msg->len, tag_len); 170 171 TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0); 172 173 /* Test with input == output */ 174 TEST_ASSERT(mbedtls_ccm_auth_decrypt(&ctx, msg->len, iv->x, iv->len, add->x, add->len, 175 msg->x, msg->x, msg->x + msg->len, tag_len) == result); 176 177 if (result == 0) { 178 TEST_ASSERT(memcmp(msg->x, expected_msg->x, expected_msg->len) == 0); 179 } else { 180 size_t i; 181 182 for (i = 0; i < msg->len; i++) { 183 TEST_ASSERT(msg->x[i] == 0); 184 } 185 } 186 187 /* Check we didn't write past the end (where the original tag is) */ 188 TEST_ASSERT(memcmp(msg->x + msg->len, tag, tag_len) == 0); 189 190exit: 191 mbedtls_ccm_free(&ctx); 192} 193/* END_CASE */ 194 195/* BEGIN_CASE */ 196void mbedtls_ccm_star_encrypt_and_tag(int cipher_id, 197 data_t *key, data_t *msg, 198 data_t *source_address, data_t *frame_counter, 199 int sec_level, data_t *add, 200 data_t *expected_result, int output_ret) 201{ 202 unsigned char iv[13]; 203 unsigned char result[50]; 204 mbedtls_ccm_context ctx; 205 size_t iv_len, tag_len; 206 int ret; 207 208 mbedtls_ccm_init(&ctx); 209 210 memset(result, 0x00, sizeof(result)); 211 212 if (sec_level % 4 == 0) { 213 tag_len = 0; 214 } else { 215 tag_len = 1 << (sec_level % 4 + 1); 216 } 217 218 TEST_ASSERT(source_address->len == 8); 219 TEST_ASSERT(frame_counter->len == 4); 220 memcpy(iv, source_address->x, source_address->len); 221 memcpy(iv + source_address->len, frame_counter->x, frame_counter->len); 222 iv[source_address->len + frame_counter->len] = sec_level; 223 iv_len = sizeof(iv); 224 225 TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, 226 key->x, key->len * 8) == 0); 227 228 ret = mbedtls_ccm_star_encrypt_and_tag(&ctx, msg->len, iv, iv_len, 229 add->x, add->len, msg->x, 230 result, result + msg->len, tag_len); 231 232 TEST_ASSERT(ret == output_ret); 233 234 TEST_ASSERT(memcmp(result, 235 expected_result->x, expected_result->len) == 0); 236 237 /* Check we didn't write past the end */ 238 TEST_ASSERT(result[expected_result->len] == 0 && 239 result[expected_result->len + 1] == 0); 240 241exit: 242 mbedtls_ccm_free(&ctx); 243} 244/* END_CASE */ 245 246/* BEGIN_CASE */ 247void mbedtls_ccm_star_auth_decrypt(int cipher_id, 248 data_t *key, data_t *msg, 249 data_t *source_address, data_t *frame_counter, 250 int sec_level, data_t *add, 251 data_t *expected_result, int output_ret) 252{ 253 unsigned char iv[13]; 254 unsigned char result[50]; 255 mbedtls_ccm_context ctx; 256 size_t iv_len, tag_len; 257 int ret; 258 259 mbedtls_ccm_init(&ctx); 260 261 memset(iv, 0x00, sizeof(iv)); 262 memset(result, '+', sizeof(result)); 263 264 if (sec_level % 4 == 0) { 265 tag_len = 0; 266 } else { 267 tag_len = 1 << (sec_level % 4 + 1); 268 } 269 270 TEST_ASSERT(source_address->len == 8); 271 TEST_ASSERT(frame_counter->len == 4); 272 memcpy(iv, source_address->x, source_address->len); 273 memcpy(iv + source_address->len, frame_counter->x, frame_counter->len); 274 iv[source_address->len + frame_counter->len] = sec_level; 275 iv_len = sizeof(iv); 276 277 TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0); 278 279 ret = mbedtls_ccm_star_auth_decrypt(&ctx, msg->len - tag_len, iv, iv_len, 280 add->x, add->len, msg->x, result, 281 msg->x + msg->len - tag_len, tag_len); 282 283 TEST_ASSERT(ret == output_ret); 284 285 TEST_ASSERT(memcmp(result, expected_result->x, 286 expected_result->len) == 0); 287 288 /* Check we didn't write past