Add tests for mbedtls_cipher_crypt API

1. Add tests for 'mbedtls_cipher_crypt()' API 2. Resolves #1091, by ignoring IV when the cipher mode is MBEDTLS_MODE_ECB
2026-03-25 13:13:18 +00:00 · 2017-09-25 17:03:12 +03:00
parent 7d728bd70e
commit 7b01244b99
4 changed files with 686 additions and 3 deletions
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -107,7 +107,7 @@ void cipher_special_behaviours( )
    memset( iv, 0, sizeof( iv ) );

    /* Check and get info structures */
-    cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
+    cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_CBC );
    TEST_ASSERT( NULL != cipher_info );

    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
@@ -120,6 +120,12 @@ void cipher_special_behaviours( )
    TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, 0 )
                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );

+	mbedtls_cipher_free( &ctx );
+	cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
+    TEST_ASSERT( NULL != cipher_info );
+
+    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );
+
    /* Update ECB with partial block */
    TEST_ASSERT( mbedtls_cipher_update( &ctx, input, 1, output, &olen )
                 == MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
@@ -690,6 +696,55 @@ exit:
 }
 /* END_CASE */

+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
+void test_vec_crypt( int cipher_id, int operation, char *hex_key,
+                   char *hex_iv, char *hex_input, char *hex_result,
+                   int finish_result )
+{
+    unsigned char key[50];
+    unsigned char input[16];
+    unsigned char result[16];
+    unsigned char iv[16];
+    size_t key_len, iv_len, inputlen, resultlen;
+    mbedtls_cipher_context_t ctx;
+    unsigned char output[32];
+    size_t outlen;
+
+    mbedtls_cipher_init( &ctx );
+
+    memset( key, 0x00, sizeof( key ) );
+    memset( input, 0x00, sizeof( input ) );
+    memset( result, 0x00, sizeof( result ) );
+    memset( output, 0x00, sizeof( output ) );
+    memset( iv, 0x00, sizeof( iv ) );
+
+    /* Prepare context */
+    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
+                                       mbedtls_cipher_info_from_type( cipher_id ) ) );
+
+    key_len = unhexify( key, hex_key );
+    inputlen =  unhexify( input, hex_input );
+    resultlen = unhexify( result, hex_result );
+
+    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, operation ) );
+    if( MBEDTLS_MODE_CBC == ctx.cipher_info->mode )
+        TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, MBEDTLS_PADDING_NONE ) );
+
+	iv_len = unhexify( iv, hex_iv );
+
+    TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv_len ? iv : NULL,
+                                                        iv_len, input, inputlen,
+                                                        output, &outlen ) );
+    TEST_ASSERT( resultlen == outlen );
+    /* check plaintext only if everything went fine */
+    if( 0 == finish_result )
+        TEST_ASSERT( 0 == memcmp( output, result, outlen ) );
+
+exit:
+    mbedtls_cipher_free( &ctx );
+}
+/* END_CASE */
+
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
 void set_padding( int cipher_id, int pad_mode, int ret )
 {