aboutsummaryrefslogtreecommitdiffstats
path: root/roms/skiboot/libstb/crypto/mbedtls/tests/suites/test_suite_cipher.function
diff options
context:
space:
mode:
Diffstat (limited to 'roms/skiboot/libstb/crypto/mbedtls/tests/suites/test_suite_cipher.function')
-rw-r--r--roms/skiboot/libstb/crypto/mbedtls/tests/suites/test_suite_cipher.function1152
1 files changed, 1152 insertions, 0 deletions
diff --git a/roms/skiboot/libstb/crypto/mbedtls/tests/suites/test_suite_cipher.function b/roms/skiboot/libstb/crypto/mbedtls/tests/suites/test_suite_cipher.function
new file mode 100644
index 000000000..02bf5f7ee
--- /dev/null
+++ b/roms/skiboot/libstb/crypto/mbedtls/tests/suites/test_suite_cipher.function
@@ -0,0 +1,1152 @@
+/* BEGIN_HEADER */
+#include "mbedtls/cipher.h"
+
+#if defined(MBEDTLS_GCM_C)
+#include "mbedtls/gcm.h"
+#endif
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_CIPHER_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void mbedtls_cipher_list( )
+{
+ const int *cipher_type;
+
+ for( cipher_type = mbedtls_cipher_list(); *cipher_type != 0; cipher_type++ )
+ TEST_ASSERT( mbedtls_cipher_info_from_type( *cipher_type ) != NULL );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_invalid_param_unconditional( )
+{
+ mbedtls_cipher_context_t valid_ctx;
+ mbedtls_cipher_context_t invalid_ctx;
+ mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT;
+ mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
+ unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
+ int valid_size = sizeof(valid_buffer);
+ int valid_bitlen = valid_size * 8;
+ const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type(
+ *( mbedtls_cipher_list() ) );
+ size_t size_t_var;
+
+ (void)valid_mode; /* In some configurations this is unused */
+
+ mbedtls_cipher_init( &valid_ctx );
+ mbedtls_cipher_setup( &valid_ctx, valid_info );
+ mbedtls_cipher_init( &invalid_ctx );
+
+ /* mbedtls_cipher_setup() */
+ TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, NULL ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ /* mbedtls_cipher_get_block_size() */
+ TEST_ASSERT( mbedtls_cipher_get_block_size( &invalid_ctx ) == 0 );
+
+ /* mbedtls_cipher_get_cipher_mode() */
+ TEST_ASSERT( mbedtls_cipher_get_cipher_mode( &invalid_ctx ) ==
+ MBEDTLS_MODE_NONE );
+
+ /* mbedtls_cipher_get_iv_size() */
+ TEST_ASSERT( mbedtls_cipher_get_iv_size( &invalid_ctx ) == 0 );
+
+ /* mbedtls_cipher_get_type() */
+ TEST_ASSERT(
+ mbedtls_cipher_get_type( &invalid_ctx ) ==
+ MBEDTLS_CIPHER_NONE);
+
+ /* mbedtls_cipher_get_name() */
+ TEST_ASSERT( mbedtls_cipher_get_name( &invalid_ctx ) == 0 );
+
+ /* mbedtls_cipher_get_key_bitlen() */
+ TEST_ASSERT( mbedtls_cipher_get_key_bitlen( &invalid_ctx ) ==
+ MBEDTLS_KEY_LENGTH_NONE );
+
+ /* mbedtls_cipher_get_operation() */
+ TEST_ASSERT( mbedtls_cipher_get_operation( &invalid_ctx ) ==
+ MBEDTLS_OPERATION_NONE );
+
+ /* mbedtls_cipher_setkey() */
+ TEST_ASSERT(
+ mbedtls_cipher_setkey( &invalid_ctx,
+ valid_buffer,
+ valid_bitlen,
+ valid_operation ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ /* mbedtls_cipher_set_iv() */
+ TEST_ASSERT(
+ mbedtls_cipher_set_iv( &invalid_ctx,
+ valid_buffer,
+ valid_size ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ /* mbedtls_cipher_reset() */
+ TEST_ASSERT( mbedtls_cipher_reset( &invalid_ctx ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ /* mbedtls_cipher_update_ad() */
+ TEST_ASSERT(
+ mbedtls_cipher_update_ad( &invalid_ctx,
+ valid_buffer,
+ valid_size ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+ /* mbedtls_cipher_set_padding_mode() */
+ TEST_ASSERT( mbedtls_cipher_set_padding_mode( &invalid_ctx, valid_mode ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#endif
+
+ /* mbedtls_cipher_update() */
+ TEST_ASSERT(
+ mbedtls_cipher_update( &invalid_ctx,
+ valid_buffer,
+ valid_size,
+ valid_buffer,
+ &size_t_var ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ /* mbedtls_cipher_finish() */
+ TEST_ASSERT(
+ mbedtls_cipher_finish( &invalid_ctx,
+ valid_buffer,
+ &size_t_var ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ /* mbedtls_cipher_write_tag() */
+ TEST_ASSERT(
+ mbedtls_cipher_write_tag( &invalid_ctx,
+ valid_buffer,
+ valid_size ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ /* mbedtls_cipher_check_tag() */
+ TEST_ASSERT(
