| /* BEGIN_HEADER */ |
| #include <polarssl/cipher.h> |
| |
| #if defined(POLARSSL_GCM_C) |
| #include <polarssl/gcm.h> |
| #endif |
| /* END_HEADER */ |
| |
| /* BEGIN_DEPENDENCIES |
| * depends_on:POLARSSL_CIPHER_C |
| * END_DEPENDENCIES |
| */ |
| |
| /* BEGIN_CASE */ |
| void enc_dec_buf( int cipher_id, char *cipher_string, int key_len, |
| int length_val, int pad_mode ) |
| { |
| size_t length = length_val, outlen, total_len, i; |
| unsigned char key[32]; |
| unsigned char iv[16]; |
| unsigned char ad[13]; |
| unsigned char tag[16]; |
| unsigned char inbuf[64]; |
| unsigned char encbuf[64]; |
| unsigned char decbuf[64]; |
| |
| const cipher_info_t *cipher_info; |
| cipher_context_t ctx_dec; |
| cipher_context_t ctx_enc; |
| |
| /* |
| * Prepare contexts |
| */ |
| memset( &ctx_dec, 0, sizeof( ctx_dec ) ); |
| memset( &ctx_enc, 0, sizeof( ctx_enc ) ); |
| |
| memset( key, 0x2a, sizeof( key ) ); |
| |
| /* Check and get info structures */ |
| cipher_info = cipher_info_from_type( cipher_id ); |
| TEST_ASSERT( NULL != cipher_info ); |
| TEST_ASSERT( cipher_info_from_string( cipher_string ) == cipher_info ); |
| |
| /* Initialise enc and dec contexts */ |
| TEST_ASSERT( 0 == cipher_init_ctx( &ctx_dec, cipher_info ) ); |
| TEST_ASSERT( 0 == cipher_init_ctx( &ctx_enc, cipher_info ) ); |
| |
| TEST_ASSERT( 0 == cipher_setkey( &ctx_dec, key, key_len, POLARSSL_DECRYPT ) ); |
| TEST_ASSERT( 0 == cipher_setkey( &ctx_enc, key, key_len, POLARSSL_ENCRYPT ) ); |
| |
| #if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) |
| if( -1 != pad_mode ) |
| { |
| TEST_ASSERT( 0 == cipher_set_padding_mode( &ctx_dec, pad_mode ) ); |
| TEST_ASSERT( 0 == cipher_set_padding_mode( &ctx_enc, pad_mode ) ); |
| } |
| #else |
| (void) pad_mode; |
| #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ |
| |
| /* |
| * Do a few encode/decode cycles |
| */ |
| for( i = 0; i < 3; i++ ) |
| { |
| memset( iv , 0x00 + i, sizeof( iv ) ); |
| memset( ad, 0x10 + i, sizeof( ad ) ); |
| memset( inbuf, 0x20 + i, sizeof( inbuf ) ); |
| |
| memset( encbuf, 0, sizeof( encbuf ) ); |
| memset( decbuf, 0, sizeof( decbuf ) ); |
| memset( tag, 0, sizeof( tag ) ); |
| |
| TEST_ASSERT( 0 == cipher_set_iv( &ctx_dec, iv, sizeof( iv ) ) ); |
| TEST_ASSERT( 0 == cipher_set_iv( &ctx_enc, iv, sizeof( iv ) ) ); |
| |
| TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) ); |
| TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) ); |
| |
| #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) ); |
| TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) ); |
| #endif /* POLARSSL_CIPHER_MODE_AEAD */ |
| |
| /* encode length number of bytes from inbuf */ |
| TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) ); |
| total_len = outlen; |
| |
| TEST_ASSERT( total_len == length || |
| ( total_len % cipher_get_block_size( &ctx_enc ) == 0 && |
| total_len < length && |
| total_len + cipher_get_block_size( &ctx_enc ) > length ) ); |
| |
| TEST_ASSERT( 0 == cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) ); |
| total_len += outlen; |
| |
| #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| TEST_ASSERT( 0 == cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) ); |
| #endif /* POLARSSL_CIPHER_MODE_AEAD */ |
| |
