mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-25 13:43:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/pr/2158' into development

Browse Source 
* origin/pr/2158:
  Whitespace fix for ccm, gcm, and pkcs5
  Rename remaining test data
  Rename globals to avoid shadowing by various function arguments
This commit is contained in:
Jaeden Amero 2019-03-05 16:29:53 +00:00
commit db2c2ce881
3 changed files with 124 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
library/ccm.c
View File

@ -80,7 +80,8 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
CCM_VALIDATE_RET( ctx != NULL ); CCM_VALIDATE_RET( ctx != NULL );
CCM_VALIDATE_RET( key != NULL ); CCM_VALIDATE_RET( key != NULL );
cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, MBEDTLS_MODE_ECB ); cipher_info = mbedtls_cipher_info_from_values( cipher, keybits,
MBEDTLS_MODE_ECB );
if( cipher_info == NULL ) if( cipher_info == NULL )
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return( MBEDTLS_ERR_CCM_BAD_INPUT );
@ -423,34 +424,34 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
/* /*
* The data is the same for all tests, only the used length changes * The data is the same for all tests, only the used length changes
*/ */
static const unsigned char key[] = { static const unsigned char key_test_data[] = {
0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f
}; };
static const unsigned char iv[] = { static const unsigned char iv_test_data[] = {
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b 0x18, 0x19, 0x1a, 0x1b
}; };
static const unsigned char ad[] = { static const unsigned char ad_test_data[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13 0x10, 0x11, 0x12, 0x13
}; };
static const unsigned char msg[CCM_SELFTEST_PT_MAX_LEN] = { static const unsigned char msg_test_data[CCM_SELFTEST_PT_MAX_LEN] = {
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
}; };
static const size_t iv_len [NB_TESTS] = { 7, 8, 12 }; static const size_t iv_len_test_data [NB_TESTS] = { 7, 8, 12 };
static const size_t add_len[NB_TESTS] = { 8, 16, 20 }; static const size_t add_len_test_data[NB_TESTS] = { 8, 16, 20 };
static const size_t msg_len[NB_TESTS] = { 4, 16, 24 }; static const size_t msg_len_test_data[NB_TESTS] = { 4, 16, 24 };
static const size_t tag_len[NB_TESTS] = { 4, 6, 8 }; static const size_t tag_len_test_data[NB_TESTS] = { 4, 6, 8 };
static const unsigned char res[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = { static const unsigned char res_test_data[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = {
{ 0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d }, { 0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d },
{ 0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62, { 0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62,
0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d, 0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d,
@ -476,7 +477,8 @@ int mbedtls_ccm_self_test( int verbose )
mbedtls_ccm_init( &ctx ); mbedtls_ccm_init( &ctx );
if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 ) if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key_test_data,
8 * sizeof key_test_data ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( " CCM: setup failed" ); mbedtls_printf( " CCM: setup failed" );
@ -491,15 +493,18 @@ int mbedtls_ccm_self_test( int verbose )
memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN ); memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN );
memcpy( plaintext, msg, msg_len[i] ); memcpy( plaintext, msg_test_data, msg_len_test_data[i] );
ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i], ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len_test_data[i],
iv, iv_len[i], ad, add_len[i], iv_test_data, iv_len_test_data[i],
ad_test_data, add_len_test_data[i],
plaintext, ciphertext, plaintext, ciphertext,
ciphertext + msg_len[i], tag_len[i] ); ciphertext + msg_len_test_data[i],
tag_len_test_data[i] );
if( ret != 0 || if( ret != 0 ||
memcmp( ciphertext, res[i], msg_len[i] + tag_len[i] ) != 0 ) memcmp( ciphertext, res_test_data[i],
msg_len_test_data[i] + tag_len_test_data[i] ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( "failed\n" ); mbedtls_printf( "failed\n" );
@ -508,13 +513,15 @@ int mbedtls_ccm_self_test( int verbose )
} }
memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i], ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len_test_data[i],
iv, iv_len[i], ad, add_len[i], iv_test_data, iv_len_test_data[i],
ad_test_data, add_len_test_data[i],
ciphertext, plaintext, ciphertext, plaintext,
ciphertext + msg_len[i], tag_len[i] ); ciphertext + msg_len_test_data[i],
tag_len_test_data[i] );
if( ret != 0 || if( ret != 0 ||