+ mbedtls_cipher_check_tag( &invalid_ctx,
+ valid_buffer,
+ valid_size ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
+
+exit:
+ mbedtls_cipher_free( &invalid_ctx );
+ mbedtls_cipher_free( &valid_ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
+void cipher_invalid_param_conditional( )
+{
+ mbedtls_cipher_context_t valid_ctx;
+
+ mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT;
+ mbedtls_operation_t invalid_operation = 100;
+ mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
+ unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
+ int valid_size = sizeof(valid_buffer);
+ int valid_bitlen = valid_size * 8;
+ const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type(
+ *( mbedtls_cipher_list() ) );
+
+ size_t size_t_var;
+
+ (void)valid_mode; /* In some configurations this is unused */
+
+ /* mbedtls_cipher_init() */
+ TEST_VALID_PARAM( mbedtls_cipher_init( &valid_ctx ) );
+ TEST_INVALID_PARAM( mbedtls_cipher_init( NULL ) );
+
+ /* mbedtls_cipher_setup() */
+ TEST_VALID_PARAM( mbedtls_cipher_setup( &valid_ctx, valid_info ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_setup( NULL, valid_info ) );
+
+ /* mbedtls_cipher_get_block_size() */
+ TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_block_size( NULL ) );
+
+ /* mbedtls_cipher_get_cipher_mode() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_MODE_NONE,
+ mbedtls_cipher_get_cipher_mode( NULL ) );
+
+ /* mbedtls_cipher_get_iv_size() */
+ TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_iv_size( NULL ) );
+
+ /* mbedtls_cipher_get_type() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_CIPHER_NONE,
+ mbedtls_cipher_get_type( NULL ) );
+
+ /* mbedtls_cipher_get_name() */
+ TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_name( NULL ) );
+
+ /* mbedtls_cipher_get_key_bitlen() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_KEY_LENGTH_NONE,
+ mbedtls_cipher_get_key_bitlen( NULL ) );
+
+ /* mbedtls_cipher_get_operation() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_OPERATION_NONE,
+ mbedtls_cipher_get_operation( NULL ) );
+
+ /* mbedtls_cipher_setkey() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_setkey( NULL,
+ valid_buffer,
+ valid_bitlen,
+ valid_operation ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_setkey( &valid_ctx,
+ NULL,
+ valid_bitlen,
+ valid_operation ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_setkey( &valid_ctx,
+ valid_buffer,
+ valid_bitlen,
+ invalid_operation ) );
+
+ /* mbedtls_cipher_set_iv() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_set_iv( NULL,
+ valid_buffer,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_set_iv( &valid_ctx,
+ NULL,
+ valid_size ) );
+
+ /* mbedtls_cipher_reset() */
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_reset( NULL ) );
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ /* mbedtls_cipher_update_ad() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_update_ad( NULL,
+ valid_buffer,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_update_ad( &valid_ctx,
+ NULL,
+ valid_size ) );
+#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+ /* mbedtls_cipher_set_padding_mode() */
+ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_set_padding_mode( NULL, valid_mode ) );
+#endif
+
+ /* mbedtls_cipher_update() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_update( NULL,
+ valid_buffer,
+ valid_size,
+ valid_buffer,
+ &size_t_var ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_update( &valid_ctx,
+ NULL, valid_size,
+ valid_buffer,
+ &size_t_var ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_update( &valid_ctx,
+ valid_buffer, valid_size,
+ NULL,
+ &size_t_var ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_update( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer,
+ NULL ) );
+
+ /* mbedtls_cipher_finish() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_finish( NULL,
+ valid_buffer,
+ &size_t_var ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_finish( &valid_ctx,
+ NULL,
+ &size_t_var ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_finish( &valid_ctx,
+ valid_buffer,
+ NULL ) );
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ /* mbedtls_cipher_write_tag() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_write_tag( NULL,
+ valid_buffer,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_write_tag( &valid_ctx,