| TEST_ASSERT( total_len == length || |
| ( total_len % cipher_get_block_size( &ctx_enc ) == 0 && |
| total_len > length && |
| total_len <= length + cipher_get_block_size( &ctx_enc ) ) ); |
| |
| /* decode the previously encoded string */ |
| TEST_ASSERT( 0 == cipher_update( &ctx_dec, encbuf, total_len, decbuf, &outlen ) ); |
| total_len = outlen; |
| |
| TEST_ASSERT( total_len == length || |
| ( total_len % cipher_get_block_size( &ctx_dec ) == 0 && |
| total_len < length && |
| total_len + cipher_get_block_size( &ctx_dec ) >= length ) ); |
| |
| TEST_ASSERT( 0 == cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) ); |
| total_len += outlen; |
| |
| #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| TEST_ASSERT( 0 == cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) ); |
| #endif /* POLARSSL_CIPHER_MODE_AEAD */ |
| |
| /* check result */ |
| TEST_ASSERT( total_len == length ); |
| TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) ); |
| } |
| |
| /* |
| * Done |
| */ |
| TEST_ASSERT( 0 == cipher_free_ctx( &ctx_dec ) ); |
| TEST_ASSERT( 0 == cipher_free_ctx( &ctx_enc ) ); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE */ |
| void enc_fail( int cipher_id, int pad_mode, int key_len, |
| int length_val, int ret ) |
| { |
| size_t length = length_val; |
| unsigned char key[32]; |
| unsigned char iv[16]; |
| |
| const cipher_info_t *cipher_info; |
| cipher_context_t ctx; |
| |
| unsigned char inbuf[64]; |
| unsigned char encbuf[64]; |
| |
| size_t outlen = 0; |
| |
| memset( key, 0, 32 ); |
| memset( iv , 0, 16 ); |
| |
| memset( &ctx, 0, sizeof( ctx ) ); |
| |
| memset( inbuf, 5, 64 ); |
| memset( encbuf, 0, 64 ); |
| |
| /* Check and get info structures */ |
| cipher_info = cipher_info_from_type( cipher_id ); |
| TEST_ASSERT( NULL != cipher_info ); |
| |
| /* Initialise context */ |
| TEST_ASSERT( 0 == cipher_init_ctx( &ctx, cipher_info ) ); |
| TEST_ASSERT( 0 == cipher_setkey( &ctx, key, key_len, POLARSSL_ENCRYPT ) ); |
| #if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) |
| TEST_ASSERT( 0 == cipher_set_padding_mode( &ctx, pad_mode ) ); |
| #else |
| (void) pad_mode; |
| #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ |
| TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, 16 ) ); |
| TEST_ASSERT( 0 == cipher_reset( &ctx ) ); |
| #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| TEST_ASSERT( 0 == cipher_update_ad( &ctx, NULL, 0 ) ); |
| #endif /* POLARSSL_CIPHER_MODE_AEAD */ |
| |
| /* encode length number of bytes from inbuf */ |
| TEST_ASSERT( 0 == cipher_update( &ctx, inbuf, length, encbuf, &outlen ) ); |
| TEST_ASSERT( ret == cipher_finish( &ctx, encbuf + outlen, &outlen ) ); |
| |
| /* done */ |
| TEST_ASSERT( 0 == cipher_free_ctx( &ctx ) ); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE */ |
| void dec_empty_buf() |
| { |
| unsigned char key[32]; |
| unsigned char iv[16]; |
| |
| cipher_context_t ctx_dec; |
| const cipher_info_t *cipher_info; |
| |
| unsigned char encbuf[64]; |
| unsigned char decbuf[64]; |
| |
| size_t outlen = 0; |
| |
| memset( key, 0, 32 ); |
| memset( iv , 0, 16 ); |
| |
| memset( &ctx_dec, 0, sizeof( ctx_dec ) ); |
| |
| memset( encbuf, 0, 64 ); |
| memset( decbuf, 0, 64 ); |
| |
| /* Initialise context */ |
