--- /dev/null
+################## Check tag_len for algo and bcm ##################
+
+################## AES ##################
+
+################## CCM ##################
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=3
+valid=0
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=4
+valid=1
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=5
+valid=0
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=6
+valid=1
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=7
+valid=0
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=8
+valid=1
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=9
+valid=0
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=10
+valid=1
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=11
+valid=0
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=12
+valid=1
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=13
+valid=0
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=14
+valid=1
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=15
+valid=0
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=16
+valid=1
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=17
+valid=0
+
+algo=AES
+bcm=CCM
+key_len=128
+iv_len=64
+tag_len=18
+valid=0
+
--- /dev/null
+################## Check tag_len for algo and bcm ##################
+
+################## AES ##################
+
+################## GCM ##################
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=3
+valid=0
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=4
+valid=1
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=5
+valid=0
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=6
+valid=0
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=7
+valid=0
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=8
+valid=1
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=9
+valid=0
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=10
+valid=0
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=11
+valid=0
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=12
+valid=1
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=13
+valid=1
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=14
+valid=1
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=15
+valid=1
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=16
+valid=1
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=17
+valid=0
+
+algo=AES
+bcm=GCM
+key_len=128
+iv_len=64
+tag_len=18
+valid=0
+
iv_length_list = [0, 56, 64, 96, 104, 128, 256]
+tag_len_list = range(3, 18 + 1, 1)
+
openssl_cmd_params = [
"-aes-128-ecb",
"-aes-192-ecb",
self.bcm_list = bcm_list
class Bcm:
- def __init__(self, iv_len_list):
+ def __init__(self, iv_len_list, tag_len_list = None):
self.iv_len_list = iv_len_list
+ if tag_len_list != None:
+ self.tag_len_list = tag_len_list
+ else:
+ tag_len_list = []
def set_valid_iv_len(self, iv_len_list):
self.iv_len_list = iv_len_list
('CFB1', Bcm([128])),
('CFB8', Bcm([128])),
('ECB', Bcm([0])),
- ('GCM', Bcm(range(24, 256 + 8, 8))),
- ('CCM', Bcm(range(56, 104 + 8, 8))),
+ ('GCM', Bcm(range(24, 256 + 8, 8), [4, 8, 12, 13, 14, 15, 16])),
+ ('CCM', Bcm(range(56, 104 + 8, 8), range(4, 16 + 2, 2))),
('CTR', Bcm([128])),
('WRAP', Bcm([64])),
]))
-
des = Algorithm([64])
des.set_bcm(OrderedDict([
('CBC', Bcm([64])),
out_file.write(containers.separator + ' ' + string + ' ' + containers.separator +\
os.linesep + os.linesep)
-def write_set(algo_name, bcm, key_len, iv_len, out_file, valid=None):
+def write_set(algo_name, bcm, key_len, iv_len, out_file, valid = None, tag_len = None):
out_file.write('algo=' + algo_name + os.linesep)
out_file.write('bcm=' + bcm + os.linesep)
out_file.write('key_len=' + str(key_len) + os.linesep)
out_file.write('iv_len=' + str(iv_len) + os.linesep)
+ if tag_len != None:
+ out_file.write('tag_len=' + str(tag_len) + os.linesep)
if valid != None:
out_file.write('valid=' + valid + os.linesep)
out_file.write(os.linesep)
check_key_len_for_algo(out_file)