+ NULL,
+ valid_size ) );
+
+ /* mbedtls_cipher_check_tag() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_check_tag( NULL,
+ valid_buffer,
+ valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_check_tag( &valid_ctx,
+ NULL,
+ valid_size ) );
+#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
+
+ /* mbedtls_cipher_crypt() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_crypt( NULL,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, &size_t_var ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_crypt( &valid_ctx,
+ NULL, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, &size_t_var ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_crypt( &valid_ctx,
+ valid_buffer, valid_size,
+ NULL, valid_size,
+ valid_buffer, &size_t_var ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_crypt( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ NULL, &size_t_var ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_crypt( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, NULL ) );
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+ /* mbedtls_cipher_auth_encrypt() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt( NULL,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, &size_t_var,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt( &valid_ctx,
+ NULL, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, &size_t_var,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt( &valid_ctx,
+ valid_buffer, valid_size,
+ NULL, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, &size_t_var,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ NULL, valid_size,
+ valid_buffer, &size_t_var,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ NULL, &size_t_var,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, NULL,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_encrypt( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, &size_t_var,
+ NULL, valid_size ) );
+
+ /* mbedtls_cipher_auth_decrypt() */
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt( NULL,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, &size_t_var,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt( &valid_ctx,
+ NULL, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, &size_t_var,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt( &valid_ctx,
+ valid_buffer, valid_size,
+ NULL, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, &size_t_var,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ NULL, valid_size,
+ valid_buffer, &size_t_var,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ NULL, &size_t_var,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, NULL,
+ valid_buffer, valid_size ) );
+ TEST_INVALID_PARAM_RET(
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_cipher_auth_decrypt( &valid_ctx,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, valid_size,
+ valid_buffer, &size_t_var,
+ NULL, valid_size ) );
+#endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */
+
+ /* mbedtls_cipher_free() */
+ TEST_VALID_PARAM( mbedtls_cipher_free( NULL ) );
+exit:
+ TEST_VALID_PARAM( mbedtls_cipher_free( &valid_ctx ) );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
+void cipher_special_behaviours( )
+{
+ const mbedtls_cipher_info_t *cipher_info;
+ mbedtls_cipher_context_t ctx;
+ unsigned char input[32];
+ unsigned char output[32];
+#if defined (MBEDTLS_CIPHER_MODE_CBC)
+ unsigned char iv[32];
+#endif
+ size_t olen = 0;
+
+ mbedtls_cipher_init( &ctx );
+ memset( input, 0, sizeof( input ) );
+ memset( output, 0, sizeof( output ) );
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+ memset( iv, 0, sizeof( iv ) );
+
+ /* Check and get info structures */
+ cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_CBC );
+ TEST_ASSERT( NULL != cipher_info );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
+
+ /* IV too big */
+ TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1 )
+ == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+ /* IV too small */
+ TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, 0 )
+ == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ mbedtls_cipher_free( &ctx );
+ mbedtls_cipher_init( &ctx );
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+ cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