| cipher_info = cipher_info_from_type( POLARSSL_CIPHER_AES_128_CBC ); |
| TEST_ASSERT( NULL != cipher_info); |
| |
| TEST_ASSERT( 0 == cipher_init_ctx( &ctx_dec, cipher_info ) ); |
| |
| TEST_ASSERT( 0 == cipher_setkey( &ctx_dec, key, 128, POLARSSL_DECRYPT ) ); |
| |
| TEST_ASSERT( 0 == cipher_set_iv( &ctx_dec, iv, 16 ) ); |
| |
| TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) ); |
| |
| #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) ); |
| #endif /* POLARSSL_CIPHER_MODE_AEAD */ |
| |
| /* decode 0-byte string */ |
| TEST_ASSERT( 0 == cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); |
| TEST_ASSERT( 0 == outlen ); |
| TEST_ASSERT( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED == cipher_finish( |
| &ctx_dec, decbuf + outlen, &outlen ) ); |
| TEST_ASSERT( 0 == outlen ); |
| |
| TEST_ASSERT( 0 == cipher_free_ctx( &ctx_dec ) ); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE */ |
| void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val, |
| int second_length_val ) |
| { |
| size_t first_length = first_length_val; |
| size_t second_length = second_length_val; |
| size_t length = first_length + second_length; |
| unsigned char key[32]; |
| unsigned char iv[16]; |
| |
| cipher_context_t ctx_dec; |
| cipher_context_t ctx_enc; |
| const cipher_info_t *cipher_info; |
| |
| unsigned char inbuf[64]; |
| unsigned char encbuf[64]; |
| unsigned char decbuf[64]; |
| |
| size_t outlen = 0; |
| size_t totaloutlen = 0; |
| |
| memset( key, 0, 32 ); |
| memset( iv , 0, 16 ); |
| |
| memset( &ctx_dec, 0, sizeof( ctx_dec ) ); |
| memset( &ctx_enc, 0, sizeof( ctx_enc ) ); |
| |
| memset( inbuf, 5, 64 ); |
| memset( encbuf, 0, 64 ); |
| memset( decbuf, 0, 64 ); |
| |
| /* Initialise enc and dec contexts */ |
| cipher_info = cipher_info_from_type( cipher_id ); |
| TEST_ASSERT( NULL != cipher_info); |
| |
| TEST_ASSERT( 0 == cipher_init_ctx( &ctx_dec, cipher_info ) ); |
| TEST_ASSERT( 0 == cipher_init_ctx( &ctx_enc, cipher_info ) ); |
| |
| TEST_ASSERT( 0 == cipher_setkey( &ctx_dec, key, key_len, POLARSSL_DECRYPT ) ); |
| TEST_ASSERT( 0 == cipher_setkey( &ctx_enc, key, key_len, POLARSSL_ENCRYPT ) ); |
| |
| TEST_ASSERT( 0 == cipher_set_iv( &ctx_dec, iv, 16 ) ); |
| TEST_ASSERT( 0 == cipher_set_iv( &ctx_enc, iv, 16 ) ); |
| |
| TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) ); |
| TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) ); |
| |
| #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) ); |
| TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, NULL, 0 ) ); |
| #endif /* POLARSSL_CIPHER_MODE_AEAD */ |
| |
| /* encode length number of bytes from inbuf */ |
| TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) ); |
| totaloutlen = outlen; |
| TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf + first_length, second_length, encbuf + totaloutlen, &outlen ) ); |
| totaloutlen += outlen; |
| TEST_ASSERT( totaloutlen == length || |
| ( totaloutlen % cipher_get_block_size( &ctx_enc ) == 0 && |
| totaloutlen < length && |
| totaloutlen + cipher_get_block_size( &ctx_enc ) > length ) ); |
| |
| TEST_ASSERT( 0 == cipher_finish( &ctx_enc, encbuf + totaloutlen, &outlen ) ); |
| totaloutlen += outlen; |
| TEST_ASSERT( totaloutlen == length || |
