yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-29 17:17:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
mbedtls/tests/src/drivers/cipher.c
Ronald Cron 8d310ad2e6 psa: Rework unauthenticated cipher support in transparent test driver 
Make use of psa_cipher_xyz_internal() functions to
simplify the transparent test driver code and
extend the algorithms it supports to all algorithms
supported by the MbedTLS library.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00

492 lines
15 KiB
C
Raw Blame History

/*
* Test driver for cipher functions.
* Currently only supports multi-part operations using AES-CTR.
*/
/* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "psa_crypto_cipher.h"
#include "psa_crypto_core.h"
#include "mbedtls/cipher.h"
#include "test/drivers/cipher.h"
#include "test/random.h"
#include <string.h>
/* Test driver implements AES-CTR only. Its default behaviour (when its return
* status is not overridden through the hooks) is to take care of all AES-CTR
* operations, and return PSA_ERROR_NOT_SUPPORTED for all others.
* Set test_driver_cipher_hooks.forced_status to PSA_ERROR_NOT_SUPPORTED to use
* fallback even for AES-CTR. */
test_driver_cipher_hooks_t test_driver_cipher_hooks = TEST_DRIVER_CIPHER_INIT;
static psa_status_t test_transparent_cipher_oneshot(
mbedtls_operation_t direction,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length)
{
test_driver_cipher_hooks.hits++;
/* Test driver supports AES-CTR only, to verify operation calls. */
if( alg != PSA_ALG_CTR ||
psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
return( PSA_ERROR_NOT_SUPPORTED );
/* If test driver response code is not SUCCESS, we can return early */
if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( test_driver_cipher_hooks.forced_status );
/* If test driver output is overridden, we don't need to do actual crypto */
if( test_driver_cipher_hooks.forced_output != NULL )
{
if( output_size < test_driver_cipher_hooks.forced_output_length )
return( PSA_ERROR_BUFFER_TOO_SMALL );
memcpy( output,
test_driver_cipher_hooks.forced_output,
test_driver_cipher_hooks.forced_output_length );
*output_length = test_driver_cipher_hooks.forced_output_length;
return( test_driver_cipher_hooks.forced_status );
}
/* Run AES-CTR using the cipher module */
{
mbedtls_test_rnd_pseudo_info rnd_info;
memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
const mbedtls_cipher_info_t *cipher_info =
mbedtls_cipher_info_from_values( MBEDTLS_CIPHER_ID_AES,
key_length * 8,
MBEDTLS_MODE_CTR );
mbedtls_cipher_context_t cipher;
int ret = 0;
uint8_t temp_output_buffer[16] = {0};
size_t temp_output_length = 0;
if( direction == MBEDTLS_ENCRYPT )
{
/* Oneshot encrypt needs to prepend the IV to the output */
if( output_size < ( input_length + 16 ) )
return( PSA_ERROR_BUFFER_TOO_SMALL );
}
else
{
/* Oneshot decrypt has the IV prepended to the input */
if( output_size < ( input_length - 16 ) )
return( PSA_ERROR_BUFFER_TOO_SMALL );
}
if( cipher_info == NULL )
return( PSA_ERROR_NOT_SUPPORTED );
mbedtls_cipher_init( &cipher );
ret = mbedtls_cipher_setup( &cipher, cipher_info );
if( ret != 0 )
goto exit;
ret = mbedtls_cipher_setkey( &cipher,
key,
key_length * 8, direction );
if( ret != 0 )
goto exit;
if( direction == MBEDTLS_ENCRYPT )
{
mbedtls_test_rnd_pseudo_info rnd_info;
memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
ret = mbedtls_test_rnd_pseudo_rand( &rnd_info,
temp_output_buffer,
16 );
if( ret != 0 )
goto exit;
ret = mbedtls_cipher_set_iv( &cipher, temp_output_buffer, 16 );
}
else
ret = mbedtls_cipher_set_iv( &cipher, input, 16 );
if( ret != 0 )
goto exit;
if( direction == MBEDTLS_ENCRYPT )
{
ret = mbedtls_cipher_update( &cipher,
input, input_length,
&output[16], output_length );
if( ret == 0 )
{
memcpy( output, temp_output_buffer, 16 );
*output_length += 16;
}
}
else
ret = mbedtls_cipher_update( &cipher,
&input[16], input_length - 16,
output, output_length );
if( ret != 0 )
goto exit;
ret = mbedtls_cipher_finish( &cipher,
temp_output_buffer,
&temp_output_length );
exit:
if( ret != 0 )
{
*output_length = 0;
memset(output, 0, output_size);
}
mbedtls_cipher_free( &cipher );
return( mbedtls_to_psa_error( ret ) );
}
}
psa_status_t test_transparent_cipher_encrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length)
{
return (
test_transparent_cipher_oneshot(
MBEDTLS_ENCRYPT,
attributes,
key, key_length,
alg,
input, input_length,
output, output_size, output_length) );
}
psa_status_t test_transparent_cipher_decrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length)
{
return (
test_transparent_cipher_oneshot(
MBEDTLS_DECRYPT,
attributes,
key, key_length,
alg,
input, input_length,
output, output_size, output_length) );
}
psa_status_t test_transparent_cipher_encrypt_setup(
test_transparent_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg)
{
test_driver_cipher_hooks.hits++;
/* Wiping the entire struct here, instead of member-by-member. This is
* useful for the test suite, since it gives a chance of catching memory
* corruption errors should the core not have allocated (enough) memory for
* our context struct. */
memset( operation, 0, sizeof( *operation ) );
if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( test_driver_cipher_hooks.forced_status );
return ( mbedtls_psa_cipher_encrypt_setup( operation,
attributes,
key,
key_length,
alg ) );
}