memcmp( plaintext, msg, msg_len[i] ) != 0 ) memcmp( plaintext, msg_test_data, msg_len_test_data[i] ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( "failed\n" ); mbedtls_printf( "failed\n" );

128
library/gcm.c
View File

@ -175,7 +175,8 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
GCM_VALIDATE_RET( key != NULL ); GCM_VALIDATE_RET( key != NULL );
GCM_VALIDATE_RET( keybits == 128 || keybits == 192 || keybits == 256 ); GCM_VALIDATE_RET( keybits == 128 || keybits == 192 || keybits == 256 );
cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, MBEDTLS_MODE_ECB ); cipher_info = mbedtls_cipher_info_from_values( cipher, keybits,
MBEDTLS_MODE_ECB );
if( cipher_info == NULL ) if( cipher_info == NULL )
return( MBEDTLS_ERR_GCM_BAD_INPUT ); return( MBEDTLS_ERR_GCM_BAD_INPUT );
@ -335,8 +336,8 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
gcm_mult( ctx, ctx->y, ctx->y ); gcm_mult( ctx, ctx->y, ctx->y );
} }
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr, if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16,
&olen ) ) != 0 ) ctx->base_ectr, &olen ) ) != 0 )
{ {
return( ret ); return( ret );
} }
@ -557,10 +558,10 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx )
*/ */
#define MAX_TESTS 6 #define MAX_TESTS 6
static const int key_index[MAX_TESTS] = static const int key_index_test_data[MAX_TESTS] =
{ 0, 0, 1, 1, 1, 1 }; { 0, 0, 1, 1, 1, 1 };
static const unsigned char key[MAX_TESTS][32] = static const unsigned char key_test_data[MAX_TESTS][32] =
{ {
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@ -572,13 +573,13 @@ static const unsigned char key[MAX_TESTS][32] =
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 },
}; };
static const size_t iv_len[MAX_TESTS] = static const size_t iv_len_test_data[MAX_TESTS] =
{ 12, 12, 12, 12, 8, 60 }; { 12, 12, 12, 12, 8, 60 };
static const int iv_index[MAX_TESTS] = static const int iv_index_test_data[MAX_TESTS] =
{ 0, 0, 1, 1, 1, 2 }; { 0, 0, 1, 1, 1, 2 };
static const unsigned char iv[MAX_TESTS][64] = static const unsigned char iv_test_data[MAX_TESTS][64] =
{ {
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00 }, 0x00, 0x00, 0x00, 0x00 },
@ -594,13 +595,13 @@ static const unsigned char iv[MAX_TESTS][64] =
0xa6, 0x37, 0xb3, 0x9b }, 0xa6, 0x37, 0xb3, 0x9b },
}; };
static const size_t add_len[MAX_TESTS] = static const size_t add_len_test_data[MAX_TESTS] =
{ 0, 0, 0, 20, 20, 20 }; { 0, 0, 0, 20, 20, 20 };
static const int add_index[MAX_TESTS] = static const int add_index_test_data[MAX_TESTS] =
{ 0, 0, 0, 1, 1, 1 }; { 0, 0, 0, 1, 1, 1 };
static const unsigned char additional[MAX_TESTS][64] = static const unsigned char additional_test_data[MAX_TESTS][64] =
{ {
{ 0x00 }, { 0x00 },
{ 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
@ -608,13 +609,13 @@ static const unsigned char additional[MAX_TESTS][64] =
0xab, 0xad, 0xda, 0xd2 }, 0xab, 0xad, 0xda, 0xd2 },
}; };
static const size_t pt_len[MAX_TESTS] = static const size_t pt_len_test_data[MAX_TESTS] =
{ 0, 16, 64, 60, 60, 60 }; { 0, 16, 64, 60, 60, 60 };
static const int pt_index[MAX_TESTS] = static const int pt_index_test_data[MAX_TESTS] =
{ 0, 0, 1, 1, 1, 1 }; { 0, 0, 1, 1, 1, 1 };
static const unsigned char pt[MAX_TESTS][64] = static const unsigned char pt_test_data[MAX_TESTS][64] =
{ {
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
@ -628,7 +629,7 @@ static const unsigned char pt[MAX_TESTS][64] =
0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 },
}; };
static const unsigned char ct[MAX_TESTS * 3][64] = static const unsigned char ct_test_data[MAX_TESTS * 3][64] =
{ {
{ 0x00 }, { 0x00 },
{ 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, { 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
@ -737,7 +738,7 @@ static const unsigned char ct[MAX_TESTS * 3][64] =
0x44, 0xae, 0x7e, 0x3f }, 0x44, 0xae, 0x7e, 0x3f },
}; };
static const unsigned char tag[MAX_TESTS * 3][16] = static const unsigned char tag_test_data[MAX_TESTS * 3][16] =
{ {
{ 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61, { 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a }, 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a },
@ -797,7 +798,8 @@ int mbedtls_gcm_self_test( int verbose )
mbedtls_printf( " AES-GCM-%3d #%d (%s): ", mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
key_len, i, "enc" ); key_len, i, "enc" );
ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], ret = mbedtls_gcm_setkey( &ctx, cipher,
key_test_data[key_index_test_data[i]],
key_len ); key_len );
/* /*
* AES-192 is an optional feature that may be unavailable when * AES-192 is an optional feature that may be unavailable when
@ -815,15 +817,19 @@ int mbedtls_gcm_self_test( int verbose )
} }
ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT,
