mbedtls/tests/suites/test_suite_chachapoly.function
Manuel Pégourié-Gonnard 346b8d5050 chachapoly: split crypt_and_mac() to match GCM API
In addition to making the APIs of the various AEAD modules more consistent
with each other, it's useful to have an auth_decrypt() function so that we can
safely check the tag ourselves, as the user might otherwise do it in an
insecure way (or even forget to do it altogether).
2018-05-24 13:37:31 +02:00

125 lines
3.9 KiB
Plaintext

/* BEGIN_HEADER */
#include "mbedtls/chachapoly.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_CHACHAPOLY_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void mbedtls_chachapoly_enc( char *hex_key_string, char *hex_nonce_string, char *hex_aad_string, char *hex_input_string, char *hex_output_string, char *hex_mac_string )
{
unsigned char key_str[32];
unsigned char nonce_str[12];
unsigned char aad_str[10000];
unsigned char input_str[10000];
unsigned char output_str[10000];
unsigned char mac_str[16];
unsigned char output[10000];
unsigned char mac[16];
size_t input_len;
size_t output_len;
size_t aad_len;
size_t key_len;
size_t nonce_len;
size_t mac_len;
mbedtls_chachapoly_context ctx;
memset( key_str, 0x00, 32 );
memset( nonce_str, 0x00, 12 );
memset( aad_str, 0x00, 10000 );
memset( input_str, 0x00, 10000 );
memset( output_str, 0x00, 10000 );
memset( mac_str, 0x00, 16 );
aad_len = unhexify( aad_str, hex_aad_string );
input_len = unhexify( input_str, hex_input_string );
output_len = unhexify( output_str, hex_output_string );
key_len = unhexify( key_str, hex_key_string );
nonce_len = unhexify( nonce_str, hex_nonce_string );
mac_len = unhexify( mac_str, hex_mac_string );
TEST_ASSERT( key_len == 32 );
TEST_ASSERT( nonce_len == 12 );
TEST_ASSERT( mac_len == 16 );
mbedtls_chachapoly_init( &ctx );
mbedtls_chachapoly_setkey( &ctx, key_str );
mbedtls_chachapoly_crypt_and_tag( &ctx,
MBEDTLS_CHACHAPOLY_ENCRYPT,
input_len, nonce_str,
aad_str, aad_len,
input_str, output, mac );
TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
TEST_ASSERT( memcmp( mac_str, mac, 16U ) == 0 );
exit:
mbedtls_chachapoly_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE */
void mbedtls_chachapoly_dec( char *hex_key_string, char *hex_nonce_string, char *hex_aad_string, char *hex_input_string, char *hex_output_string, char *hex_mac_string )
{
unsigned char key_str[32];
unsigned char nonce_str[12];
unsigned char aad_str[10000];
unsigned char input_str[10000];
unsigned char output_str[10000];
unsigned char mac_str[16];
unsigned char output[10000];
size_t input_len;
size_t output_len;
size_t aad_len;
size_t key_len;
size_t nonce_len;
size_t mac_len;
int ret;
mbedtls_chachapoly_context ctx;
memset( key_str, 0x00, 32 );
memset( nonce_str, 0x00, 12 );
memset( aad_str, 0x00, 10000 );
memset( input_str, 0x00, 10000 );
memset( output_str, 0x00, 10000 );
memset( mac_str, 0x00, 16 );
aad_len = unhexify( aad_str, hex_aad_string );
input_len = unhexify( input_str, hex_input_string );
output_len = unhexify( output_str, hex_output_string );
key_len = unhexify( key_str, hex_key_string );
nonce_len = unhexify( nonce_str, hex_nonce_string );
mac_len = unhexify( mac_str, hex_mac_string );
TEST_ASSERT( key_len == 32 );
TEST_ASSERT( nonce_len == 12 );
TEST_ASSERT( mac_len == 16 );
mbedtls_chachapoly_init( &ctx );
mbedtls_chachapoly_setkey( &ctx, key_str );
ret = mbedtls_chachapoly_auth_decrypt( &ctx,
input_len, nonce_str,
aad_str, aad_len,
mac_str, input_str, output );
TEST_ASSERT( ret == 0 );
TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
exit:
mbedtls_chachapoly_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void chachapoly_selftest()
{
TEST_ASSERT( mbedtls_chachapoly_self_test( 1 ) == 0 );
}
/* END_CASE */