Rework how lengths are expressed in CBC test

This is hopefully more readable in the .data file.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2020-07-21 10:37:14 +02:00
parent 4adc04a8a3
commit 864abbff4e
2 changed files with 543 additions and 520 deletions

File diff suppressed because it is too large Load Diff

View File

@ -3454,7 +3454,7 @@ exit:
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */
void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac,
int plaintext_len, int pad_long ) int length_selector )
{ {
/* /*
* Test record decryption for CBC without EtM, focused on the verification * Test record decryption for CBC without EtM, focused on the verification
@ -3464,13 +3464,21 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac,
* and either AES, ARIA, Camellia or DES, but since the test framework * and either AES, ARIA, Camellia or DES, but since the test framework
* doesn't support alternation in dependency statements, just depend on * doesn't support alternation in dependency statements, just depend on
* TLS 1.2 and AES. * TLS 1.2 and AES.
*
* The length_selector argument is interpreted as follows:
* - if it's -1, the plaintext length is 0 and minimal padding is applied
* - if it's -2, the plaintext length is 0 and maximal padding is applied
* - otherwise it must be in [0, 255] and is padding_length from RFC 5246:
* it's the length of the rest of the padding, that is, excluding the
* byte that encodes the length. The minimal non-zero plaintext length
* that gives this padding_length is automatically selected.
*/ */
mbedtls_ssl_context ssl; /* ONLY for debugging */ mbedtls_ssl_context ssl; /* ONLY for debugging */
mbedtls_ssl_transform t0, t1; mbedtls_ssl_transform t0, t1;
mbedtls_record rec, rec_save; mbedtls_record rec, rec_save;
unsigned char *buf = NULL, *buf_save = NULL; unsigned char *buf = NULL, *buf_save = NULL;
size_t buflen, olen = 0; size_t buflen, olen = 0;
size_t block_size, i; size_t plaintext_len, block_size, i;
unsigned char padlen; unsigned char padlen;
unsigned char add_data[13]; unsigned char add_data[13];
unsigned char mac[MBEDTLS_MD_MAX_SIZE]; unsigned char mac[MBEDTLS_MD_MAX_SIZE];
@ -3487,13 +3495,27 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac,
MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 , 0 ) == 0 ); 0 , 0 ) == 0 );
/* Determine padding length */ /* Determine padding/plaintext length */
TEST_ASSERT( length_selector >= -2 && length_selector <= 255 );
block_size = t0.ivlen; block_size = t0.ivlen;
padlen = block_size - ( plaintext_len + t0.maclen + 1 ) % block_size; if( length_selector < 0 )
if( padlen == block_size ) {
padlen = 0; plaintext_len = 0;
if( pad_long )
/* Minimal padding */
padlen = block_size - ( t0.maclen + 1 ) % block_size;
/* Maximal padding? */
if( length_selector == -2 )
padlen += block_size * ( ( pad_max_len - padlen ) / block_size ); padlen += block_size * ( ( pad_max_len - padlen ) / block_size );
}
else
{
padlen = length_selector;
/* Minimal non-zero plaintext_length givin desired padding */
plaintext_len = block_size - ( padlen + t0.maclen + 1 ) % block_size;
}
/* Prepare a buffer for record data */ /* Prepare a buffer for record data */
buflen = block_size buflen = block_size