check_iv_len_for_algo_bcm(out_file)
+def generate_tag_len_comb_for_algo_bcm(out_file, algo_name, bcm_name):
+ add_description(out_file, 'Check tag_len for algo and bcm')
+ algo = containers.valid_database[algo_name]
+ bcm = algo.bcm_list[bcm_name]
+ key_len = algo.key_len_list[0]
+
+ add_description(out_file, algo_name)
+ add_description(out_file, bcm_name)
+ iv_len = containers.default_iv_len(algo, bcm)
+ for tag_len in containers.tag_len_list:
+ valid = str(int(tag_len in bcm.tag_len_list))
+ write_set(algo_name, bcm_name, key_len, iv_len, out_file, valid, tag_len)
+
+def generate_combs(out_file):
+ check_bcm_for_algo(out_file)
+ check_key_len_for_algo(out_file)
+ check_iv_len_for_algo_bcm(out_file)
+
def main():
file_name = 'encrypt_param_comb.txt'
out_file = open(file_name, 'w')
generate_valid_combs_only(out_file, exclude_gcm_ccm_wrap)
out_file.close()
+ file_name = 'encrypt_aes_gcm_tag_len.txt'
+ out_file = open(file_name, 'w')
+ generate_tag_len_comb_for_algo_bcm(out_file, 'AES', 'GCM')
+ out_file.close()
+
+ file_name = 'encrypt_aes_ccm_tag_len.txt'
+ out_file = open(file_name, 'w')
+ generate_tag_len_comb_for_algo_bcm(out_file, 'AES', 'CCM')
+ out_file.close()
+
if __name__ == "__main__":
main()
YACA_SUCCESS(yaca_context_set_property(m_decCtxPtr.get(), YACA_PROPERTY_RC2_EFFECTIVE_KEY_BITS,
(char*)(&key_bits), sizeof(key_bits)));
}
+
+ int set_tag_len(yaca_block_cipher_mode_e bcm, size_t tag_len)
+ {
+ switch (bcm) {
+ case YACA_BCM_GCM:
+ return yaca_context_set_property(m_enCtxPtr.get(), YACA_PROPERTY_GCM_TAG_LEN,
+ (void*)&tag_len, sizeof(tag_len));
+ case YACA_BCM_CCM:
+ return yaca_context_set_property(m_enCtxPtr.get(), YACA_PROPERTY_CCM_TAG_LEN,
+ (void*)&tag_len, sizeof(tag_len));
+ default:
+ return YACA_ERROR_INVALID_PARAMETER;
+ }
+ }
+
private:
CtxPtr m_enCtxPtr;
CtxPtr m_decCtxPtr;
}
}
+void test_vector_gcm_tag_len(size_t key_len,
+ size_t iv_len,
+ size_t tag_len,
+ bool valid)
+{
+ auto key_ptr = generate_key(YACA_KEY_TYPE_SYMMETRIC, key_len);
+ auto iv_ptr = generate_key(YACA_KEY_TYPE_IV, iv_len);
+
+ int expected = YACA_ERROR_NONE;
+ if (!valid)
+ expected = YACA_ERROR_INVALID_PARAMETER;
+
+ Encryptor encryptor(YACA_ENCRYPT_AES, YACA_BCM_GCM, key_ptr, iv_ptr);
+ encryptor.encrypt(DATA);
+
+ YACA_RESULT(expected, encryptor.set_tag_len(YACA_BCM_GCM, tag_len));
+}
+
+void test_vector_ccm_tag_len(size_t key_len,
+ size_t iv_len,
+ size_t tag_len,
+ bool valid)
+{
+ auto key_ptr = generate_key(YACA_KEY_TYPE_SYMMETRIC, key_len);
+ auto iv_ptr = generate_key(YACA_KEY_TYPE_IV, iv_len);
+
+ int expected = YACA_ERROR_NONE;
+ if (!valid)
+ expected = YACA_ERROR_INVALID_PARAMETER;
+
+ Encryptor encryptor(YACA_ENCRYPT_AES, YACA_BCM_CCM, key_ptr, iv_ptr);
+
+ YACA_RESULT(expected, encryptor.set_tag_len(YACA_BCM_CCM, tag_len));
+}
+
}//namespace anonymous
RUNNER_TEST_GROUP_INIT(T3000_YACA_ENCRYPT);
YACA_ASSERT_MSG(DATA.size() == decrypt_output.size(), "Size after encrypt-decrypt differs\n");
YACA_ASSERT_MSG(DATA == decrypt_output, "Text after encrypt-decrypt has changed\n");
}
+
+RUNNER_TEST(T3130_yaca_aes_gcm_tag_len_combs_invalid_param, YacaTest)
+{
+ auto tvv = loadTestVector("encrypt_aes_gcm_tag_len.txt");
+
+ for (const auto& tv : tvv) {
+ size_t key_len;
+ size_t iv_len;
+ size_t tag_len;
+ bool valid;
+
+ tv.get("key_len", key_len);
+ tv.get("iv_len", iv_len);
+ tv.get("tag_len", tag_len);
+ tv.get("valid", valid);
+
+ test_vector_gcm_tag_len(key_len, iv_len, tag_len, valid);
+ }
+}
+
+RUNNER_TEST(T3140_yaca_aes_ccm_tag_len_combs_invalid_param, YacaTest)
+{
+ auto tvv = loadTestVector("encrypt_aes_ccm_tag_len.txt");
+
+ for (const auto& tv : tvv) {
+ size_t key_len;
+ size_t iv_len;
+ size_t tag_len;
+ bool valid;
+
+ tv.get("key_len", key_len);
+ tv.get("iv_len", iv_len);
+ tv.get("tag_len", tag_len);
+ tv.get("valid", valid);
+
+ test_vector_ccm_tag_len(key_len, iv_len, tag_len, valid);
+ }
+}
projects / platform / core / test / security-tests.git / commitdiff