2016-05-17 14:43:01 -03:00
|
|
|
/* BEGIN_HEADER */
|
2018-05-07 10:43:27 +02:00
|
|
|
#include "mbedtls/chachapoly.h"
|
2016-05-17 14:43:01 -03:00
|
|
|
/* END_HEADER */
|
|
|
|
|
|
|
|
/* BEGIN_DEPENDENCIES
|
2018-05-07 10:43:27 +02:00
|
|
|
* depends_on:MBEDTLS_CHACHAPOLY_C
|
2016-05-17 14:43:01 -03:00
|
|
|
* END_DEPENDENCIES
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* BEGIN_CASE */
|
2020-06-25 09:03:34 +02:00
|
|
|
void mbedtls_chachapoly_enc( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str )
|
2016-05-17 14:43:01 -03:00
|
|
|
{
|
2018-05-09 11:21:21 +02:00
|
|
|
unsigned char output[265];
|
|
|
|
unsigned char mac[16]; /* size set by the standard */
|
2018-05-07 12:56:36 +02:00
|
|
|
mbedtls_chachapoly_context ctx;
|
2016-05-17 14:43:01 -03:00
|
|
|
|
2020-06-25 09:03:34 +02:00
|
|
|
TEST_ASSERT( key_str->len == 32 );
|
|
|
|
TEST_ASSERT( nonce_str->len == 12 );
|
|
|
|
TEST_ASSERT( mac_str->len == 16 );
|
2016-05-17 14:43:01 -03:00
|
|
|
|
2018-05-07 12:56:36 +02:00
|
|
|
mbedtls_chachapoly_init( &ctx );
|
|
|
|
|
2020-06-25 09:03:34 +02:00
|
|
|
TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 );
|
2018-05-07 12:56:36 +02:00
|
|
|
|
2018-06-04 12:18:19 +02:00
|
|
|
TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
|
2020-06-25 09:03:34 +02:00
|
|
|
input_str->len, nonce_str->x,
|
|
|
|
aad_str->x, aad_str->len,
|
|
|
|
input_str->x, output, mac ) == 0 );
|
2016-05-17 14:43:01 -03:00
|
|
|
|
2020-06-25 09:03:34 +02:00
|
|
|
TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 );
|
|
|
|
TEST_ASSERT( memcmp( mac_str->x, mac, 16U ) == 0 );
|
2018-05-07 12:56:36 +02:00
|
|
|
|
|
|
|
exit:
|
|
|
|
mbedtls_chachapoly_free( &ctx );
|
2016-05-17 14:43:01 -03:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
|
|
|
/* BEGIN_CASE */
|
2020-06-25 09:03:34 +02:00
|
|
|
void mbedtls_chachapoly_dec( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str, int ret_exp )
|
2016-05-17 14:43:01 -03:00
|
|
|
{
|
2018-05-09 11:21:21 +02:00
|
|
|
unsigned char output[265];
|
2018-05-07 12:56:36 +02:00
|
|
|
int ret;
|
|
|
|
mbedtls_chachapoly_context ctx;
|
2016-05-17 14:43:01 -03:00
|
|
|
|
2020-06-25 09:03:34 +02:00
|
|
|
TEST_ASSERT( key_str->len == 32 );
|
|
|
|
TEST_ASSERT( nonce_str->len == 12 );
|
|
|
|
TEST_ASSERT( mac_str->len == 16 );
|
2016-05-17 14:43:01 -03:00
|
|
|
|
2018-05-07 12:56:36 +02:00
|
|
|
mbedtls_chachapoly_init( &ctx );
|
2016-05-17 14:43:01 -03:00
|
|
|
|
2020-06-25 09:03:34 +02:00
|
|
|
TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 );
|
2018-05-07 12:56:36 +02:00
|
|
|
|
|
|
|
ret = mbedtls_chachapoly_auth_decrypt( &ctx,
|
2020-06-25 09:03:34 +02:00
|
|
|
input_str->len, nonce_str->x,
|
|
|
|
aad_str->x, aad_str->len,
|
|
|
|
mac_str->x, input_str->x, output );
|
2018-05-07 12:56:36 +02:00
|
|
|
|
2018-05-09 12:22:13 +02:00
|
|
|
TEST_ASSERT( ret == ret_exp );
|
|
|
|
if( ret_exp == 0 )
|
|
|
|
{
|
2020-06-25 09:03:34 +02:00
|
|
|
TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 );
|
2018-05-09 12:22:13 +02:00
|
|
|
}
|
2018-05-07 12:56:36 +02:00
|
|
|
|
|
|
|
exit:
|
|
|
|
mbedtls_chachapoly_free( &ctx );
|
