Add what little was missing to fully support DES

Also add what was missing in the test suite to support block ciphers
with a block size that isn't 16.

Fix some buggy test data that passed only due to problems with DES
support in the product.
This commit is contained in:
Gilles Peskine 2018-06-21 09:40:04 +02:00 committed by itayzafrir
parent 9a94480685
commit 9ad29e2bee
3 changed files with 68 additions and 13 deletions

View file

@ -1102,10 +1102,17 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
cipher_id_tmp = MBEDTLS_CIPHER_ID_AES; cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
break; break;
case PSA_KEY_TYPE_DES: case PSA_KEY_TYPE_DES:
/* key_bits is 64 for Single-DES, 128 for two-key Triple-DES,
* and 192 for three-key Triple-DES. */
if( key_bits == 64 ) if( key_bits == 64 )
cipher_id_tmp = MBEDTLS_CIPHER_ID_DES; cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
else else
cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES; cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
/* mbedtls doesn't recognize two-key Triple-DES as an algorithm,
* but two-key Triple-DES is functionally three-key Triple-DES
* with K1=K3, so that's how we present it to mbedtls. */
if( key_bits == 128 )
key_bits = 192;
break; break;
case PSA_KEY_TYPE_CAMELLIA: case PSA_KEY_TYPE_CAMELLIA:
cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA; cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
@ -1975,8 +1982,24 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }
ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data, #if defined(MBEDTLS_DES_C)
key_bits, cipher_operation ); if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 )
{
/* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
unsigned char keys[24];
memcpy( keys, slot->data.raw.data, 16 );
memcpy( keys + 16, slot->data.raw.data, 8 );
ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
keys,
192, cipher_operation );
}
else
#endif
{
ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
slot->data.raw.data,
key_bits, cipher_operation );
}
if( ret != 0 ) if( ret != 0 )
{ {
psa_cipher_abort( operation ); psa_cipher_abort( operation );

View file

@ -178,10 +178,10 @@ PSA MAC setup: invalid key type, HMAC-SHA-256
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
PSA MAC setup: incompatible key DES for CMAC PSA MAC setup: incompatible key HMAC for CMAC
depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C depends_on:MBEDTLS_CMAC_C
# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
mac_setup:PSA_KEY_TYPE_DES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
PSA MAC verify: HMAC-SHA-256 PSA MAC verify: HMAC-SHA-256
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
@ -333,6 +333,18 @@ PSA symmetric encrypt: AES-CTR, 15 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS
PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS
PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS
PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
@ -357,6 +369,18 @@ PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS
PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS
PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS
PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
@ -600,11 +624,11 @@ generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT |
PSA generate key: DES, 128 bits, CBC-nopad PSA generate key: DES, 128 bits, CBC-nopad
depends_on:MBEDTLS_DES_C depends_on:MBEDTLS_DES_C
generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
PSA generate key: DES, 192 bits, CBC-nopad PSA generate key: DES, 192 bits, CBC-nopad
depends_on:MBEDTLS_DES_C depends_on:MBEDTLS_DES_C
generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
PSA generate key: invalid key size: AES, 64 bits PSA generate key: invalid key size: AES, 64 bits
depends_on:MBEDTLS_AES_C depends_on:MBEDTLS_AES_C

View file

@ -800,6 +800,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
psa_algorithm_t alg = alg_arg; psa_algorithm_t alg = alg_arg;
psa_status_t expected_status = expected_status_arg; psa_status_t expected_status = expected_status_arg;
unsigned char iv[16] = {0}; unsigned char iv[16] = {0};
size_t iv_size;
unsigned char *output = NULL; unsigned char *output = NULL;
size_t output_buffer_size = 0; size_t output_buffer_size = 0;
size_t function_output_length = 0; size_t function_output_length = 0;
@ -813,7 +814,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
memset( iv, 0x2a, sizeof( iv ) ); iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
memset( iv, 0x2a, iv_size );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@ -824,7 +826,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
key_slot, alg ) == PSA_SUCCESS ); key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_set_iv( &operation, TEST_ASSERT( psa_encrypt_set_iv( &operation,
iv, sizeof( iv ) ) == PSA_SUCCESS ); iv, iv_size ) == PSA_SUCCESS );
output_buffer_size = input->len + operation.block_size; output_buffer_size = input->len + operation.block_size;
output = mbedtls_calloc( 1, output_buffer_size ); output = mbedtls_calloc( 1, output_buffer_size );
TEST_ASSERT( output != NULL ); TEST_ASSERT( output != NULL );
@ -867,6 +869,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
psa_key_type_t key_type = key_type_arg; psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg; psa_algorithm_t alg = alg_arg;
unsigned char iv[16] = {0}; unsigned char iv[16] = {0};
size_t iv_size;
unsigned char *output = NULL; unsigned char *output = NULL;
size_t output_buffer_size = 0; size_t output_buffer_size = 0;
size_t function_output_length = 0; size_t function_output_length = 0;
@ -880,7 +883,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
memset( iv, 0x2a, sizeof( iv ) ); iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
memset( iv, 0x2a, iv_size );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@ -937,6 +941,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
psa_key_type_t key_type = key_type_arg; psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg; psa_algorithm_t alg = alg_arg;
unsigned char iv[16] = {0}; unsigned char iv[16] = {0};
size_t iv_size;
unsigned char *output = NULL; unsigned char *output = NULL;
size_t output_buffer_size = 0; size_t output_buffer_size = 0;
size_t function_output_length = 0; size_t function_output_length = 0;
@ -950,7 +955,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
memset( iv, 0x2a, sizeof( iv ) ); iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
memset( iv, 0x2a, iv_size );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@ -1009,6 +1015,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
psa_algorithm_t alg = alg_arg; psa_algorithm_t alg = alg_arg;
psa_status_t expected_status = expected_status_arg; psa_status_t expected_status = expected_status_arg;
unsigned char iv[16] = {0}; unsigned char iv[16] = {0};
size_t iv_size;
unsigned char *output = NULL; unsigned char *output = NULL;
size_t output_buffer_size = 0; size_t output_buffer_size = 0;
size_t function_output_length = 0; size_t function_output_length = 0;
@ -1022,7 +1029,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
memset( iv, 0x2a, sizeof( iv ) ); iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
memset( iv, 0x2a, iv_size );
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@ -1033,7 +1041,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
key_slot, alg ) == PSA_SUCCESS ); key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_set_iv( &operation, TEST_ASSERT( psa_encrypt_set_iv( &operation,
iv, sizeof( iv ) ) == PSA_SUCCESS ); iv, iv_size ) == PSA_SUCCESS );
output_buffer_size = input->len + operation.block_size; output_buffer_size = input->len + operation.block_size;
output = mbedtls_calloc( 1, output_buffer_size ); output = mbedtls_calloc( 1, output_buffer_size );