| ( totaloutlen % cipher_get_block_size( &ctx_enc ) == 0 && |
| totaloutlen > length && |
| totaloutlen <= length + cipher_get_block_size( &ctx_enc ) ) ); |
| |
| /* decode the previously encoded string */ |
| TEST_ASSERT( 0 == cipher_update( &ctx_dec, encbuf, totaloutlen, decbuf, &outlen ) ); |
| totaloutlen = outlen; |
| |
| TEST_ASSERT( totaloutlen == length || |
| ( totaloutlen % cipher_get_block_size( &ctx_dec ) == 0 && |
| totaloutlen < length && |
| totaloutlen + cipher_get_block_size( &ctx_dec ) >= length ) ); |
| |
| TEST_ASSERT( 0 == cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) ); |
| totaloutlen += outlen; |
| |
| TEST_ASSERT( totaloutlen == length ); |
| |
| TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) ); |
| |
| TEST_ASSERT( 0 == cipher_free_ctx( &ctx_dec ) ); |
| TEST_ASSERT( 0 == cipher_free_ctx( &ctx_enc ) ); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE */ |
| void decrypt_test_vec( int cipher_id, int pad_mode, |
| char *hex_key, char *hex_iv, |
| char *hex_cipher, char *hex_clear, |
| char *hex_ad, char *hex_tag, |
| int finish_result, int tag_result ) |
| { |
| unsigned char key[50]; |
| unsigned char iv[50]; |
| unsigned char cipher[200]; |
| unsigned char clear[200]; |
| unsigned char ad[200]; |
| unsigned char tag[20]; |
| size_t key_len, iv_len, cipher_len, clear_len; |
| #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| size_t ad_len, tag_len; |
| #endif |
| cipher_context_t ctx; |
| unsigned char output[200]; |
| size_t outlen, total_len; |
| |
| memset( key, 0x00, sizeof( key ) ); |
| memset( iv, 0x00, sizeof( iv ) ); |
| memset( cipher, 0x00, sizeof( cipher ) ); |
| memset( clear, 0x00, sizeof( clear ) ); |
| memset( ad, 0x00, sizeof( ad ) ); |
| memset( tag, 0x00, sizeof( tag ) ); |
| memset( output, 0x00, sizeof( output ) ); |
| |
| key_len = unhexify( key, hex_key ); |
| iv_len = unhexify( iv, hex_iv ); |
| cipher_len = unhexify( cipher, hex_cipher ); |
| clear_len = unhexify( clear, hex_clear ); |
| #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| ad_len = unhexify( ad, hex_ad ); |
| tag_len = unhexify( tag, hex_tag ); |
| #else |
| ((void) hex_ad); |
| ((void) hex_tag); |
| #endif |
| |
| /* Prepare context */ |
| TEST_ASSERT( 0 == cipher_init_ctx( &ctx, |
| cipher_info_from_type( cipher_id ) ) ); |
| TEST_ASSERT( 0 == cipher_setkey( &ctx, key, 8 * key_len, POLARSSL_DECRYPT ) ); |
| #if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) |
| if( pad_mode != -1 ) |
| TEST_ASSERT( 0 == cipher_set_padding_mode( &ctx, pad_mode ) ); |
| #else |
| (void) pad_mode; |
| #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ |
| TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, iv_len ) ); |
| TEST_ASSERT( 0 == cipher_reset( &ctx ) ); |
| #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| TEST_ASSERT( 0 == cipher_update_ad( &ctx, ad, ad_len ) ); |
| #endif /* POLARSSL_CIPHER_MODE_AEAD */ |
| |
| /* decode buffer and check tag */ |
| total_len = 0; |
| TEST_ASSERT( 0 == cipher_update( &ctx, cipher, cipher_len, output, &outlen ) ); |
| total_len += outlen; |
| TEST_ASSERT( finish_result == cipher_finish( &ctx, output + outlen, |
| &outlen ) ); |
| total_len += outlen; |
| #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| TEST_ASSERT( tag_result == cipher_check_tag( &ctx, tag, tag_len ) ); |