pt_len[i], pt_len_test_data[i],
iv[iv_index[i]], iv_len[i], iv_test_data[iv_index_test_data[i]],
additional[add_index[i]], add_len[i], iv_len_test_data[i],
pt[pt_index[i]], buf, 16, tag_buf ); additional_test_data[add_index_test_data[i]],
add_len_test_data[i],
pt_test_data[pt_index_test_data[i]],
buf, 16, tag_buf );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
if ( memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 || if ( memcmp( buf, ct_test_data[j * 6 + i],
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) pt_len_test_data[i] ) != 0 ||
memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
{ {
ret = 1; ret = 1;
goto exit; goto exit;
@ -840,22 +846,26 @@ int mbedtls_gcm_self_test( int verbose )
mbedtls_printf( " AES-GCM-%3d #%d (%s): ", mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
key_len, i, "dec" ); key_len, i, "dec" );
ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], ret = mbedtls_gcm_setkey( &ctx, cipher,
key_test_data[key_index_test_data[i]],
key_len ); key_len );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT, ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT,
pt_len[i], pt_len_test_data[i],
iv[iv_index[i]], iv_len[i], iv_test_data[iv_index_test_data[i]],
additional[add_index[i]], add_len[i], iv_len_test_data[i],
ct[j * 6 + i], buf, 16, tag_buf ); additional_test_data[add_index_test_data[i]],
add_len_test_data[i],
ct_test_data[j * 6 + i], buf, 16, tag_buf );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
if( memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 || if( memcmp( buf, pt_test_data[pt_index_test_data[i]],
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) pt_len_test_data[i] ) != 0 ||
memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
{ {
ret = 1; ret = 1;
goto exit; goto exit;
@ -872,32 +882,40 @@ int mbedtls_gcm_self_test( int verbose )
mbedtls_printf( " AES-GCM-%3d #%d split (%s): ", mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
key_len, i, "enc" ); key_len, i, "enc" );
ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], ret = mbedtls_gcm_setkey( &ctx, cipher,
key_test_data[key_index_test_data[i]],
key_len ); key_len );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT, ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT,
iv[iv_index[i]], iv_len[i], iv_test_data[iv_index_test_data[i]],
additional[add_index[i]], add_len[i] ); iv_len_test_data[i],
additional_test_data[add_index_test_data[i]],
add_len_test_data[i] );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
if( pt_len[i] > 32 ) if( pt_len_test_data[i] > 32 )
{ {
size_t rest_len = pt_len[i] - 32; size_t rest_len = pt_len_test_data[i] - 32;
ret = mbedtls_gcm_update( &ctx, 32, pt[pt_index[i]], buf ); ret = mbedtls_gcm_update( &ctx, 32,
pt_test_data[pt_index_test_data[i]],
buf );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
ret = mbedtls_gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32, ret = mbedtls_gcm_update( &ctx, rest_len,
buf + 32 ); pt_test_data[pt_index_test_data[i]] + 32,
buf + 32 );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
} }
else else
{ {
ret = mbedtls_gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf ); ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i],
pt_test_data[pt_index_test_data[i]],
buf );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
} }
@ -906,8 +924,9 @@ int mbedtls_gcm_self_test( int verbose )
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
if( memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 || if( memcmp( buf, ct_test_data[j * 6 + i],
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) pt_len_test_data[i] ) != 0 ||
memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
{ {
ret = 1; ret = 1;
goto exit; goto exit;
@ -924,32 +943,38 @@ int mbedtls_gcm_self_test( int verbose )
mbedtls_printf( " AES-GCM-%3d #%d split (%s): ", mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
key_len, i, "dec" ); key_len, i, "dec" );
ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], ret = mbedtls_gcm_setkey( &ctx, cipher,
key_test_data[key_index_test_data[i]],
key_len ); key_len );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT, ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT,
iv[iv_index[i]], iv_len[i], iv_test_data[iv_index_test_data[i]],
additional[add_index[i]], add_len[i] ); iv_len_test_data[i],
additional_test_data[add_index_test_data[i]],
add_len_test_data[i] );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
if( pt_len[i] > 32 ) if( pt_len_test_data[i] > 32 )
{ {
size_t rest_len = pt_len[i] - 32; size_t rest_len = pt_len_test_data[i] - 32;
ret = mbedtls_gcm_update( &ctx, 32, ct[j * 6 + i], buf ); ret = mbedtls_gcm_update( &ctx, 32, ct_test_data[j * 6 + i],
