poly1305: fix bug in starts() and add test for it

This commit is contained in:
Manuel Pégourié-Gonnard 2018-05-09 12:51:54 +02:00
parent b60045aacb
commit 97e34bf2f2
3 changed files with 44 additions and 3 deletions

View file

@ -280,6 +280,11 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx,
ctx->acc[1] = 0U; ctx->acc[1] = 0U;
ctx->acc[2] = 0U; ctx->acc[2] = 0U;
ctx->acc[3] = 0U; ctx->acc[3] = 0U;
ctx->acc[4] = 0U;
/* Queue initially empty */
mbedtls_zeroize( ctx->queue, sizeof( ctx->queue ) );
ctx->queue_len = 0U;
return( 0 ); return( 0 );
} }

View file

@ -67,8 +67,8 @@ void chacha20_crypt( char *hex_key_string,
* Test the streaming API again, piecewise * Test the streaming API again, piecewise
*/ */
/* Don't reset the context of key, in order to test that starts() do the /* Don't free/init the context nor set the key again,
* right thing. */ * in order to test that starts() does the right thing. */
TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str, counter ) == 0 ); TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str, counter ) == 0 );
memset( output, 0x00, sizeof( output ) ); memset( output, 0x00, sizeof( output ) );

View file

@ -11,6 +11,7 @@ void mbedtls_poly1305( char *hex_key_string, char *hex_mac_string, char *hex_src
unsigned char mac[16]; /* size set by the standard */ unsigned char mac[16]; /* size set by the standard */
unsigned char mac_str[33]; /* hex expansion of the above */ unsigned char mac_str[33]; /* hex expansion of the above */
size_t src_len; size_t src_len;
mbedtls_poly1305_context ctx;
memset( src_str, 0x00, sizeof( src_str ) ); memset( src_str, 0x00, sizeof( src_str ) );
memset( mac_str, 0x00, sizeof( mac_str ) ); memset( mac_str, 0x00, sizeof( mac_str ) );
@ -20,10 +21,45 @@ void mbedtls_poly1305( char *hex_key_string, char *hex_mac_string, char *hex_src
src_len = unhexify( src_str, hex_src_string ); src_len = unhexify( src_str, hex_src_string );
unhexify( key, hex_key_string ); unhexify( key, hex_key_string );
/*
* Test the integrated API
*/
mbedtls_poly1305_mac( key, src_str, src_len, mac ); mbedtls_poly1305_mac( key, src_str, src_len, mac );
hexify( mac_str, mac, 16 );
hexify( mac_str, mac, 16 );
TEST_ASSERT( strcmp( (char *) mac_str, hex_mac_string ) == 0 ); TEST_ASSERT( strcmp( (char *) mac_str, hex_mac_string ) == 0 );
/*
* Test the streaming API
*/
mbedtls_poly1305_init( &ctx );
TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key ) == 0 );
TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str, src_len ) == 0 );
TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
hexify( mac_str, mac, 16 );
TEST_ASSERT( strcmp( (char *) mac_str, hex_mac_string ) == 0 );
/*
* Test the streaming API again, piecewise
*/
/* Don't free/init the context, in order to test that starts() does the
* right thing. */
TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key ) == 0 );
TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str, 1 ) == 0 );
TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str + 1, src_len - 1) == 0 );
TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
hexify( mac_str, mac, 16 );
TEST_ASSERT( strcmp( (char *) mac_str, hex_mac_string ) == 0 );
mbedtls_poly1305_free( &ctx );
} }
/* END_CASE */ /* END_CASE */