Add CCM test for edge cases.

Cover:
- not calling auth data update
- not calling cipher text update
- exceeding configured auth data length
- exceeding configured cipher text length

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
This commit is contained in:
Mateusz Starzyk 2021-07-29 14:08:18 +02:00
parent c8bdf36a72
commit 8788906947
2 changed files with 175 additions and 0 deletions

View File

@ -1517,3 +1517,67 @@ mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FD
CCM-Camellia encrypt and tag RFC 5528 #24
depends_on:MBEDTLS_CAMELLIA_C
mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966945F1FCEA7E11BEE6A2F"
CCM encrypt, skip auth NIST VADT AES-128 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b"
CCM* encrypt, skip auth NIST VADT AES-128 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b"
CCM decrypt, skip auth NIST DVPT AES-192 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54"
CCM* decrypt, skip auth NIST DVPT AES-192 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_skip_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54"
CCM encrypt, skip cipher NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880"
CCM* encrypt, skip cipher NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880"
CCM decrypt, skip cipher NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5"
CCM* decrypt, skip cipher NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_skip_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5"
CCM encrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181"
CCM encrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181"
CCM decrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181"
CCM decrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181"
CCM* encrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181"
CCM* encrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181"
CCM* decrypt, overflow auth NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_auth:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181"
CCM* decrypt, overflow cipher NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16)
depends_on:MBEDTLS_AES_C
mbedtls_ccm_overflow_cipher:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181"

View File

@ -454,3 +454,114 @@ exit:
mbedtls_free( io_msg_buf );
}
/* END_CASE */
/* BEGIN_CASE */
void mbedtls_ccm_skip_auth( int cipher_id, int mode,
data_t * key, data_t * msg, data_t * iv,
data_t * result, data_t * tag )
{
mbedtls_ccm_context ctx;
uint8_t *output = NULL;
size_t olen;
/* Sanity checks on the test data */
TEST_EQUAL( msg->len, result->len );
mbedtls_ccm_init( &ctx );
TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, 0, msg->len, tag->len ) );
ASSERT_ALLOC( output, result->len );
olen = 0xdeadbeef;
TEST_EQUAL( 0, mbedtls_ccm_update( &ctx, msg->x, msg->len, output, result->len, &olen ) );
TEST_EQUAL( result->len, olen );
ASSERT_COMPARE( output, olen, result->x, result->len );
mbedtls_free( output );
output = NULL;
ASSERT_ALLOC( output, tag->len );
TEST_EQUAL( 0, mbedtls_ccm_finish( &ctx, output, tag->len ) );
ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
mbedtls_free( output );
output = NULL;
exit:
mbedtls_free( output );
mbedtls_ccm_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE */
void mbedtls_ccm_skip_cipher( int cipher_id, int mode,
data_t * key, data_t * iv, data_t* add,
data_t * tag )
{
mbedtls_ccm_context ctx;
uint8_t *output = NULL;
mbedtls_ccm_init( &ctx );
TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, 0, tag->len ) );
TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
ASSERT_ALLOC( output, tag->len );
TEST_EQUAL( 0, mbedtls_ccm_finish( &ctx, output, tag->len ) );
ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
mbedtls_free( output );
output = NULL;
exit:
mbedtls_free( output );
mbedtls_ccm_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE */
void mbedtls_ccm_overflow_auth( int cipher_id, int mode,
data_t * key, data_t * iv,
data_t * add )
{
mbedtls_ccm_context ctx;
mbedtls_ccm_init( &ctx );
TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
// use hardcoded values for msg length and tag length. They are not a part of this test
// set half of auth data length to provoke an overflow
TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len / 2, 16, 16 ) );
TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
exit:
mbedtls_ccm_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE */
void mbedtls_ccm_overflow_cipher( int cipher_id, int mode,
data_t * key, data_t * msg, data_t * iv,
data_t * add )
{
mbedtls_ccm_context ctx;
uint8_t *output = NULL;
size_t olen;
mbedtls_ccm_init( &ctx );
TEST_EQUAL( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ), 0 );
TEST_EQUAL( 0, mbedtls_ccm_starts( &ctx, mode, iv->x, iv->len ) );
// use hardcoded value for tag length. It is a not a part of this test
// set half of msg length to provoke an overflow
TEST_EQUAL( 0, mbedtls_ccm_set_lengths( &ctx, add->len, msg->len / 2, 16 ) );
TEST_EQUAL( 0, mbedtls_ccm_update_ad( &ctx, add->x, add->len) );
ASSERT_ALLOC( output, msg->len );
TEST_EQUAL( MBEDTLS_ERR_CCM_BAD_INPUT, \
mbedtls_ccm_update( &ctx, msg->x, msg->len, output, msg->len, &olen ) );
exit:
mbedtls_free( output );
mbedtls_ccm_free( &ctx );
}
/* END_CASE */