Merge pull request #3994 from stevew817/feature/cmac_self_test_skip_unsupported

Allow CMAC self test to skip tests for unsupported primitives
2025-01-27 06:35:22 +00:00 · 2021-01-29 13:17:17 +00:00 · 2021-01-29 13:17:17 +00:00 · 594d7afa00
commit 594d7afa00
parent a14d1642f4 c7da6a48dd
1 changed files with 26 additions and 13 deletions
--- a/library/cmac.c
+++ b/library/cmac.c
@ -45,22 +45,10 @@
 #include "mbedtls/cmac.h"
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"
+#include "mbedtls/platform.h"

 #include <string.h>

-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc     calloc
-#define mbedtls_free       free
-#if defined(MBEDTLS_SELF_TEST)
-#include <stdio.h>
-#define mbedtls_printf     printf
-#endif /* MBEDTLS_SELF_TEST */
-#endif /* MBEDTLS_PLATFORM_C */
-
 #if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)

 /*
@ -793,6 +781,18 @@ static int cmac_test_subkeys( int verbose,
        if( ( ret = mbedtls_cipher_setkey( &ctx, key, keybits,
                                       MBEDTLS_ENCRYPT ) ) != 0 )
        {
+            /* When CMAC is implemented by an alternative implementation, or
+             * the underlying primitive itself is implemented alternatively,
+             * AES-192 may be unavailable. This should not cause the selftest
+             * function to fail. */
+            if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
+                  ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) &&
+                  cipher_type == MBEDTLS_CIPHER_AES_192_ECB ) {
+                if( verbose != 0 )
+                    mbedtls_printf( "skipped\n" );
+                goto next_test;
+            }
+
            if( verbose != 0 )
                mbedtls_printf( "test execution failed\n" );

@ -820,6 +820,7 @@ static int cmac_test_subkeys( int verbose,
        if( verbose != 0 )
            mbedtls_printf( "passed\n" );

+next_test:
        mbedtls_cipher_free( &ctx );
    }

@ -864,6 +865,18 @@ static int cmac_test_wth_cipher( int verbose,
        if( ( ret = mbedtls_cipher_cmac( cipher_info, key, keybits, messages,
                                         message_lengths[i], output ) ) != 0 )
        {
+            /* When CMAC is implemented by an alternative implementation, or
+             * the underlying primitive itself is implemented alternatively,
+             * AES-192 may be unavailable. This should not cause the selftest
+             * function to fail. */
+            if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
+                  ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) &&
+                  cipher_type == MBEDTLS_CIPHER_AES_192_ECB ) {
+                if( verbose != 0 )
+                    mbedtls_printf( "skipped\n" );
+                continue;
+            }
+
            if( verbose != 0 )
                mbedtls_printf( "failed\n" );
            goto exit;