yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-04-27 23:46:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use exact-size buffers for testing auth_xxcrypt()

Browse source 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2020-12-03 11:09:46 +01:00
parent f5cf71e14a
commit 9b2a78966f
1 changed files with 37 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

58
tests/suites/test_suite_cipher.function
View file

@ -1035,14 +1035,9 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
#if !defined(MBEDTLS_DEPRECATED_WARNING) && \ #if !defined(MBEDTLS_DEPRECATED_WARNING) && \
!defined(MBEDTLS_DEPRECATED_REMOVED) !defined(MBEDTLS_DEPRECATED_REMOVED)
unsigned char output[300]; /* Temporary buffer for results of
* encryption and decryption. */
unsigned char *output_tag = NULL; /* Temporary buffer for tag in the
* encryption step. */
unsigned char *tmp_tag = NULL; unsigned char *tmp_tag = NULL;
unsigned char *tmp_cipher = NULL; unsigned char *tmp_cipher = NULL;
unsigned char *tag_buf = NULL;
memset( output, 0xFF, sizeof( output ) );
#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
mbedtls_cipher_init( &ctx ); mbedtls_cipher_init( &ctx );
@ -1234,11 +1229,11 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
* Authenticate and decrypt, and check result * Authenticate and decrypt, and check result
*/ */
/* Sanity check that we don't use overly long inputs. */ /* We can't pass a NULL output buffer to this funciton */
TEST_ASSERT( sizeof( output ) >= cipher->len ); ASSERT_ALLOC( decrypt_buf, cipher->len ? cipher->len : 1 );
outlen = 0;
ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len, ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
tmp_cipher, cipher->len, output, &outlen, tmp_cipher, cipher->len, decrypt_buf, &outlen,
tmp_tag, tag->len ); tmp_tag, tag->len );
if( using_nist_kw ) if( using_nist_kw )
@ -1257,9 +1252,14 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
TEST_ASSERT( ret == 0 ); TEST_ASSERT( ret == 0 );
TEST_ASSERT( outlen == clear->len ); TEST_ASSERT( outlen == clear->len );
TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 ); TEST_ASSERT( memcmp( decrypt_buf, clear->x, clear->len ) == 0 );
} }
mbedtls_free( decrypt_buf );
decrypt_buf = NULL;
mbedtls_free( cipher_plus_tag );
cipher_plus_tag = NULL;
/* /*
* Encrypt back if test data was authentic * Encrypt back if test data was authentic
*/ */
@ -1269,19 +1269,31 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key,
MBEDTLS_ENCRYPT ); MBEDTLS_ENCRYPT );
/* prepare buffers for encryption */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( use_psa )
{
ASSERT_ALLOC( cipher_plus_tag, cipher->len + tag->len );
tmp_cipher = cipher_plus_tag;
tmp_tag = cipher_plus_tag + cipher->len;
}
else
#endif /* MBEDTLS_USE_PSA_CRYPTO */
{
/* can't pass a NULL output buffer to this function */
ASSERT_ALLOC( encrypt_buf, cipher->len ? cipher->len : 1 );
ASSERT_ALLOC( tag_buf, tag->len );
tmp_cipher = encrypt_buf;
tmp_tag = tag_buf;
}
/* /*
* Encrypt and check the result * Encrypt and check the result
*/ */
memset( output, 0xFF, sizeof( output ) );
outlen = 0; outlen = 0;
/* Sanity check that we don't use overly long inputs. */
TEST_ASSERT( sizeof( output ) >= clear->len + tag->len );
output_tag = output + clear->len;
ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len, ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
clear->x, clear->len, output, &outlen, clear->x, clear->len, tmp_cipher, &outlen,
output_tag, tag->len ); tmp_tag, tag->len );
if( using_nist_kw ) if( using_nist_kw )
{ {
@ -1292,8 +1304,8 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
TEST_ASSERT( ret == 0 ); TEST_ASSERT( ret == 0 );
TEST_ASSERT( outlen == cipher->len ); TEST_ASSERT( outlen == cipher->len );
TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 ); TEST_ASSERT( memcmp( tmp_cipher, cipher->x, cipher->len ) == 0 );
TEST_ASSERT( memcmp( output_tag, tag->x, tag->len ) == 0 ); TEST_ASSERT( memcmp( tmp_tag, tag->x, tag->len ) == 0 );
} }
} }
@ -1305,6 +1317,10 @@ exit:
mbedtls_free( decrypt_buf ); mbedtls_free( decrypt_buf );
mbedtls_free( encrypt_buf ); mbedtls_free( encrypt_buf );
mbedtls_free( cipher_plus_tag ); mbedtls_free( cipher_plus_tag );
#if !defined(MBEDTLS_DEPRECATED_WARNING) && \
!defined(MBEDTLS_DEPRECATED_REMOVED)
mbedtls_free( tag_buf );
#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
if( use_psa == 1 ) if( use_psa == 1 )