+ TEST_ASSERT( NULL != cipher_info );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
+
+ /* Update ECB with partial block */
+ TEST_ASSERT( mbedtls_cipher_update( &ctx, input, 1, output, &olen )
+ == MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
+
+exit:
+ mbedtls_cipher_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void enc_dec_buf( int cipher_id, char * cipher_string, int key_len,
+ int length_val, int pad_mode )
+{
+ size_t length = length_val, outlen, total_len, i, block_size;
+ unsigned char key[64];
+ unsigned char iv[16];
+ unsigned char ad[13];
+ unsigned char tag[16];
+ unsigned char inbuf[64];
+ unsigned char encbuf[64];
+ unsigned char decbuf[64];
+
+ const mbedtls_cipher_info_t *cipher_info;
+ mbedtls_cipher_context_t ctx_dec;
+ mbedtls_cipher_context_t ctx_enc;
+
+ /*
+ * Prepare contexts
+ */
+ mbedtls_cipher_init( &ctx_dec );
+ mbedtls_cipher_init( &ctx_enc );
+
+ memset( key, 0x2a, sizeof( key ) );
+
+ /* Check and get info structures */
+ cipher_info = mbedtls_cipher_info_from_type( cipher_id );
+ TEST_ASSERT( NULL != cipher_info );
+ TEST_ASSERT( mbedtls_cipher_info_from_string( cipher_string ) == cipher_info );
+
+ /* Initialise enc and dec contexts */
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) );
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+ if( -1 != pad_mode )
+ {
+ TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) );
+ }
+#else
+ (void) pad_mode;
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+ /*
+ * Do a few encode/decode cycles
+ */
+ for( i = 0; i < 3; i++ )
+ {
+ memset( iv , 0x00 + i, sizeof( iv ) );
+ memset( ad, 0x10 + i, sizeof( ad ) );
+ memset( inbuf, 0x20 + i, sizeof( inbuf ) );
+
+ memset( encbuf, 0, sizeof( encbuf ) );
+ memset( decbuf, 0, sizeof( decbuf ) );
+ memset( tag, 0, sizeof( tag ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, sizeof( iv ) ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, sizeof( iv ) ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) );
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) );
+#endif
+
+ block_size = mbedtls_cipher_get_block_size( &ctx_enc );
+ TEST_ASSERT( block_size != 0 );
+
+ /* encode length number of bytes from inbuf */
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) );
+ total_len = outlen;
+
+ TEST_ASSERT( total_len == length ||
+ ( total_len % block_size == 0 &&
+ total_len < length &&
+ total_len + block_size > length ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) );
+ total_len += outlen;
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ TEST_ASSERT( 0 == mbedtls_cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) );
+#endif
+
+ TEST_ASSERT( total_len == length ||
+ ( total_len % block_size == 0 &&
+ total_len > length &&
+ total_len <= length + block_size ) );
+
+ /* decode the previously encoded string */
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, total_len, decbuf, &outlen ) );
+ total_len = outlen;
+
+ TEST_ASSERT( total_len == length ||
+ ( total_len % block_size == 0 &&
+ total_len < length &&
+ total_len + block_size >= length ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) );
+ total_len += outlen;
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ TEST_ASSERT( 0 == mbedtls_cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) );
+#endif
+
+ /* check result */
+ TEST_ASSERT( total_len == length );
+ TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) );
+ }
+
+ /*
+ * Done
+ */
+exit:
+ mbedtls_cipher_free( &ctx_dec );
+ mbedtls_cipher_free( &ctx_enc );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void enc_fail( int cipher_id, int pad_mode, int key_len, int length_val,
+ int ret )
+{
+ size_t length = length_val;
+ unsigned char key[32];
+ unsigned char iv[16];
+
+ const mbedtls_cipher_info_t *cipher_info;
+ mbedtls_cipher_context_t ctx;
+
+ unsigned char inbuf[64];
+ unsigned char encbuf[64];
+
+ size_t outlen = 0;
+
+ memset( key, 0, 32 );
+ memset( iv , 0, 16 );
+
+ mbedtls_cipher_init( &ctx );
+
+ memset( inbuf, 5, 64 );
+ memset( encbuf, 0, 64 );
+
+ /* Check and get info structures */
+ cipher_info = mbedtls_cipher_info_from_type( cipher_id );
+ TEST_ASSERT( NULL != cipher_info );
+
+ /* Initialise context */
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, key_len, MBEDTLS_ENCRYPT ) );