psa_status_t test_transparent_cipher_decrypt_setup(
test_transparent_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg)
{
test_driver_cipher_hooks.hits++;
if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( test_driver_cipher_hooks.forced_status );
return ( mbedtls_psa_cipher_decrypt_setup( operation,
attributes,
key,
key_length,
alg ) );
}
psa_status_t test_transparent_cipher_abort(
test_transparent_cipher_operation_t *operation)
{
test_driver_cipher_hooks.hits++;
if( operation->alg == 0 )
return( PSA_SUCCESS );
mbedtls_psa_cipher_abort( operation );
/* Wiping the entire struct here, instead of member-by-member. This is
* useful for the test suite, since it gives a chance of catching memory
* corruption errors should the core not have allocated (enough) memory for
* our context struct. */
memset( operation, 0, sizeof( *operation ) );
return( test_driver_cipher_hooks.forced_status );
}
psa_status_t test_transparent_cipher_generate_iv(
test_transparent_cipher_operation_t *operation,
uint8_t *iv,
size_t iv_size,
size_t *iv_length)
{
test_driver_cipher_hooks.hits++;
if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( test_driver_cipher_hooks.forced_status );
return( mbedtls_psa_cipher_generate_iv( operation,
iv,
iv_size,
iv_length ) );
}
psa_status_t test_transparent_cipher_set_iv(
test_transparent_cipher_operation_t *operation,
const uint8_t *iv,
size_t iv_length)
{
test_driver_cipher_hooks.hits++;
if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( test_driver_cipher_hooks.forced_status );
return( mbedtls_psa_cipher_set_iv( operation,
iv,
iv_length ) );
}
psa_status_t test_transparent_cipher_update(
test_transparent_cipher_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
test_driver_cipher_hooks.hits++;
if( test_driver_cipher_hooks.forced_output != NULL )
{
if( output_size < test_driver_cipher_hooks.forced_output_length )
return PSA_ERROR_BUFFER_TOO_SMALL;
memcpy( output,
test_driver_cipher_hooks.forced_output,
test_driver_cipher_hooks.forced_output_length );
*output_length = test_driver_cipher_hooks.forced_output_length;
return( test_driver_cipher_hooks.forced_status );
}
if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( test_driver_cipher_hooks.forced_status );
return( mbedtls_psa_cipher_update( operation,
input, input_length,
output, output_size,
output_length ) );
}
psa_status_t test_transparent_cipher_finish(
test_transparent_cipher_operation_t *operation,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
test_driver_cipher_hooks.hits++;
if( test_driver_cipher_hooks.forced_output != NULL )
{
if( output_size < test_driver_cipher_hooks.forced_output_length )
return PSA_ERROR_BUFFER_TOO_SMALL;
memcpy( output,
test_driver_cipher_hooks.forced_output,
test_driver_cipher_hooks.forced_output_length );
*output_length = test_driver_cipher_hooks.forced_output_length;
return( test_driver_cipher_hooks.forced_status );
}
if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( test_driver_cipher_hooks.forced_status );
return( mbedtls_psa_cipher_finish( operation,
output, output_size,
output_length ) );
}
/*
* opaque versions, to do
*/
psa_status_t test_opaque_cipher_encrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length)
{
(void) attributes;
(void) key;
(void) key_length;
(void) alg;
(void) input;
(void) input_length;
(void) output;
(void) output_size;
(void) output_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t test_opaque_cipher_decrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length)
{
(void) attributes;
(void) key;
(void) key_length;
(void) alg;
(void) input;
(void) input_length;
(void) output;
(void) output_size;
(void) output_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t test_opaque_cipher_encrypt_setup(
test_opaque_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg)
{
(void) operation;
(void) attributes;
(void) key;
(void) key_length;
(void) alg;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t test_opaque_cipher_decrypt_setup(
test_opaque_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length,
psa_algorithm_t alg)
{
(void) operation;
(void) attributes;
(void) key;
(void) key_length;
(void) alg;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t test_opaque_cipher_abort(
test_opaque_cipher_operation_t *operation)
{
(void) operation;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t test_opaque_cipher_generate_iv(
test_opaque_cipher_operation_t *operation,
uint8_t *iv,
size_t iv_size,
size_t *iv_length)
{
(void) operation;
(void) iv;
(void) iv_size;
(void) iv_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t test_opaque_cipher_set_iv(
test_opaque_cipher_operation_t *operation,
const uint8_t *iv,
size_t iv_length)
{
(void) operation;
(void) iv;
(void) iv_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t test_opaque_cipher_update(
test_opaque_cipher_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
(void) operation;
(void) input;
(void) input_length;
(void) output;
(void) output_size;
(void) output_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t test_opaque_cipher_finish(
test_opaque_cipher_operation_t *operation,
uint8_t *output,
size_t output_size,
size_t *output_length)
{
(void) operation;
(void) output;
(void) output_size;
(void) output_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
Reference in a new issue View git blame Copy permalink