| #endif /* POLARSSL_CIPHER_MODE_AEAD */ |
| |
| /* check plaintext only if everything went fine */ |
| if( 0 == finish_result && 0 == tag_result ) |
| { |
| TEST_ASSERT( total_len == clear_len ); |
| TEST_ASSERT( 0 == memcmp( output, clear, clear_len ) ); |
| } |
| |
| cipher_free_ctx( &ctx ); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE */ |
| void test_vec_ecb( int cipher_id, int operation, char *hex_key, |
| char *hex_input, char *hex_result, |
| int finish_result ) |
| { |
| unsigned char key[50]; |
| unsigned char input[16]; |
| unsigned char result[16]; |
| size_t key_len; |
| cipher_context_t ctx; |
| unsigned char output[32]; |
| size_t outlen; |
| |
| memset( key, 0x00, sizeof( key ) ); |
| memset( input, 0x00, sizeof( input ) ); |
| memset( result, 0x00, sizeof( result ) ); |
| memset( output, 0x00, sizeof( output ) ); |
| |
| /* Prepare context */ |
| TEST_ASSERT( 0 == cipher_init_ctx( &ctx, |
| cipher_info_from_type( cipher_id ) ) ); |
| |
| key_len = unhexify( key, hex_key ); |
| TEST_ASSERT( unhexify( input, hex_input ) == |
| (int) cipher_get_block_size( &ctx ) ); |
| TEST_ASSERT( unhexify( result, hex_result ) == |
| (int) cipher_get_block_size( &ctx ) ); |
| |
| TEST_ASSERT( 0 == cipher_setkey( &ctx, key, 8 * key_len, operation ) ); |
| |
| TEST_ASSERT( 0 == cipher_update( &ctx, input, |
| cipher_get_block_size( &ctx ), |
| output, &outlen ) ); |
| TEST_ASSERT( outlen == cipher_get_block_size( &ctx ) ); |
| TEST_ASSERT( finish_result == cipher_finish( &ctx, output + outlen, |
| &outlen ) ); |
| TEST_ASSERT( 0 == outlen ); |
| |
| /* check plaintext only if everything went fine */ |
| if( 0 == finish_result ) |
| TEST_ASSERT( 0 == memcmp( output, result, |
| cipher_get_block_size( &ctx ) ) ); |
| |
| cipher_free_ctx( &ctx ); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE depends_on:POLARSSL_CIPHER_MODE_WITH_PADDING */ |
| void set_padding( int cipher_id, int pad_mode, int ret ) |
| { |
| const cipher_info_t *cipher_info; |
| cipher_context_t ctx; |
| |
| cipher_info = cipher_info_from_type( cipher_id ); |
| TEST_ASSERT( NULL != cipher_info ); |
| TEST_ASSERT( 0 == cipher_init_ctx( &ctx, cipher_info ) ); |
| |
| TEST_ASSERT( ret == cipher_set_padding_mode( &ctx, pad_mode ) ); |
| |
| TEST_ASSERT( 0 == cipher_free_ctx( &ctx ) ); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE depends_on:POLARSSL_CIPHER_MODE_CBC */ |
| void check_padding( int pad_mode, char *input_str, int ret, int dlen_check ) |
| { |
| cipher_info_t cipher_info; |
| cipher_context_t ctx; |
| unsigned char input[16]; |
| size_t ilen, dlen; |
| |
| /* build a fake context just for getting access to get_padding */ |
| memset( &ctx, 0, sizeof( ctx ) ); |
| cipher_info.mode = POLARSSL_MODE_CBC; |
| ctx.cipher_info = &cipher_info; |
| |
| TEST_ASSERT( 0 == cipher_set_padding_mode( &ctx, pad_mode ) ); |
| |
| ilen = unhexify( input, input_str ); |
| |
| TEST_ASSERT( ret == ctx.get_padding( input, ilen, &dlen ) ); |
| if( 0 == ret ) |
| TEST_ASSERT( dlen == (size_t) dlen_check ); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */ |
| void cipher_selftest() |
| { |
| TEST_ASSERT( cipher_self_test( 0 ) == 0 ); |
| } |
| /* END_CASE */ |