diff options
author | Niels Möller <nisse@lysator.liu.se> | 2023-04-23 19:59:54 +0200 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2023-04-23 19:59:54 +0200 |
commit | a1056ebefcb2f256dfa66f11017a3c205438b1b4 (patch) | |
tree | b788fd3a65cf2572f5b9ac14c388d07e66ac4e4e | |
parent | e6563339b96ad2396bfcb1dfe88c1aeb15942281 (diff) | |
download | nettle-a1056ebefcb2f256dfa66f11017a3c205438b1b4.tar.gz |
Improve in-place testing
-rw-r--r-- | siv-cmac.c | 6 | ||||
-rw-r--r-- | testsuite/siv-gcm-test.c | 2 | ||||
-rw-r--r-- | testsuite/siv-test.c | 2 | ||||
-rw-r--r-- | testsuite/testutils.c | 89 | ||||
-rw-r--r-- | testsuite/testutils.h | 1 |
5 files changed, 69 insertions, 31 deletions
@@ -122,7 +122,8 @@ siv_cmac_encrypt_message (const struct cmac128_key *cmac_key, { union nettle_block16 siv; size_t slength; - + /* In-place operation not supported. */ + assert (dst != src); assert (clength >= SIV_DIGEST_SIZE); slength = clength - SIV_DIGEST_SIZE; @@ -149,6 +150,9 @@ siv_cmac_decrypt_message (const struct cmac128_key *cmac_key, union nettle_block16 siv; union nettle_block16 ctr; + /* In-place operation not supported. */ + assert (dst != src); + memcpy (ctr.b, src, SIV_DIGEST_SIZE); ctr.b[8] &= ~0x80; ctr.b[12] &= ~0x80; diff --git a/testsuite/siv-gcm-test.c b/testsuite/siv-gcm-test.c index 1e02fcc7..49302ad7 100644 --- a/testsuite/siv-gcm-test.c +++ b/testsuite/siv-gcm-test.c @@ -48,6 +48,7 @@ siv_gcm_aes128 = { sizeof(struct aes128_ctx), AES128_KEY_SIZE, SIV_GCM_DIGEST_SIZE, + 1, /* Supports in-place operation. */ (nettle_set_key_func*) aes128_set_encrypt_key, (nettle_set_key_func*) aes128_set_encrypt_key, (nettle_encrypt_message_func*) siv_gcm_aes128_encrypt_message, @@ -60,6 +61,7 @@ siv_gcm_aes256 = { sizeof(struct aes256_ctx), AES256_KEY_SIZE, SIV_GCM_DIGEST_SIZE, + 1, /* Supports in-place operation. */ (nettle_set_key_func*) aes256_set_encrypt_key, (nettle_set_key_func*) aes256_set_encrypt_key, (nettle_encrypt_message_func*) siv_gcm_aes256_encrypt_message, diff --git a/testsuite/siv-test.c b/testsuite/siv-test.c index 7b10ff0d..53214bbb 100644 --- a/testsuite/siv-test.c +++ b/testsuite/siv-test.c @@ -42,6 +42,7 @@ siv_cmac_aes128 = { sizeof(struct siv_cmac_aes128_ctx), SIV_CMAC_AES128_KEY_SIZE, SIV_DIGEST_SIZE, + 0, /* No in-place operation. */ (nettle_set_key_func*) siv_cmac_aes128_set_key, (nettle_set_key_func*) siv_cmac_aes128_set_key, (nettle_encrypt_message_func*) siv_cmac_aes128_encrypt_message, @@ -54,6 +55,7 @@ siv_cmac_aes256 = { sizeof(struct siv_cmac_aes256_ctx), SIV_CMAC_AES256_KEY_SIZE, SIV_DIGEST_SIZE, + 0, /* No in-place operation. */ (nettle_set_key_func*) siv_cmac_aes256_set_key, (nettle_set_key_func*) siv_cmac_aes256_set_key, (nettle_encrypt_message_func*) siv_cmac_aes256_encrypt_message, diff --git a/testsuite/testutils.c b/testsuite/testutils.c index 74059c53..3420ae9d 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@ -917,6 +917,9 @@ test_aead_message (const struct nettle_aead_message *aead, { void *ctx = xalloc (aead->context_size); uint8_t *buf = xalloc (cipher->length + 1); + uint8_t *copy = xalloc (cipher->length); + + static const uint8_t nul = 0; int res; ASSERT (key->length == aead->key_size); @@ -943,26 +946,7 @@ test_aead_message (const struct nettle_aead_message *aead, FAIL(); } aead->set_decrypt_key (ctx, key->data); -#if 0 - /* First try in-place decrypt. FIXME: Not supported for SIV. */ - res = aead->decrypt (ctx, - nonce->length, nonce->data, - adata->length, adata->data, - clear->length, buf, buf); - if (!res) - { - fprintf (stderr, "in-place decrypting valid ciphertext failed:\n "); - tstring_print_hex (cipher); - } - if (!MEMEQ (clear->length, clear->data, buf)) - { - fprintf(stderr, "aead->decrypt (in place message) failed:\n got: "); - print_hex (clear->length, buf); - fprintf (stderr, " exp: "); - tstring_print_hex (clear); - FAIL(); - } -#endif + memset (buf, 0xae, clear->length + 1); res = aead->decrypt (ctx, @@ -993,39 +977,84 @@ test_aead_message (const struct nettle_aead_message *aead, fprintf (stderr, "Invalid message (truncated) not rejected\n"); FAIL(); } - memcpy (buf, cipher->data, cipher->length); - buf[0] ^= 4; + memcpy (copy, cipher->data, cipher->length); + copy[0] ^= 4; if (aead->decrypt (ctx, nonce->length, nonce->data, adata->length, adata->data, - clear->length, buf, buf)) + clear->length, buf, copy)) { fprintf (stderr, "Invalid message (first byte modified) not rejected\n"); FAIL(); } - memcpy (buf, cipher->data, cipher->length); - buf[cipher->length - 1] ^= 4; + memcpy (copy, cipher->data, cipher->length); + copy[cipher->length - 1] ^= 4; if (aead->decrypt (ctx, nonce->length, nonce->data, adata->length, adata->data, - clear->length, buf, buf)) + clear->length, buf, copy)) { fprintf (stderr, "Invalid message (last byte modified) not rejected\n"); FAIL(); } - memcpy (buf, adata->data, adata->length); - if (adata->length == 0) - buf[0] = 0; if (aead->decrypt (ctx, nonce->length, nonce->data, - adata->length ? adata->length /* - 1 */ : 1, buf, + adata->length > 0 ? adata->length - 1 : 1, + adata->length > 0 ? adata->data : &nul, clear->length, buf, cipher->data)) { fprintf (stderr, "Invalid adata not rejected\n"); FAIL(); } + + /* Test in-place operation. NOTE: Not supported for SIV-CMAC. */ + if (aead->supports_inplace) + { + aead->set_encrypt_key (ctx, key->data); + buf[cipher->length] = 0xae; + + memcpy (buf, clear->data, clear->length); + aead->encrypt (ctx, + nonce->length, nonce->data, + adata->length, adata->data, + cipher->length, buf, buf); + if (!MEMEQ (cipher->length, cipher->data, buf)) + { + fprintf(stderr, "aead->encrypt (in-place message) failed:\n got: "); + print_hex (cipher->length, buf); + fprintf (stderr, " exp: "); + tstring_print_hex (cipher); + FAIL(); + } + if (buf[cipher->length] != 0xae) + { + fprintf (stderr, "aead->encrypt (in-place message) wrote too much.\n "); + FAIL(); + } + + res = aead->decrypt (ctx, + nonce->length, nonce->data, + adata->length, adata->data, + clear->length, buf, buf); + if (!res) + { + fprintf (stderr, "in-place decrypting valid ciphertext failed:\n "); + tstring_print_hex (cipher); + } + if (!MEMEQ (clear->length, clear->data, buf)) + { + fprintf(stderr, "aead->decrypt (in-place message) failed:\n got: "); + print_hex (clear->length, buf); + fprintf (stderr, " exp: "); + tstring_print_hex (clear); + FAIL(); + } + } + free (ctx); + free (buf); + free (copy); } void diff --git a/testsuite/testutils.h b/testsuite/testutils.h index 7606cc3a..687bcd73 100644 --- a/testsuite/testutils.h +++ b/testsuite/testutils.h @@ -97,6 +97,7 @@ struct nettle_aead_message unsigned context_size; unsigned key_size; unsigned digest_size; + int supports_inplace; nettle_set_key_func *set_encrypt_key; nettle_set_key_func *set_decrypt_key; nettle_encrypt_message_func *encrypt; |