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+ TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
+#else
+ (void) pad_mode;
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+ TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, 16 ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) );
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, NULL, 0 ) );
+#endif
+
+ /* encode length number of bytes from inbuf */
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, inbuf, length, encbuf, &outlen ) );
+ TEST_ASSERT( ret == mbedtls_cipher_finish( &ctx, encbuf + outlen, &outlen ) );
+
+ /* done */
+exit:
+ mbedtls_cipher_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void dec_empty_buf( int cipher )
+{
+ unsigned char key[32];
+ unsigned char iv[16];
+
+ mbedtls_cipher_context_t ctx_dec;
+ const mbedtls_cipher_info_t *cipher_info;
+
+ unsigned char encbuf[64];
+ unsigned char decbuf[64];
+
+ size_t outlen = 0;
+
+ int expected_ret;
+
+ memset( key, 0, 32 );
+ memset( iv , 0, 16 );
+
+ mbedtls_cipher_init( &ctx_dec );
+
+ memset( encbuf, 0, 64 );
+ memset( decbuf, 0, 64 );
+
+ /* Initialise context */
+ cipher_info = mbedtls_cipher_info_from_type( cipher );
+ TEST_ASSERT( NULL != cipher_info);
+ TEST_ASSERT( sizeof(key) * 8 >= cipher_info->key_bitlen );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec,
+ key, cipher_info->key_bitlen,
+ MBEDTLS_DECRYPT ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) );
+#endif
+
+ /* decode 0-byte string */
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) );
+ TEST_ASSERT( 0 == outlen );
+
+ if ( cipher_info->mode == MBEDTLS_MODE_CBC ||
+ cipher_info->mode == MBEDTLS_MODE_ECB )
+ {
+ /* CBC and ECB ciphers need a full block of input. */
+ expected_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
+ }
+ else
+ {
+ /* Non-CBC and non-ECB ciphers are OK with decrypting empty buffers and
+ * return success, not MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED, when
+ * decrypting an empty buffer. */
+ expected_ret = 0;
+ }
+
+ TEST_ASSERT( expected_ret == mbedtls_cipher_finish(
+ &ctx_dec, decbuf + outlen, &outlen ) );
+ TEST_ASSERT( 0 == outlen );
+
+exit:
+ mbedtls_cipher_free( &ctx_dec );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val,
+ int second_length_val, int pad_mode,
+ int first_encrypt_output_len, int second_encrypt_output_len,
+ int first_decrypt_output_len, int second_decrypt_output_len )
+{
+ size_t first_length = first_length_val;
+ size_t second_length = second_length_val;
+ size_t length = first_length + second_length;
+ size_t block_size;
+ unsigned char key[32];
+ unsigned char iv[16];
+
+ mbedtls_cipher_context_t ctx_dec;
+ mbedtls_cipher_context_t ctx_enc;
+ const mbedtls_cipher_info_t *cipher_info;
+
+ unsigned char inbuf[64];
+ unsigned char encbuf[64];
+ unsigned char decbuf[64];
+
+ size_t outlen = 0;
+ size_t totaloutlen = 0;
+
+ memset( key, 0, 32 );
+ memset( iv , 0, 16 );
+
+ mbedtls_cipher_init( &ctx_dec );
+ mbedtls_cipher_init( &ctx_enc );
+
+ memset( inbuf, 5, 64 );
+ memset( encbuf, 0, 64 );
+ memset( decbuf, 0, 64 );
+
+ /* Initialise enc and dec contexts */
+ cipher_info = mbedtls_cipher_info_from_type( cipher_id );
+ TEST_ASSERT( NULL != cipher_info);
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) );
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+ if( -1 != pad_mode )
+ {
+ TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) );
+ }
+#else
+ (void) pad_mode;
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+ TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, 16 ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) );
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, NULL, 0 ) );
+#endif
+
+ block_size = mbedtls_cipher_get_block_size( &ctx_enc );
+ TEST_ASSERT( block_size != 0 );
+
+ /* encode length number of bytes from inbuf */
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) );
+ TEST_ASSERT( (size_t)first_encrypt_output_len == outlen );
+ totaloutlen = outlen;
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf + first_length, second_length, encbuf + totaloutlen, &outlen ) );
+ TEST_ASSERT( (size_t)second_encrypt_output_len == outlen );
+ totaloutlen += outlen;
+ TEST_ASSERT( totaloutlen == length ||
+ ( totaloutlen % block_size == 0 &&
+ totaloutlen < length &&