2016-05-17 14:43:01 -03:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2018-05-10 11:41:00 +02:00
|
|
|
/* BEGIN_CASE */
|
|
|
|
void chachapoly_state()
|
|
|
|
{
|
|
|
|
unsigned char key[32];
|
|
|
|
unsigned char nonce[12];
|
|
|
|
unsigned char aad[1];
|
|
|
|
unsigned char input[1];
|
|
|
|
unsigned char output[1];
|
|
|
|
unsigned char mac[16];
|
|
|
|
size_t input_len = sizeof( input );
|
|
|
|
size_t aad_len = sizeof( aad );
|
|
|
|
mbedtls_chachapoly_context ctx;
|
|
|
|
|
|
|
|
memset( key, 0x00, sizeof( key ) );
|
|
|
|
memset( nonce, 0x00, sizeof( nonce ) );
|
|
|
|
memset( aad, 0x00, sizeof( aad ) );
|
|
|
|
memset( input, 0x00, sizeof( input ) );
|
|
|
|
memset( output, 0x00, sizeof( output ) );
|
|
|
|
memset( mac, 0x00, sizeof( mac ) );
|
|
|
|
|
|
|
|
/* Initial state: finish, update, update_aad forbidden */
|
|
|
|
mbedtls_chachapoly_init( &ctx );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
|
|
|
|
== MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
|
|
|
|
== MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
|
|
|
|
== MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
|
|
|
|
|
|
|
|
/* Still initial state: finish, update, update_aad forbidden */
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key )
|
|
|
|
== 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
|
|
|
|
== MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
|
|
|
|
== MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
|
|
|
|
== MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
|
|
|
|
|
|
|
|
/* Starts -> finish OK */
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
|
|
|
|
== 0 );
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
|
|
|
|
== 0 );
|
|
|
|
|
|
|
|
/* After finish: update, update_aad forbidden */
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
|
|
|
|
== MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
|
|
|
|
== MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
|
|
|
|
|
|
|
|
/* Starts -> update* OK */
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
|
|
|
|
== 0 );
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
|
|
|
|
== 0 );
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output )
|
|
|
|
== 0 );
|
|
|
|
|
|
|
|
/* After update: update_aad forbidden */
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
|
|
|
|
== MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
|
|
|
|
|
|
|
|
/* Starts -> update_aad* -> finish OK */
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
|
|
|
|
== 0 );
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
|
|
|
|
== 0 );
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len )
|
|
|
|
== 0 );
|
|
|
|
TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac )
|
|
|
|
== 0 );
|
|
|
|
|
|
|
|
exit:
|
|
|
|
mbedtls_chachapoly_free( &ctx );
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2016-05-17 14:43:01 -03:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
|
2018-05-07 10:43:27 +02:00
|
|
|
void chachapoly_selftest()
|
2016-05-17 14:43:01 -03:00
|
|
|
{
|
2018-05-07 10:43:27 +02:00
|
|
|
TEST_ASSERT( mbedtls_chachapoly_self_test( 1 ) == 0 );
|
2016-05-17 14:43:01 -03:00
|
|
|
}
|
|
|
|
/* END_CASE */
|