the end (where the original tag is) */ 289 TEST_ASSERT((msg->len + 2) <= sizeof(result)); 290 TEST_EQUAL(result[msg->len], '+'); 291 TEST_EQUAL(result[msg->len + 1], '+'); 292 293exit: 294 mbedtls_ccm_free(&ctx); 295} 296/* END_CASE */ 297 298/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ 299void ccm_invalid_param() 300{ 301 struct mbedtls_ccm_context ctx; 302 unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; 303 mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES; 304 int valid_len = sizeof(valid_buffer); 305 int valid_bitlen = valid_len * 8; 306 307 mbedtls_ccm_init(&ctx); 308 309 /* mbedtls_ccm_init() */ 310 TEST_INVALID_PARAM(mbedtls_ccm_init(NULL)); 311 312 /* mbedtls_ccm_setkey() */ 313 TEST_INVALID_PARAM_RET( 314 MBEDTLS_ERR_CCM_BAD_INPUT, 315 mbedtls_ccm_setkey(NULL, valid_cipher, valid_buffer, valid_bitlen)); 316 TEST_INVALID_PARAM_RET( 317 MBEDTLS_ERR_CCM_BAD_INPUT, 318 mbedtls_ccm_setkey(&ctx, valid_cipher, NULL, valid_bitlen)); 319 320 /* mbedtls_ccm_encrypt_and_tag() */ 321 TEST_INVALID_PARAM_RET( 322 MBEDTLS_ERR_CCM_BAD_INPUT, 323 mbedtls_ccm_encrypt_and_tag(NULL, valid_len, 324 valid_buffer, valid_len, 325 valid_buffer, valid_len, 326 valid_buffer, valid_buffer, 327 valid_buffer, valid_len)); 328 TEST_INVALID_PARAM_RET( 329 MBEDTLS_ERR_CCM_BAD_INPUT, 330 mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, 331 NULL, valid_len, 332 valid_buffer, valid_len, 333 valid_buffer, valid_buffer, 334 valid_buffer, valid_len)); 335 TEST_INVALID_PARAM_RET( 336 MBEDTLS_ERR_CCM_BAD_INPUT, 337 mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, 338 valid_buffer, valid_len, 339 NULL, valid_len, 340 valid_buffer, valid_buffer, 341 valid_buffer, valid_len)); 342 TEST_INVALID_PARAM_RET( 343 MBEDTLS_ERR_CCM_BAD_INPUT, 344 mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, 345 valid_buffer, valid_len, 346 valid_buffer, valid_len, 347 NULL, valid_buffer, 348 valid_buffer, valid_len)); 349 TEST_INVALID_PARAM_RET( 350 MBEDTLS_ERR_CCM_BAD_INPUT, 351 mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, 352 valid_buffer, valid_len, 353 valid_buffer, valid_len, 354 valid_buffer, NULL, 355 valid_buffer, valid_len)); 356 TEST_INVALID_PARAM_RET( 357 MBEDTLS_ERR_CCM_BAD_INPUT, 358 mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, 359 valid_buffer, valid_len, 360 valid_buffer, valid_len, 361 valid_buffer, valid_buffer, 362 NULL, valid_len)); 363 364 /* mbedtls_ccm_star_encrypt_and_tag() */ 365 TEST_INVALID_PARAM_RET( 366 MBEDTLS_ERR_CCM_BAD_INPUT, 367 mbedtls_ccm_star_encrypt_and_tag(NULL, valid_len, 368 valid_buffer, valid_len, 369 valid_buffer, valid_len, 370 valid_buffer, valid_buffer, 371 valid_buffer, valid_len)); 372 TEST_INVALID_PARAM_RET( 373 MBEDTLS_ERR_CCM_BAD_INPUT, 374 mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, 375 NULL, valid_len, 376 valid_buffer, valid_len, 377 valid_buffer, valid_buffer, 378 valid_buffer, valid_len)); 379 TEST_INVALID_PARAM_RET( 380 MBEDTLS_ERR_CCM_BAD_INPUT, 381 mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, 382 valid_buffer, valid_len, 383 NULL, valid_len, 384 valid_buffer, valid_buffer, 385 valid_buffer, valid_len)); 386 TEST_INVALID_PARAM_RET( 387 MBEDTLS_ERR_CCM_BAD_INPUT, 388 mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, 389 valid_buffer, valid_len, 390 valid_buffer, valid_len, 391 NULL, valid_buffer, 392 valid_buffer, valid_len)); 393 TEST_INVALID_PARAM_RET( 394 MBEDTLS_ERR_CCM_BAD_INPUT, 