+ totaloutlen + block_size > length ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + totaloutlen, &outlen ) );
+ totaloutlen += outlen;
+ TEST_ASSERT( totaloutlen == length ||
+ ( totaloutlen % block_size == 0 &&
+ totaloutlen > length &&
+ totaloutlen <= length + block_size ) );
+
+ /* decode the previously encoded string */
+ second_length = totaloutlen - first_length;
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, first_length, decbuf, &outlen ) );
+ TEST_ASSERT( (size_t)first_decrypt_output_len == outlen );
+ totaloutlen = outlen;
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf + first_length, second_length, decbuf + totaloutlen, &outlen ) );
+ TEST_ASSERT( (size_t)second_decrypt_output_len == outlen );
+ totaloutlen += outlen;
+
+ TEST_ASSERT( totaloutlen == length ||
+ ( totaloutlen % block_size == 0 &&
+ totaloutlen < length &&
+ totaloutlen + block_size >= length ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + totaloutlen, &outlen ) );
+ totaloutlen += outlen;
+
+ TEST_ASSERT( totaloutlen == length );
+
+ TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) );
+
+exit:
+ mbedtls_cipher_free( &ctx_dec );
+ mbedtls_cipher_free( &ctx_enc );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void decrypt_test_vec( int cipher_id, int pad_mode, data_t * key,
+ data_t * iv, data_t * cipher,
+ data_t * clear, data_t * ad, data_t * tag,
+ int finish_result, int tag_result )
+{
+ unsigned char output[265];
+ mbedtls_cipher_context_t ctx;
+ size_t outlen, total_len;
+
+ mbedtls_cipher_init( &ctx );
+
+ memset( output, 0x00, sizeof( output ) );
+
+#if !defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CHACHAPOLY_C)
+ ((void) ad);
+ ((void) tag);
+#endif
+
+ /* Prepare context */
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
+ mbedtls_cipher_info_from_type( cipher_id ) ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) );
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+ if( pad_mode != -1 )
+ TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
+#else
+ (void) pad_mode;
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+ TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv->x, iv->len ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) );
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, ad->x, ad->len ) );
+#endif
+
+ /* decode buffer and check tag->x */
+ total_len = 0;
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, cipher->x, cipher->len, output, &outlen ) );
+ total_len += outlen;
+ TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen,
+ &outlen ) );
+ total_len += outlen;
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+ TEST_ASSERT( tag_result == mbedtls_cipher_check_tag( &ctx, tag->x, tag->len ) );
+#endif
+
+ /* check plaintext only if everything went fine */
+ if( 0 == finish_result && 0 == tag_result )
+ {
+ TEST_ASSERT( total_len == clear->len );
+ TEST_ASSERT( 0 == memcmp( output, clear->x, clear->len ) );
+ }
+
+exit:
+ mbedtls_cipher_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_AEAD */
+void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
+ data_t * ad, data_t * cipher, data_t * tag,
+ char * result, data_t * clear )
+{
+ int ret;
+ unsigned char output[267]; /* above + 2 (overwrite check) */
+ unsigned char my_tag[20];
+ mbedtls_cipher_context_t ctx;
+ size_t outlen;
+
+ mbedtls_cipher_init( &ctx );
+
+ memset( output, 0xFF, sizeof( output ) );
+ memset( my_tag, 0xFF, sizeof( my_tag ) );
+
+
+ /* Prepare context */
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
+ mbedtls_cipher_info_from_type( cipher_id ) ) );
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) );
+
+ /* decode buffer and check tag->x */
+ ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
+ cipher->x, cipher->len, output, &outlen,
+ tag->x, tag->len );
+
+ /* make sure we didn't overwrite */
+ TEST_ASSERT( output[outlen + 0] == 0xFF );
+ TEST_ASSERT( output[outlen + 1] == 0xFF );
+
+ /* make sure the message is rejected if it should be */
+ if( strcmp( result, "FAIL" ) == 0 )
+ {
+ TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED );
+ goto exit;
+ }
+
+ /* otherwise, make sure it was decrypted properly */
+ TEST_ASSERT( ret == 0 );
+
+ TEST_ASSERT( outlen == clear->len );
+ TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 );
+