buf );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
ret = mbedtls_gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32, ret = mbedtls_gcm_update( &ctx, rest_len,
ct_test_data[j * 6 + i] + 32,
buf + 32 ); buf + 32 );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
} }
else else
{ {
ret = mbedtls_gcm_update( &ctx, pt_len[i], ct[j * 6 + i], ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i],
ct_test_data[j * 6 + i],
buf ); buf );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
@ -959,8 +984,9 @@ int mbedtls_gcm_self_test( int verbose )
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
if( memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 || if( memcmp( buf, pt_test_data[pt_index_test_data[i]],
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) pt_len_test_data[i] ) != 0 ||
memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 )
{ {
ret = 1; ret = 1;
goto exit; goto exit;

34
library/pkcs5.c
View File

@ -76,7 +76,8 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
* } * }
* *
*/ */
if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len,
MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
salt->p = p; salt->p = p;
@ -141,7 +142,8 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid, &kdf_alg_params ) ) != 0 ) if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid,
&kdf_alg_params ) ) != 0 )
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
// Only PBKDF2 supported at the moment // Only PBKDF2 supported at the moment
@ -202,7 +204,8 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 ) if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 )
goto exit; goto exit;
if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 ) if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen,
(mbedtls_operation_t) mode ) ) != 0 )
goto exit; goto exit;
if( ( ret = mbedtls_cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len, if( ( ret = mbedtls_cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len,
@ -217,7 +220,8 @@ exit:
} }
#endif /* MBEDTLS_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */
int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password, int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx,
const unsigned char *password,
size_t plen, const unsigned char *salt, size_t slen, size_t plen, const unsigned char *salt, size_t slen,
unsigned int iteration_count, unsigned int iteration_count,
uint32_t key_length, unsigned char *output ) uint32_t key_length, unsigned char *output )
@ -304,10 +308,10 @@ int mbedtls_pkcs5_self_test( int verbose )
#define MAX_TESTS 6 #define MAX_TESTS 6
static const size_t plen[MAX_TESTS] = static const size_t plen_test_data[MAX_TESTS] =
{ 8, 8, 8, 24, 9 }; { 8, 8, 8, 24, 9 };
static const unsigned char password[MAX_TESTS][32] = static const unsigned char password_test_data[MAX_TESTS][32] =
{ {
"password", "password",
"password", "password",
@ -316,10 +320,10 @@ static const unsigned char password[MAX_TESTS][32] =
"pass\0word", "pass\0word",
}; };
static const size_t slen[MAX_TESTS] = static const size_t slen_test_data[MAX_TESTS] =
{ 4, 4, 4, 36, 5 }; { 4, 4, 4, 36, 5 };
static const unsigned char salt[MAX_TESTS][40] = static const unsigned char salt_test_data[MAX_TESTS][40] =
{ {
"salt", "salt",
"salt", "salt",
@ -328,13 +332,13 @@ static const unsigned char salt[MAX_TESTS][40] =
"sa\0lt", "sa\0lt",
}; };
static const uint32_t it_cnt[MAX_TESTS] = static const uint32_t it_cnt_test_data[MAX_TESTS] =
{ 1, 2, 4096, 4096, 4096 }; { 1, 2, 4096, 4096, 4096 };
static const uint32_t key_len[MAX_TESTS] = static const uint32_t key_len_test_data[MAX_TESTS] =
{ 20, 20, 20, 25, 16 }; { 20, 20, 20, 25, 16 };
static const unsigned char result_key[MAX_TESTS][32] = static const unsigned char result_key_test_data[MAX_TESTS][32] =
{ {
{ 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71, { 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06, 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
@ -380,10 +384,12 @@ int mbedtls_pkcs5_self_test( int verbose )
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( " PBKDF2 (SHA1) #%d: ", i ); mbedtls_printf( " PBKDF2 (SHA1) #%d: ", i );
ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i], ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password_test_data[i],
slen[i], it_cnt[i], key_len[i], key ); plen_test_data[i], salt_test_data[i],
slen_test_data[i], it_cnt_test_data[i],
key_len_test_data[i], key );
if( ret != 0 || if( ret != 0 ||
memcmp( result_key[i], key, key_len[i] ) != 0 ) memcmp( result_key_test_data[i], key, key_len_test_data[i] ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( "failed\n" ); mbedtls_printf( "failed\n" );