395 mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, 396 valid_buffer, valid_len, 397 valid_buffer, valid_len, 398 valid_buffer, NULL, 399 valid_buffer, valid_len)); 400 TEST_INVALID_PARAM_RET( 401 MBEDTLS_ERR_CCM_BAD_INPUT, 402 mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, 403 valid_buffer, valid_len, 404 valid_buffer, valid_len, 405 valid_buffer, valid_buffer, 406 NULL, valid_len)); 407 408 /* mbedtls_ccm_auth_decrypt() */ 409 TEST_INVALID_PARAM_RET( 410 MBEDTLS_ERR_CCM_BAD_INPUT, 411 mbedtls_ccm_auth_decrypt(NULL, valid_len, 412 valid_buffer, valid_len, 413 valid_buffer, valid_len, 414 valid_buffer, valid_buffer, 415 valid_buffer, valid_len)); 416 TEST_INVALID_PARAM_RET( 417 MBEDTLS_ERR_CCM_BAD_INPUT, 418 mbedtls_ccm_auth_decrypt(&ctx, valid_len, 419 NULL, valid_len, 420 valid_buffer, valid_len, 421 valid_buffer, valid_buffer, 422 valid_buffer, valid_len)); 423 TEST_INVALID_PARAM_RET( 424 MBEDTLS_ERR_CCM_BAD_INPUT, 425 mbedtls_ccm_auth_decrypt(&ctx, valid_len, 426 valid_buffer, valid_len, 427 NULL, valid_len, 428 valid_buffer, valid_buffer, 429 valid_buffer, valid_len)); 430 TEST_INVALID_PARAM_RET( 431 MBEDTLS_ERR_CCM_BAD_INPUT, 432 mbedtls_ccm_auth_decrypt(&ctx, valid_len, 433 valid_buffer, valid_len, 434 valid_buffer, valid_len, 435 NULL, valid_buffer, 436 valid_buffer, valid_len)); 437 TEST_INVALID_PARAM_RET( 438 MBEDTLS_ERR_CCM_BAD_INPUT, 439 mbedtls_ccm_auth_decrypt(&ctx, valid_len, 440 valid_buffer, valid_len, 441 valid_buffer, valid_len, 442 valid_buffer, NULL, 443 valid_buffer, valid_len)); 444 TEST_INVALID_PARAM_RET( 445 MBEDTLS_ERR_CCM_BAD_INPUT, 446 mbedtls_ccm_auth_decrypt(&ctx, valid_len, 447 valid_buffer, valid_len, 448 valid_buffer, valid_len, 449 valid_buffer, valid_buffer, 450 NULL, valid_len)); 451 452 /* mbedtls_ccm_star_auth_decrypt() */ 453 TEST_INVALID_PARAM_RET( 454 MBEDTLS_ERR_CCM_BAD_INPUT, 455 mbedtls_ccm_star_auth_decrypt(NULL, valid_len, 456 valid_buffer, valid_len, 457 valid_buffer, valid_len, 458 valid_buffer, valid_buffer, 459 valid_buffer, valid_len)); 460 TEST_INVALID_PARAM_RET( 461 MBEDTLS_ERR_CCM_BAD_INPUT, 462 mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, 463 NULL, valid_len, 464 valid_buffer, valid_len, 465 valid_buffer, valid_buffer, 466 valid_buffer, valid_len)); 467 TEST_INVALID_PARAM_RET( 468 MBEDTLS_ERR_CCM_BAD_INPUT, 469 mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, 470 valid_buffer, valid_len, 471 NULL, valid_len, 472 valid_buffer, valid_buffer, 473 valid_buffer, valid_len)); 474 TEST_INVALID_PARAM_RET( 475 MBEDTLS_ERR_CCM_BAD_INPUT, 476 mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, 477 valid_buffer, valid_len, 478 valid_buffer, valid_len, 479 NULL, valid_buffer, 480 valid_buffer, valid_len)); 481 TEST_INVALID_PARAM_RET( 482 MBEDTLS_ERR_CCM_BAD_INPUT, 483 mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, 484 valid_buffer, valid_len, 485 valid_buffer, valid_len, 486 valid_buffer, NULL, 487 valid_buffer, valid_len)); 488 TEST_INVALID_PARAM_RET( 489 MBEDTLS_ERR_CCM_BAD_INPUT, 490 mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, 491 valid_buffer, valid_len, 492 valid_buffer, valid_len, 493 valid_buffer, valid_buffer, 494 NULL, valid_len)); 495 496exit: 497 mbedtls_ccm_free(&ctx); 498 return; 499} 500/* END_CASE */ 501 502/* BEGIN_CASE */ 503void ccm_valid_param() 504{ 505 TEST_VALID_PARAM(mbedtls_ccm_free(NULL)); 506exit: 507 return; 508} 509/* END_CASE */ 510