+ /* then encrypt the clear->x and make sure we get the same ciphertext and tag->x */
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len,
+ MBEDTLS_ENCRYPT ) );
+
+ memset( output, 0xFF, sizeof( output ) );
+ outlen = 0;
+
+ ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
+ clear->x, clear->len, output, &outlen,
+ my_tag, tag->len );
+ TEST_ASSERT( ret == 0 );
+
+ TEST_ASSERT( outlen == cipher->len );
+ TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 );
+ TEST_ASSERT( memcmp( my_tag, tag->x, tag->len ) == 0 );
+
+ /* make sure we didn't overwrite */
+ TEST_ASSERT( output[outlen + 0] == 0xFF );
+ TEST_ASSERT( output[outlen + 1] == 0xFF );
+ TEST_ASSERT( my_tag[tag->len + 0] == 0xFF );
+ TEST_ASSERT( my_tag[tag->len + 1] == 0xFF );
+
+
+exit:
+ mbedtls_cipher_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void test_vec_ecb( int cipher_id, int operation, data_t * key,
+ data_t * input, data_t * result, int finish_result
+ )
+{
+ mbedtls_cipher_context_t ctx;
+ unsigned char output[32];
+ size_t outlen;
+
+ mbedtls_cipher_init( &ctx );
+
+ memset( output, 0x00, sizeof( output ) );
+
+ /* Prepare context */
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
+ mbedtls_cipher_info_from_type( cipher_id ) ) );
+
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, input->x,
+ mbedtls_cipher_get_block_size( &ctx ),
+ output, &outlen ) );
+ TEST_ASSERT( outlen == mbedtls_cipher_get_block_size( &ctx ) );
+ TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen,
+ &outlen ) );
+ TEST_ASSERT( 0 == outlen );
+
+ /* check plaintext only if everything went fine */
+ if( 0 == finish_result )
+ TEST_ASSERT( 0 == memcmp( output, result->x,
+ mbedtls_cipher_get_block_size( &ctx ) ) );
+
+exit:
+ mbedtls_cipher_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
+void test_vec_crypt( int cipher_id, int operation, char *hex_key,
+ char *hex_iv, char *hex_input, char *hex_result,
+ int finish_result )
+{
+ unsigned char key[50];
+ unsigned char input[16];
+ unsigned char result[16];
+ unsigned char iv[16];
+ size_t key_len, iv_len, inputlen, resultlen;
+ mbedtls_cipher_context_t ctx;
+ unsigned char output[32];
+ size_t outlen;
+
+ mbedtls_cipher_init( &ctx );
+
+ memset( key, 0x00, sizeof( key ) );
+ memset( input, 0x00, sizeof( input ) );
+ memset( result, 0x00, sizeof( result ) );
+ memset( output, 0x00, sizeof( output ) );
+ memset( iv, 0x00, sizeof( iv ) );
+
+ /* Prepare context */
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
+ mbedtls_cipher_info_from_type( cipher_id ) ) );
+
+ key_len = unhexify( key, hex_key );
+ inputlen = unhexify( input, hex_input );
+ resultlen = unhexify( result, hex_result );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, operation ) );
+ if( MBEDTLS_MODE_CBC == ctx.cipher_info->mode )
+ TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, MBEDTLS_PADDING_NONE ) );
+
+ iv_len = unhexify( iv, hex_iv );
+
+ TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv_len ? iv : NULL,
+ iv_len, input, inputlen,
+ output, &outlen ) );
+ TEST_ASSERT( resultlen == outlen );
+ /* check plaintext only if everything went fine */
+ if( 0 == finish_result )
+ TEST_ASSERT( 0 == memcmp( output, result, outlen ) );
+
+exit:
+ mbedtls_cipher_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
+void set_padding( int cipher_id, int pad_mode, int ret )
+{
+ const mbedtls_cipher_info_t *cipher_info;
+ mbedtls_cipher_context_t ctx;
+
+ mbedtls_cipher_init( &ctx );
+
+ cipher_info = mbedtls_cipher_info_from_type( cipher_id );
+ TEST_ASSERT( NULL != cipher_info );
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
+
+ TEST_ASSERT( ret == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
+
+exit:
+ mbedtls_cipher_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
+void check_padding( int pad_mode, data_t * input, int ret, int dlen_check
+ )
+{
+ mbedtls_cipher_info_t cipher_info;
+ mbedtls_cipher_context_t ctx;
+ size_t dlen;
+
+ /* build a fake context just for getting access to get_padding */
+ mbedtls_cipher_init( &ctx );
+ cipher_info.mode = MBEDTLS_MODE_CBC;
+ ctx.cipher_info = &cipher_info;
+
+ TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) );
+
+
+ TEST_ASSERT( ret == ctx.get_padding( input->x, input->len, &dlen ) );
+ if( 0 == ret )
+ TEST_ASSERT( dlen == (size_t) dlen_check );
+}
+/* END_CASE */