From 87df5ba0a1d3e102253bc7f5f5c29af7eca79585 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 6 May 2014 18:07:24 +0200
Subject: [PATCH] Add test for length checks

---
 tests/suites/test_suite_ccm.data     | 24 ++++++++++++++++++
 tests/suites/test_suite_ccm.function | 37 ++++++++++++++++++++++++++++
 2 files changed, 61 insertions(+)

diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data
index efe050829..ecb6f9cf3 100644
--- a/tests/suites/test_suite_ccm.data
+++ b/tests/suites/test_suite_ccm.data
@@ -17,6 +17,30 @@ CCM init #4 BLOWFISH-128: bad block size
 depends_on:POLARSSL_BLOWFISH_C
 ccm_init:POLARSSL_CIPHER_ID_BLOWFISH:128:POLARSSL_ERR_CCM_BAD_INPUT
 
+CCM lengths #1 all OK
+ccm_lengths:5:10:5:8:0
+
+CCM lengths #2 nonce too short
+ccm_lengths:5:6:5:8:POLARSSL_ERR_CCM_BAD_INPUT
+
+CCM lengths #3 nonce too long
+ccm_lengths:5:14:5:8:POLARSSL_ERR_CCM_BAD_INPUT
+
+CCM lengths #4 tag too short
+ccm_lengths:5:10:5:2:POLARSSL_ERR_CCM_BAD_INPUT
+
+CCM lengths #5 tag too long
+ccm_lengths:5:10:5:18:POLARSSL_ERR_CCM_BAD_INPUT
+
+CCM lengths #6 tag length not even
+ccm_lengths:5:10:5:7:POLARSSL_ERR_CCM_BAD_INPUT
+
+CCM lenghts #7 AD too long (2^16 - 2^8 + 1)
+ccm_lengths:5:10:65281:8:POLARSSL_ERR_CCM_BAD_INPUT
+
+CCM lengths #8 msg too long for this IV length (2^16, q = 2)
+ccm_lengths:65536:13:5:8:POLARSSL_ERR_CCM_BAD_INPUT
+
 CCM encrypt and tag RFC 3610 #1
 depends_on:POLARSSL_AES_C
 ccm_encrypt_and_tag:POLARSSL_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":"00000003020100A0A1A2A3A4A5":"0001020304050607":"588C979A61C663D2F066D0C2C0F989806D5F6B61DAC38417E8D12CFDF926E0"
diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function
index 74b745862..b259edf0a 100644
--- a/tests/suites/test_suite_ccm.function
+++ b/tests/suites/test_suite_ccm.function
@@ -31,6 +31,43 @@ void ccm_init( int cipher_id, int key_size, int result )
 }
 /* END_CASE */
 
+/* BEGIN_CASE depends_on:POLARSSL_AES_C */
+void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res )
+{
+    ccm_context ctx;
+    unsigned char key[16];
+    unsigned char msg[10];
+    unsigned char iv[14];
+    unsigned char add[10];
+    unsigned char out[10];
+    unsigned char tag[18];
+    int decrypt_ret;
+
+    memset( key, 0, sizeof( key ) );
+    memset( msg, 0, sizeof( msg ) );
+    memset( iv, 0, sizeof( iv ) );
+    memset( add, 0, sizeof( add ) );
+    memset( out, 0, sizeof( out ) );
+    memset( tag, 0, sizeof( tag ) );
+
+    TEST_ASSERT( ccm_init( &ctx, POLARSSL_CIPHER_ID_AES,
+                                 key, 8 * sizeof( key ) ) == 0 );
+
+    TEST_ASSERT( ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
+                                      msg, out, tag, tag_len ) == res );
+
+    decrypt_ret = ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len,
+                                    msg, out, tag, tag_len );
+
+    if( res == 0 )
+        TEST_ASSERT( decrypt_ret == POLARSSL_ERR_CCM_AUTH_FAILED );
+    else
+        TEST_ASSERT( decrypt_ret == res );
+
+    ccm_free( &ctx );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void ccm_encrypt_and_tag( int cipher_id,
                           char *key_hex, char *msg_hex,